diff --git a/inventories/default.nix b/inventories/default.nix index 28dec79..520f8d8 100644 --- a/inventories/default.nix +++ b/inventories/default.nix @@ -5,6 +5,7 @@ tags = { glom = [ "vega" ]; b4l = [ "rigel" ]; + fax-bridge = [ ]; }; instances = { @@ -48,6 +49,14 @@ roles.peer.tags.b4l = { }; }; + yggdrasil = { + module = { + name = "yggdrasil"; + input = "self"; + }; + roles.default.tags."fax-bridge" = { }; + }; + pocket-id = { module = { name = "pocket-id"; diff --git a/modules/clan/yggdrasil/default.nix b/modules/clan/yggdrasil/default.nix new file mode 100644 index 0000000..6986ac2 --- /dev/null +++ b/modules/clan/yggdrasil/default.nix @@ -0,0 +1,51 @@ +{ ... }: +{ + _class = "clan.service"; + manifest.name = "yggdrasil"; + manifest.description = "An in scalable routing as an encrypted IPv6 overlay network"; + manifest.categories = [ "System" ]; + + roles.default = { + perInstance.nixosModule = + { + lib, + config, + pkgs, + ... + }: + { + clan.core.vars.generators.yggdrasil = { + files = { + yggdrasil-secret = { + secret = true; + }; + yggdrasil-ip = { + secret = false; + }; + }; + runtimeInputs = with pkgs; [ + yggdrasil + jq + ]; + script = '' + yggdrasil -genconf -json | jq {PrivateKey} > $out/yggdrasil-secret + cat $out/yggdrasil-secret | yggdrasil -useconf -address | tr -d "\n" > $out/yggdrasil-ip + ''; + }; + + services.yggdrasil = { + enable = lib.mkDefault true; + configFile = config.clan.core.vars.generators.yggdrasil.files.yggdrasil-secret.path; + settings = { + Peers = [ + # US Peers + "tls://ygg.jjolly.dev:3443" + "tls://[2602:fc24:18:7a42::1]:993" + "tcp://leo.node.3dt.net:9002" + "tcp://ygg-kcmo.incognet.io:8883" + ]; + }; + }; + }; + }; +} diff --git a/modules/clan/yggdrasil/flake-module.nix b/modules/clan/yggdrasil/flake-module.nix new file mode 100644 index 0000000..dbb624f --- /dev/null +++ b/modules/clan/yggdrasil/flake-module.nix @@ -0,0 +1,23 @@ +{ + lib, + inputs, + self, + ... +}: +let + module = lib.modules.importApply ./default.nix { }; +in +{ + clan.modules = { + yggdrasil = module; + }; + perSystem = + { ... }: + { + # clan.nixosTests.yggdrasil = { + # imports = [ ./tests/vm/default.nix ]; + # + # clan.modules."@clan/yggdrasil" = module; + # }; + }; +} diff --git a/modules/clan/yggdrasil/tests/vm/default.nix b/modules/clan/yggdrasil/tests/vm/default.nix new file mode 100644 index 0000000..a4534e1 --- /dev/null +++ b/modules/clan/yggdrasil/tests/vm/default.nix @@ -0,0 +1,37 @@ +{ + ... +}: +{ + name = "service-yggdrasil"; + + clan = { + directory = ./.; + inventory = { + machines.server = { }; + + instances = { + yggdrasil-test = { + module.name = "@clan/yggdrasil"; + module.input = "self"; + roles.default.machines."server".settings = { }; + }; + }; + }; + }; + + nodes = { + server = { + services.yggdrasil = { + }; + }; + }; + + testScript = '' + start_all() + + server.wait_for_unit("yggdrasil") + + # Check that garage is running + server.succeed("systemctl status yggdrasil") + ''; +} diff --git a/modules/clan/yggdrasil/tests/vm/sops/machines/server/key.json b/modules/clan/yggdrasil/tests/vm/sops/machines/server/key.json new file mode 100755 index 0000000..6b974fb --- /dev/null +++ b/modules/clan/yggdrasil/tests/vm/sops/machines/server/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age12ldrhhffl0jeteh8f0rzhezs0ulggg5jyqph6xzrgjw2dv40pqwq49lej9", + "type": "age" + } +] \ No newline at end of file diff --git a/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/secret b/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/secret new file mode 100644 index 0000000..99a7a21 --- /dev/null +++ b/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/secret @@ -0,0 +1,15 @@ +{ + "data": "ENC[AES256_GCM,data:pGMobS67sLp2GN2Xw7A/trcLYnQdVZCUbjtlwS/AShXxyXgHXzkqRee6R765GZyCpDwM8A1IuMZYctrqWxVXrpIAiJpwvwy7vDM=,iv:ysRf5xAXN+dFSx+sFHNDt1GcVQx7RLej4c12v60iSI0=,tag:yXYpWhWLdsz9BOOoKpZU4g==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2UmhPdzcrSnFhVUxRNDBL\ncXlGRzdMdWxCWmFlUkE4RnJRQ3psMlBqV0Q0CkRjTXFoQitQbjRhMlVjaDc3UDN1\nR1hBeXlCeWxvdnZoVWI1ZkcweHF5VncKLS0tIHE4YVFhYTZTNko1MnJINjFPYXh4\ndlJJZThGZ0JIaDJWRTNXbXk3alNZTnMKgd+0535zoTu6xW2778uNReu4Z7LStN6d\n1O9SXAB+s1iOZ3xGEICiQTVF/6p8RE6lheV2oXgoMiXXrFNH6INLsw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-10-17T05:34:34Z", + "mac": "ENC[AES256_GCM,data:YIpKJlOI6ASgOYqv9ipu+T3c+PlM5HwvdFVH8gh8hVeSbmxD1baPPmVSWlLv+u61Q1/C9PK4mczaASopaGiLoswep+Hc1Gn7sSeP9wO6Djx6fEIEyE1VUhUbTqi/nHYiB21yB/wegfpqzNYIn1nO0oFCmDmSS5qIowcT1fhYIjM=,iv:lzxll5oC7poLvC/hZPexUGAcAdf67xZGRXUpj6O3p6Y=,tag:9xu17Y5MtW5XNzGBsWwA3g==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/users/admin b/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/users/admin new file mode 120000 index 0000000..9e21a99 --- /dev/null +++ b/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/users/admin @@ -0,0 +1 @@ +../../../users/admin \ No newline at end of file diff --git a/modules/clan/yggdrasil/tests/vm/sops/users/admin/key.json b/modules/clan/yggdrasil/tests/vm/sops/users/admin/key.json new file mode 100644 index 0000000..e408aa9 --- /dev/null +++ b/modules/clan/yggdrasil/tests/vm/sops/users/admin/key.json @@ -0,0 +1,4 @@ +{ + "publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "type": "age" +} diff --git a/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-ip/value b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-ip/value new file mode 100644 index 0000000..3de6a90 --- /dev/null +++ b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-ip/value @@ -0,0 +1 @@ +204:5ce7:aa27:579b:ec90:6907:4ddc:177 diff --git a/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/machines/server b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/machines/server new file mode 120000 index 0000000..2bd819e --- /dev/null +++ b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/machines/server @@ -0,0 +1 @@ +../../../../../../sops/machines/server \ No newline at end of file diff --git a/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/secret b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/secret new file mode 100644 index 0000000..72d9d19 --- /dev/null +++ b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:I6yalWQ2u5hI84lJTUmh07JxUBp4EZukJrSGSN7wsGiUGlFa1v/RT1XkTiXuRjDtUVYCLmQmfSCAp/OqFscxF8KL+s24iTDrG4e3S6AeKLa3oZrNJIt1EJ06gWrPNoh1ttmwXSd4Y4Bsk4Lg8vIjH4qw3Bx+KrufxYTqe+anfMdoXKnW8wOWud5O7HMvCh+sf4dNcf6PIQ==,iv:SF5qExXNPyif+LIcNhHP0PKELUBXaFsPj9B3wvUkEp0=,tag:QEkZXDrIdcpNiZ6l2ljOPw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age12ldrhhffl0jeteh8f0rzhezs0ulggg5jyqph6xzrgjw2dv40pqwq49lej9", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBENDhrWVRuYjRnZktROU4v\nSHNtODFGMWl0NDRHazIwcWl0WGtNY2dYMXhnCmZQQ0doS3BTaU5hRHVsVTB5THl1\nWUNDQUNiMVJFeFZnQ1ptYmFQdTJQc28KLS0tIEtJdUQ5Y1VqSThkSVVNcVNVNEFr\nMzBCRjM1L1V5TngrZG5rR0VHY3Z6TDAKPQ6P96upDeh8xwQDrX4Zcf71Dah5zkOJ\n/F5eODEBadzQSRmJuyp3+uRMFf47eR6Q5bVah3NsVxFquXOL3CtNlw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHb0EwT2tuMVE5SE5XaWdQ\ncGR0bFFhOUQvM2dGUzdlUEFFbzRnTHBWWUVnCjFGTXcrWW1vR0x5dXBUamtkS0dF\neG9weUVwQzhhNHhPRUdqV1VnWXJyNFEKLS0tIC80b1ZqRGFOenpENDN1Vk5vRUhY\nVnJzZ1Q5VzZ6ZEZtZE13YjQ0VVhrTTAK5y0BjKBRg2AXuO416JWLMLyM/pCQChKn\nVKZMXcT6cc5hHDuqbp9qUofknF68XnzlH6nOyLB1ZtnELyeZuf29fw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-10-17T05:34:35Z", + "mac": "ENC[AES256_GCM,data:Y3k83RaeX64LA3rsIkQxyKw+LLUgXVsqr3F2UHkv9h73gkyChc6k1oE/FLR4CsZZWsfLNjCkPMuenqToA2mKqQK0aADwPDYo0aVm0hr1PGX5j3Py6EmP56NFvxlAQsExRWo32eqdkeCkY23hfcmUYlaB+bo/fsrRVj67zag9GYA=,iv:p18i8cV6jKXpuZ1Xd7KYCl8BMe1/8CW9YnCuVrTAqy0=,tag:IJnLzdZOn8Clu+lCKT6zvA==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/users/admin b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/users/admin new file mode 120000 index 0000000..ca714e1 --- /dev/null +++ b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/vars/per-machine/b4l/yggdrasil/yggdrasil-ip/value b/vars/per-machine/b4l/yggdrasil/yggdrasil-ip/value new file mode 100644 index 0000000..6e6b240 --- /dev/null +++ b/vars/per-machine/b4l/yggdrasil/yggdrasil-ip/value @@ -0,0 +1 @@ +200:ada9:8363:202b:faf:be:92ab:e46d \ No newline at end of file diff --git a/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/groups/admins b/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/machines/b4l b/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/machines/b4l new file mode 120000 index 0000000..72e1b85 --- /dev/null +++ b/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/machines/b4l @@ -0,0 +1 @@ +../../../../../../sops/machines/b4l \ No newline at end of file diff --git a/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/secret b/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/secret new file mode 100644 index 0000000..5f8b086 --- /dev/null +++ b/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/secret @@ -0,0 +1,47 @@ +{ + "data": "ENC[AES256_GCM,data:NSyWVWXMxoTR07uaLUYX6rHB17wsIB53FZHSsPxgDKJQ2wHBPFNaHSYh+BiSo+IrX+YcdUUqJFhEkjWDyG+vXaNZHrMbg/pzZ/cwTK/lPbYISkwtOhgr3zCA0H6DmQcHVmvR6fsdRDkFwl7pHtn1RMjEORQdbBINtscZfzZFcAF2L1t+WPFxgRKQDNT/9l3f4SoBcuakyg==,iv:/5JbEZ/vj/4I+eEElOY0cnhiYzqqPw2ZKLv2M/xkstw=,tag:23exDL72g56bP7ZbMsK4mA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTYUFSZGpmd2tmdzB6bkp5\naytPd1RhVWFqeXF3SDZia3QzUmRNNGpzcjBFCnl3VElLdXFvV0tFSEFlV3hRMzFH\nbnBnWVZ2QkRHZ1BoTEZxdFg4QWE4ckkKLS0tIHhSMlBKakxmM0xyeUphKytLTmpk\nVW90V05hTUEyTVNMQzZHN2xhYTBZRGcK/nJOIM4m56TE7KKmn/QH89g053mmuKKG\nQYs/86SWdLPqwL35FstQg2xDIHSxkDcoMSGc+C+/xdOjWV3qLil/DQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYaU9idi9RZzhNeXhTb0pp\nUkZ3UVpsZlBka2kvZDBqcVhiRVdMNVFZbEJNCkhvdmFaVTBGcVAvalJPSlFuZHhi\nTE9qeTBMMjk2djhFUEdJbWZmTnN3WnMKLS0tIDludThMRDFDUHhCZVV3bUtVdVBZ\neGg4TzdqVjJPeUxYbnBWNURRSWRrMkEKBCACDZgHG5eVKcSdjHDITJZqgR7cHdHq\n9y8qS3YjaFZ37Ui6Lmb9vJEzDCEy3wEupBy4sbAX4okVapGPJ4fmwg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHJtSTZrY29X\nVTZNQm9XS3JsbEZCNDFUR1gxZXpObDdKRmQzUnRZMytOaFEgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpYN2xlOFVDZFlEOHhTMGZTVDNjdjdU\ndWlqd2ROamdmelp4UjAyVitnYVQwCi0tLSBZWmVWc2J4YVhLN3VyMTQwamtYRW5K\nWVovUEp3YlN5WjA1VE10MElWMllvCiLrLLekRkmSL5ekLIcFMoqgeEPXSrn15JDd\neKT9sbYtwhB7vt2L57fDRfaF/+7wNb9y6cv2oi+EdDoDXp/EyB4=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGxiRWYyUmwv\nVjlEdS9LOVV2K1NwdDFhYWM5RS9LcTZFNkNaMWViMkl5bmMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpUQkk4NGZPVWRTbG5MNk9CTStSUXFi\nbXlGemlJR2o2dTB6QUE2Q2JKSnE4Ci0tLSBzZjRva2NtNHlRamNvQWpoZW1UWFMr\nQVdNYXBpOFVhaEVxWm1KNFM4UHJvCnebMj6d/+e0vp00Gb02qJtUp2+mEpF/jUpD\n25cxeoSAWPAhfnBgE+oLzQqnQSq5dCxsWteE/1eOXC68koeT9FY=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIC9udm9sRDBJ\nNFM4dFA2ZDdJMlBXeXYvakM5RHVzNlcrRitzUHF6dnBvMVkgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpKZnBka3YzK0tUQ1hXTHVheE45Mzkw\ncE04aVVPQWM1eURmb1JaNlBwVlFFCi0tLSBHTlY4UW5FQXExK2cvMUJDZE9NaURy\nOFUxN0dvczJtWlVRc29QWlZ1bGg0CvUoAmTgDVSF7SPpqnkFhkCUn3N/Yr4Tzodw\nyCiD7U/KYFavEIxGIeg+ClhLF9o4fYq9kk8ld0vU8qUADXBdRDE=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvTUEyUndkSk1iQTB3eUpp\nb0ljaXpwdi9QYmdNV1J3L0NhWElRVzlnNTFVCnZ6Q01ESWRNMHRxdWZKM0lYTXBX\ncko5VitPdWk0UHpwWDhGNzFVZk4yYzgKLS0tIGVRdG5rWkYwOFlCQWNIWFBRalVE\nMmFtOHBvbUw5YXAvMG93MjBrRjdmMGMKlopySr6HS6vfFHiRcwlJz/qy7jzyS1Nf\nw4lw7QnOrvOkoutiK3HiIia5N6V0jd0TV7nJqIu7tz/zYksbzps7QQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzVTZNTUM5UXowWTlPRDFW\nVUJTbStFcldHbTVDUVRJYjNiaklWRmowTHdnCkJNbUtmdk1jS3kyaVNWVFlOTytX\nKzBwTmxoZi9NdmJuRFNMNTUyRThNUDQKLS0tIENSMHZ5TGwxQ0xuZkZFQ3RJdGEv\nSXIvYW9WY243cTdzZEtra292K0JFVlEKMWhG/7R00uqLb5l5lU3p9Vt4pre6J85r\nIFWtg1G/54KaFt8aiWcD5RUSSARGZ3r4qVtO+9eWP+gA4DUpSNkWNw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5WVlWMHJNbERKUGx0elgx\nUEF1Sms4VCtNRVRraWdvUkFEaTRzYTJ0TTFZCnl0aTIxR1QyQ1VsU0RFNnN1NzBr\neTVQbHJHQjAvYklFVkZkUDRXRGxvSkEKLS0tIHdINHFyQVE2V1V1R1ZxWEFuMm5x\nUVRjSVp6NStGSkQyQ05JVHlXejBEbWsKBlMvtw9MCReN1eSHKMwwsWaEF8kq1Pns\nLNSYEeWABZ5bbPB1xBvmIIlVFThJqgy5mBVJLzQMUwqb0IvixAgFxQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaSmNiVWlRSy91Mm5qSWJ5\nd2Z4WnEydE9ncWwzUVVCMDVoek1wRTFyOFJjCkZjOVZrVHY5d3FKRmMvaXJQWUtU\neGpSZkZITkJaOERkdWZpelA5dTJQOEkKLS0tIEtZOUNJSytYTFpSTWNuY3JjcnJv\nbFZpTXQxc29Pd1FIN0xrcEJYc3ZlV0kKyO/PLn2WNdVtTqM8cG1XFqV/5YdSqPAY\nvroStGVsLliV7W4T2MAmACeyjoMde9/gVosKfGc6awE+Bi2BUxrqpw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-10-17T07:22:09Z", + "mac": "ENC[AES256_GCM,data:OxeLto6aeiTOX8OffRsQzxyluSdva7y3j4j67c+MI1ost+QCZyGAW/5pr2mMaoU2XrwYqUjZTKBhJ9p1FY6C29/EhyzrNhGUTjC5iTcXO1lbLUTgoSDN8KPmVea97sTa+easVHoSgnPLxisG2yCALv95k9/eQ7vF9FRjBBNTaIU=,iv:FQeojhtnKOlqWuQNJo1TmI/PhjYbgwtvK24gZMjbbpM=,tag:Vwum5bSSZRNNDQ3Yudw4hQ==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/users/kurogeek b/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/b4l/yggdrasil/yggdrasil-secret/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file