diff --git a/inventories/default.nix b/inventories/default.nix index ce86bd7..ac2e43f 100644 --- a/inventories/default.nix +++ b/inventories/default.nix @@ -138,6 +138,23 @@ ]; }; + newedge-headscale = { + module = { + name = "headscale"; + input = "self"; + }; + roles.server.machines."alasia".settings = { + public_url = "tailvpn.public.newedge.house"; + base_domain = "tailnet.newedge.house"; + advertise_routes = [ "10.0.10.0/24" ]; + nameservers = [ + "10.0.10.82" + "1.1.1.1" + "8.8.8.8" + ]; + }; + }; + yggdrasil-phone-network = { module = { name = "yggdrasil"; diff --git a/inventory.json b/inventory.json index 8874849..967df45 100644 --- a/inventory.json +++ b/inventory.json @@ -41,6 +41,9 @@ }, "procyon": { "installedAt": 1775458442 + }, + "alasia": { + "installedAt": 1778661666 } } -} +} \ No newline at end of file diff --git a/machines/alasia/configuration.nix b/machines/alasia/configuration.nix new file mode 100644 index 0000000..096c86d --- /dev/null +++ b/machines/alasia/configuration.nix @@ -0,0 +1,15 @@ +{ + clan.core.settings.machine.description = "VM machine to host headplane instance"; + + nixpkgs.hostPlatform = { + system = "x86_64-linux"; + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; + + system.stateVersion = "25.11"; + clan.core.sops.defaultGroups = [ "admins" ]; +} diff --git a/machines/alasia/disko.nix b/machines/alasia/disko.nix new file mode 100644 index 0000000..206ded0 --- /dev/null +++ b/machines/alasia/disko.nix @@ -0,0 +1,85 @@ +let + hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}"; + os = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0"; +in +{ + + boot.loader = { + systemd-boot = { + enable = true; + }; + efi = { + canTouchEfiVariables = true; + }; + }; + + boot.zfs.forceImportRoot = false; + + disko.devices = { + disk = { + "os-${hashDisk os}" = { + type = "disk"; + device = os; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "nofail" ]; + }; + }; + system = { + size = "100%"; + content = { + type = "zfs"; + pool = "zroot"; + }; + }; + }; + }; + }; + }; + zpool = { + zroot = { + type = "zpool"; + rootFsOptions = { + mountpoint = "none"; + compression = "lz4"; + acltype = "posixacl"; + xattr = "sa"; + "com.sun:auto-snapshot" = "true"; + }; + options.ashift = "12"; + datasets = { + "root" = { + type = "zfs_fs"; + options.mountpoint = "none"; + }; + "root/nixos" = { + type = "zfs_fs"; + options.mountpoint = "/"; + mountpoint = "/"; + }; + "root/home" = { + type = "zfs_fs"; + options.mountpoint = "/home"; + mountpoint = "/home"; + }; + "root/tmp" = { + type = "zfs_fs"; + mountpoint = "/tmp"; + options = { + mountpoint = "/tmp"; + sync = "disabled"; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/alasia/facter.json b/machines/alasia/facter.json new file mode 100644 index 0000000..0444a21 --- /dev/null +++ b/machines/alasia/facter.json @@ -0,0 +1,1769 @@ +{ + "version": 1, + "system": "x86_64-linux", + "virtualisation": "kvm", + "hardware": { + "bios": { + "apm_info": { + "supported": false, + "enabled": false, + "version": 0, + "sub_version": 0, + "bios_flags": 0 + }, + "vbe_info": { + "version": 0, + "video_memory": 0 + }, + "pnp": false, + "pnp_id": 0, + "lba_support": false, + "low_memory_size": 0, + "smbios_version": 520 + }, + "bridge": [ + { + "index": 8, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "0001", + "value": 1 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.0", + "sysfs_bus_id": "0000:00:1f.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 1, + "secondary_bus": 3, + "prog_if": 0 + }, + "module_alias": "pci:v00001B36d00000001sv00000000sd00000000bc06sc04i00" + }, + { + "index": 9, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0001", + "name": "ISA bridge", + "value": 1 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7000", + "value": 28672 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "model": "Intel ISA bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:01.0", + "sysfs_bus_id": "0000:00:01.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d00007000sv00001AF4sd00001100bc06sc01i00" + }, + { + "index": 10, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 30 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "0001", + "value": 1 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:1e.0", + "sysfs_bus_id": "0000:00:1e.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 1, + "secondary_bus": 2, + "prog_if": 0 + }, + "module_alias": "pci:v00001B36d00000001sv00000000sd00000000bc06sc04i00" + }, + { + "index": 11, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0000", + "name": "Host bridge", + "value": 0 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1237", + "value": 4663 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "Intel Host bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:00.0", + "sysfs_bus_id": "0000:00:00.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d00001237sv00001AF4sd00001100bc06sc00i00" + }, + { + "index": 12, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0080", + "name": "Bridge", + "value": 128 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7113", + "value": 28947 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0003", + "value": 3 + }, + "model": "Intel Bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:01.3", + "sysfs_bus_id": "0000:00:01.3", + "detail": { + "function": 3, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "piix4_smbus", + "driver_module": "i2c_piix4", + "drivers": ["piix4_smbus"], + "driver_modules": ["i2c_piix4"], + "module_alias": "pci:v00008086d00007113sv00001AF4sd00001100bc06sc80i00" + }, + { + "index": 17, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 5 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "0001", + "value": 1 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:05.0", + "sysfs_bus_id": "0000:00:05.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 1, + "secondary_bus": 1, + "prog_if": 0 + }, + "module_alias": "pci:v00001B36d00000001sv00000000sd00000000bc06sc04i00" + } + ], + "cdrom": [ + { + "index": 22, + "attached_to": 15, + "class_list": ["cdrom", "scsi", "block_device"], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 2, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0002", + "name": "CD-ROM", + "value": 2 + }, + "pci_interface": { + "hex": "0003", + "name": "DVD", + "value": 3 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU DVD-ROM", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU DVD-ROM", + "sysfs_id": "/class/block/sr0", + "sysfs_bus_id": "2:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:01.1/ata2/host2/target2:0:0/2:0:0:0", + "unix_device_names": [ + "/dev/cdrom", + "/dev/disk/by-id/ata-QEMU_DVD-ROM_QM00003", + "/dev/disk/by-label/nixos-26.05-x86_64", + "/dev/disk/by-path/pci-0000:00:01.1-ata-2", + "/dev/disk/by-path/pci-0000:00:01.1-ata-2.0", + "/dev/disk/by-uuid/1980-01-01-00-00-00-00", + "/dev/root", + "/dev/sr0" + ], + "unix_device_name2": "/dev/sg1", + "driver": "ata_piix", + "driver_module": "ata_piix", + "drivers": ["ata_piix", "sr"], + "driver_modules": ["ata_piix", "sr_mod"] + } + ], + "cpu": [ + { + "architecture": "x86_64", + "vendor_name": "GenuineIntel", + "model_name": "QEMU Virtual CPU version 2.5+", + "family": 15, + "model": 107, + "stepping": 1, + "features": [ + "fpu", + "de", + "pse", + "tsc", + "msr", + "pae", + "mce", + "cx8", + "apic", + "sep", + "mtrr", + "pge", + "mca", + "cmov", + "pat", + "pse36", + "clflush", + "mmx", + "fxsr", + "sse", + "sse2", + "syscall", + "nx", + "lm", + "rep_good", + "nopl", + "xtopology", + "cpuid", + "tsc_known_freq", + "pni", + "ssse3", + "cx16", + "sse4_1", + "sse4_2", + "x2apic", + "popcnt", + "aes", + "hypervisor", + "lahf_lm", + "cpuid_fault", + "pti" + ], + "bugs": [ + "cpu_meltdown", + "spectre_v1", + "spectre_v2", + "spec_store_bypass", + "l1tf", + "mds", + "swapgs", + "itlb_multihit", + "bhi", + "spectre_v2_user", + "its" + ], + "power_management": [""], + "bogo": 4224, + "cache": 16384, + "page_size": 4096, + "physical_id": 0, + "siblings": 1, + "cores": 1, + "fpu": false, + "fpu_exception": false, + "cpuid_level": 13, + "write_protect": false, + "tlb_size": 32764, + "clflush_size": 64, + "cache_alignment": 128, + "address_sizes": { + "physical": "0x28", + "virtual": "0x30" + } + }, + { + "architecture": "x86_64", + "vendor_name": "GenuineIntel", + "model_name": "QEMU Virtual CPU version 2.5+", + "family": 15, + "model": 107, + "stepping": 1, + "features": [ + "fpu", + "de", + "pse", + "tsc", + "msr", + "pae", + "mce", + "cx8", + "apic", + "sep", + "mtrr", + "pge", + "mca", + "cmov", + "pat", + "pse36", + "clflush", + "mmx", + "fxsr", + "sse", + "sse2", + "syscall", + "nx", + "lm", + "rep_good", + "nopl", + "xtopology", + "cpuid", + "tsc_known_freq", + "pni", + "ssse3", + "cx16", + "sse4_1", + "sse4_2", + "x2apic", + "popcnt", + "aes", + "hypervisor", + "lahf_lm", + "cpuid_fault", + "pti" + ], + "bugs": [ + "cpu_meltdown", + "spectre_v1", + "spectre_v2", + "spec_store_bypass", + "l1tf", + "mds", + "swapgs", + "itlb_multihit", + "bhi", + "spectre_v2_user", + "its" + ], + "power_management": [""], + "bogo": 4224, + "cache": 16384, + "page_size": 4096, + "physical_id": 1, + "siblings": 1, + "cores": 1, + "fpu": false, + "fpu_exception": false, + "cpuid_level": 13, + "write_protect": false, + "tlb_size": 32764, + "clflush_size": 64, + "cache_alignment": 128, + "address_sizes": { + "physical": "0x28", + "virtual": "0x30" + } + } + ], + "disk": [ + { + "index": 23, + "attached_to": 19, + "class_list": ["disk", "scsi", "block_device"], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 1, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0000", + "name": "Disk", + "value": 0 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU HARDDISK", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU HARDDISK", + "sysfs_id": "/class/block/sda", + "sysfs_bus_id": "1:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:05.0/0000:01:01.0/virtio2/host1/target1:0:0/1:0:0:0", + "unix_device_names": [ + "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0", + "/dev/disk/by-path/pci-0000:01:01.0-scsi-0:0:0:0", + "/dev/sda" + ], + "unix_device_name2": "/dev/sg0", + "rom_id": "0x80", + "resources": [ + { + "type": "disk_geo", + "cylinders": 8354, + "heads": 255, + "sectors": 63, + "size": "0x0", + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 134217728, + "value_2": 512 + } + ], + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": ["sd", "virtio_scsi"], + "driver_modules": ["sd_mod", "virtio_scsi"] + } + ], + "graphics_card": [ + { + "index": 16, + "attached_to": 0, + "class_list": ["graphics_card", "pci"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0003", + "name": "Display controller", + "value": 3 + }, + "sub_class": { + "hex": "0000", + "name": "VGA compatible controller", + "value": 0 + }, + "pci_interface": { + "hex": "0000", + "name": "VGA", + "value": 0 + }, + "vendor": { + "hex": "1234", + "value": 4660 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1111", + "value": 4369 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "VGA compatible controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0", + "sysfs_bus_id": "0000:00:02.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "bochs-drm", + "driver_module": "bochs", + "drivers": ["bochs-drm"], + "driver_modules": ["bochs"], + "module_alias": "pci:v00001234d00001111sv00001AF4sd00001100bc03sc00i00" + } + ], + "hub": [ + { + "index": 24, + "attached_to": 7, + "class_list": ["usb", "hub"], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "010a", + "name": "Hub", + "value": 266 + }, + "vendor": { + "hex": "1d6b", + "name": "Linux 6.18.2 uhci_hcd", + "value": 7531 + }, + "device": { + "hex": "0001", + "name": "UHCI Host Controller", + "value": 1 + }, + "revision": { + "hex": "0000", + "name": "6.18", + "value": 0 + }, + "serial": "0000:00:01.2", + "model": "Linux 6.18.2 uhci_hcd UHCI Host Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-0:1.0", + "sysfs_bus_id": "1-0:1.0", + "resources": [ + { + "type": "baud", + "speed": 12000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 0, + "interface_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "hub", + "driver_module": "usbcore", + "drivers": ["hub"], + "driver_modules": ["usbcore"], + "module_alias": "usb:v1D6Bp0001d0618dc09dsc00dp00ic09isc00ip00in00" + } + ], + "memory": [ + { + "index": 5, + "attached_to": 0, + "class_list": ["memory"], + "base_class": { + "hex": "0101", + "name": "Internally Used Class", + "value": 257 + }, + "sub_class": { + "hex": "0002", + "name": "Main Memory", + "value": 2 + }, + "model": "Main Memory", + "resources": [ + { + "type": "phys_mem", + "range": 2013265920 + } + ] + } + ], + "monitor": [ + { + "index": 21, + "attached_to": 16, + "class_list": ["monitor"], + "base_class": { + "hex": "0100", + "name": "Monitor", + "value": 256 + }, + "sub_class": { + "hex": "0002", + "name": "LCD Monitor", + "value": 2 + }, + "vendor": { + "hex": "4914", + "value": 18708 + }, + "device": { + "hex": "1234", + "name": "QEMU Monitor", + "value": 4660 + }, + "serial": "0", + "model": "QEMU Monitor", + "resources": [ + { + "type": "monitor", + "width": 1024, + "height": 768, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1280, + "height": 800, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1600, + "height": 1200, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1920, + "height": 1080, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 2048, + "height": 1152, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 640, + "height": 480, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 800, + "height": 600, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "size", + "unit": "mm", + "value_1": 325, + "value_2": 203 + } + ], + "detail": { + "manufacture_year": 2014, + "manufacture_week": 42, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "clock": 107300, + "width": 1280, + "height": 800, + "width_millimetres": 325, + "height_millimetres": 203, + "horizontal_flag": 45, + "vertical_flag": 45, + "vendor": "", + "name": "QEMU Monitor" + }, + "driver_info": { + "type": "display", + "width": 2048, + "height": 1152, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "bandwidth": 0, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "horizontal_flag": 45, + "vertical_flag": 45 + } + } + ], + "mouse": [ + { + "index": 25, + "attached_to": 24, + "class_list": ["mouse", "usb"], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0105", + "name": "Mouse", + "value": 261 + }, + "sub_class": { + "hex": "0003", + "name": "USB Mouse", + "value": 3 + }, + "vendor": { + "hex": "0627", + "name": "QEMU", + "value": 1575 + }, + "device": { + "hex": "0001", + "name": "QEMU USB Tablet", + "value": 1 + }, + "serial": "28754-0000:00:01.2-1", + "compat_vendor": "Unknown", + "compat_device": "Generic USB Mouse", + "model": "QEMU USB Tablet", + "sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0", + "sysfs_bus_id": "1-1:1.0", + "unix_device_names": ["/dev/input/mice"], + "unix_device_name2": "/dev/input/mouse0", + "resources": [ + { + "type": "baud", + "speed": 12000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 0, + "interface_class": { + "hex": "0003", + "name": "hid", + "value": 3 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "usbhid", + "driver_module": "usbhid", + "drivers": ["usbhid"], + "driver_modules": ["usbhid"], + "driver_info": { + "type": "mouse", + "db_entry_0": ["explorerps/2", "exps2"], + "xf86": "explorerps/2", + "gpm": "exps2", + "buttons": -1, + "wheels": -1 + }, + "module_alias": "usb:v0627p0001d0000dc00dsc00dp00ic03isc00ip00in00" + } + ], + "network_controller": [ + { + "index": 18, + "attached_to": 13, + "class_list": ["network_controller"], + "bus_type": { + "hex": "008f", + "name": "Virtio", + "value": 143 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": "Virtio", + "device": "Ethernet Card 0", + "model": "Virtio Ethernet Card 0", + "sysfs_id": "/devices/pci0000:00/0000:00:12.0/virtio1", + "sysfs_bus_id": "virtio1", + "unix_device_names": ["ens18"], + "resources": [ + { + "type": "hwaddr", + "address": 98 + }, + { + "type": "phwaddr", + "address": 98 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": ["virtio_net"], + "driver_modules": ["virtio_net"], + "module_alias": "virtio:d00000001v00001AF4" + } + ], + "network_interface": [ + { + "index": 26, + "attached_to": 18, + "class_list": ["network_interface"], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0001", + "name": "Ethernet", + "value": 1 + }, + "model": "Ethernet network interface", + "sysfs_id": "/class/net/ens18", + "sysfs_device_link": "/devices/pci0000:00/0000:00:12.0/virtio1", + "unix_device_names": ["ens18"], + "resources": [ + { + "type": "hwaddr", + "address": 98 + }, + { + "type": "phwaddr", + "address": 98 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": ["virtio_net"], + "driver_modules": ["virtio_net"] + }, + { + "index": 27, + "attached_to": 0, + "class_list": ["network_interface"], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0000", + "name": "Loopback", + "value": 0 + }, + "model": "Loopback network interface", + "sysfs_id": "/class/net/lo", + "unix_device_names": ["lo"] + } + ], + "pci": [ + { + "index": 13, + "attached_to": 0, + "class_list": ["pci", "unknown"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 18 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1000", + "value": 4096 + }, + "sub_device": { + "hex": "0001", + "value": 1 + }, + "model": "Ethernet controller", + "sysfs_id": "/devices/pci0000:00/0000:00:12.0", + "sysfs_bus_id": "0000:00:12.0", + "resources": [ + { + "type": "io", + "base": 53312, + "range": 32, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": ["virtio-pci"], + "driver_modules": ["virtio_pci"], + "module_alias": "pci:v00001AF4d00001000sv00001AF4sd00000001bc02sc00i00" + }, + { + "index": 14, + "attached_to": 0, + "class_list": ["pci", "unknown"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 3 + }, + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "00ff", + "value": 255 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1002", + "value": 4098 + }, + "sub_device": { + "hex": "0005", + "value": 5 + }, + "model": "Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:03.0", + "sysfs_bus_id": "0000:00:03.0", + "resources": [ + { + "type": "io", + "base": 53248, + "range": 64, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": ["virtio-pci"], + "driver_modules": ["virtio_pci"], + "module_alias": "pci:v00001AF4d00001002sv00001AF4sd00000005bc00scFFi00" + } + ], + "storage_controller": [ + { + "index": 6, + "attached_to": 17, + "class_list": ["storage_controller", "pci"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 1, + "number": 1 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0000", + "name": "SCSI storage controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1004", + "value": 4100 + }, + "sub_device": { + "hex": "0008", + "value": 8 + }, + "model": "SCSI storage controller", + "sysfs_id": "/devices/pci0000:00/0000:00:05.0/0000:01:01.0", + "sysfs_bus_id": "0000:01:01.0", + "resources": [ + { + "type": "io", + "base": 49152, + "range": 64, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": ["virtio-pci"], + "driver_modules": ["virtio_pci"], + "module_alias": "pci:v00001AF4d00001004sv00001AF4sd00000008bc01sc00i00" + }, + { + "index": 15, + "attached_to": 0, + "class_list": ["storage_controller", "pci"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0001", + "name": "IDE interface", + "value": 1 + }, + "pci_interface": { + "hex": "0080", + "value": 128 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7010", + "value": 28688 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "model": "Intel IDE interface", + "sysfs_id": "/devices/pci0000:00/0000:00:01.1", + "sysfs_bus_id": "0000:00:01.1", + "resources": [ + { + "type": "io", + "base": 1014, + "range": 1, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 368, + "range": 8, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 496, + "range": 8, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 53376, + "range": 16, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 886, + "range": 1, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 1, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 128 + }, + "driver": "ata_piix", + "driver_module": "ata_piix", + "drivers": ["ata_piix"], + "driver_modules": ["ata_piix"], + "module_alias": "pci:v00008086d00007010sv00001AF4sd00001100bc01sc01i80" + } + ], + "system": { + "form_factor": "desktop" + }, + "unknown": [ + { + "index": 19, + "attached_to": 6, + "class_list": ["unknown"], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:05.0/0000:01:01.0/virtio2", + "sysfs_bus_id": "virtio2", + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": ["virtio_scsi"], + "driver_modules": ["virtio_scsi"], + "module_alias": "virtio:d00000008v00001AF4" + }, + { + "index": 20, + "attached_to": 14, + "class_list": ["unknown"], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:03.0/virtio0", + "sysfs_bus_id": "virtio0", + "driver": "virtio_balloon", + "driver_module": "virtio_balloon", + "drivers": ["virtio_balloon"], + "driver_modules": ["virtio_balloon"], + "module_alias": "virtio:d00000005v00001AF4" + } + ], + "usb_controller": [ + { + "index": 7, + "attached_to": 0, + "class_list": ["usb_controller", "pci"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "000c", + "name": "Serial bus controller", + "value": 12 + }, + "sub_class": { + "hex": "0003", + "name": "USB Controller", + "value": 3 + }, + "pci_interface": { + "hex": "0000", + "name": "UHCI", + "value": 0 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7020", + "value": 28704 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Intel USB Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:01.2", + "sysfs_bus_id": "0000:00:01.2", + "resources": [ + { + "type": "io", + "base": 53344, + "range": 32, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 2, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "prog_if": 0 + }, + "driver": "uhci_hcd", + "driver_module": "uhci_hcd", + "drivers": ["uhci_hcd"], + "driver_modules": ["uhci_hcd"], + "driver_info": { + "type": "module", + "db_entry_0": ["uhci-hcd"], + "active": true, + "modprobe": true, + "names": ["uhci-hcd"], + "module_args": [""], + "conf": "" + }, + "module_alias": "pci:v00008086d00007020sv00001AF4sd00001100bc0Csc03i00" + } + ] + }, + "smbios": { + "bios": { + "handle": 0, + "vendor": "Proxmox distribution of EDK II", + "version": "4.2025.05-1~bpo12+1", + "date": "03/12/2026", + "features": null, + "start_address": "0xe8000", + "rom_size": 65536 + }, + "chassis": [ + { + "handle": 768, + "manufacturer": "QEMU", + "version": "pc-i440fx-9.2", + "chassis_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "lock_present": false, + "bootup_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "power_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "thermal_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "security_state": { + "hex": "0002", + "name": "Unknown", + "value": 2 + }, + "oem": "0x0" + } + ], + "memory_array": [ + { + "handle": 4096, + "location": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "usage": { + "hex": "0003", + "name": "System memory", + "value": 3 + }, + "ecc": { + "hex": "0006", + "name": "Multi-bit", + "value": 6 + }, + "max_size": "0x200000", + "error_handle": 65534, + "slots": 1 + } + ], + "memory_array_mapped_address": [ + { + "handle": 4864, + "array_handle": 4096, + "start_address": "0x0", + "end_address": "0x80000000", + "part_width": 1 + } + ], + "memory_device": [ + { + "handle": 4352, + "location": "DIMM 0", + "bank_location": "", + "manufacturer": "QEMU", + "part_number": "", + "array_handle": 4096, + "error_handle": 65534, + "width": 0, + "ecc_bits": 0, + "size": 2097152, + "form_factor": { + "hex": "0009", + "name": "DIMM", + "value": 9 + }, + "set": 0, + "memory_type": { + "hex": "0007", + "name": "RAM", + "value": 7 + }, + "memory_type_details": ["Other"], + "speed": 0 + } + ], + "processor": [ + { + "handle": 1024, + "socket": "CPU 0", + "socket_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "socket_populated": true, + "manufacturer": "QEMU", + "version": "pc-i440fx-9.2", + "part": "", + "processor_type": { + "hex": "0003", + "name": "CPU", + "value": 3 + }, + "processor_family": { + "hex": "00fe", + "name": "Other", + "value": 254 + }, + "processor_status": { + "hex": "0001", + "name": "Enabled", + "value": 1 + }, + "clock_ext": 0, + "clock_max": 2000, + "cache_handle_l1": 0, + "cache_handle_l2": 0, + "cache_handle_l3": 0 + }, + { + "handle": 1025, + "socket": "CPU 1", + "socket_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "socket_populated": true, + "manufacturer": "QEMU", + "version": "pc-i440fx-9.2", + "part": "", + "processor_type": { + "hex": "0003", + "name": "CPU", + "value": 3 + }, + "processor_family": { + "hex": "00fe", + "name": "Other", + "value": 254 + }, + "processor_status": { + "hex": "0001", + "name": "Enabled", + "value": 1 + }, + "clock_ext": 0, + "clock_max": 2000, + "cache_handle_l1": 0, + "cache_handle_l2": 0, + "cache_handle_l3": 0 + } + ], + "system": { + "handle": 256, + "manufacturer": "QEMU", + "product": "Standard PC (i440FX + PIIX, 1996)", + "version": "pc-i440fx-9.2", + "wake_up": { + "hex": "0006", + "name": "Power Switch", + "value": 6 + } + } + } +} diff --git a/modules/clan/headscale/default.nix b/modules/clan/headscale/default.nix new file mode 100644 index 0000000..aa092b0 --- /dev/null +++ b/modules/clan/headscale/default.nix @@ -0,0 +1,182 @@ +{ ... }: +{ + _class = "clan.service"; + manifest.name = "headscale"; + manifest.description = "An open source, self-hosted implementation of the Tailscale control server"; + manifest.readme = "An open source, self-hosted implementation of the Tailscale control server"; + manifest.categories = [ "System" ]; + + roles.server = { + description = "A server role"; + + interface = + { lib, config, ... }: + { + options = { + public_url = lib.mkOption { + type = with lib.types; nullOr str; + default = config.services.headscale.settings.server_url; + description = "Public URL for accessing the instance"; + }; + + base_domain = lib.mkOption { + type = with lib.types; str; + default = ""; + description = "Defines the base domain to create the hostnames for MagicDNS in Headscale. `base_domain` must be a FQDN, without the trailing dot. The FQDN of the hosts will be `hostname.base_domain (e.g. myhost.tailnet.example.com)"; + }; + + advertise_routes = lib.mkOption { + type = with lib.types; listOf str; + default = [ ]; + description = "Expose physical subnet routes to your entire Tailscale network."; + example = [ "192.168.1.0/24" ]; + }; + + nameservers = lib.mkOption { + type = with lib.types; listOf str; + default = [ + "1.1.1.1" + "8.8.8.8" + ]; + description = "List of nameservers to pass to Tailscale clients"; + example = [ "10.0.10.1" ]; + }; + }; + }; + + perInstance = + { settings, ... }: + { + nixosModule = + { + config, + pkgs, + lib, + ... + }: + let + preAuthKeyFile = "/var/lib/headscale/preauth.key"; + + routes = lib.concatStringsSep "," settings.advertise_routes; + in + { + + systemd.services.headscale-auto-enroll = + let + serverUser = "hcserver"; + in + { + description = "Enroll this machine into headscale automatically"; + after = [ + "headscale.service" + "tailscaled.service" + ]; + requires = [ + "headscale.service" + "tailscaled.service" + ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + User = "root"; + }; + + path = [ pkgs.jq ]; + + script = '' + set -euo pipefail + + if ${pkgs.tailscale}/bin/tailscale status &>/dev/null; then + echo "Already enrolled, skipping." + exit 0 + fi + + for i in $(seq 1 30); do + ${pkgs.headscale}/bin/headscale users list &>/dev/null && break + sleep 1 + done + + ${pkgs.headscale}/bin/headscale users create ${serverUser} 2>/dev/null || true + + USER_ID=$(${pkgs.headscale}/bin/headscale users list --name ${serverUser} -o json | jq '.[0].id') + + KEY=$(${pkgs.headscale}/bin/headscale preauthkeys create \ + --user $USER_ID \ + --reusable \ + --expiration 30m \ + --output json | ${pkgs.jq}/bin/jq -r '.key') + + echo "$KEY" > ${preAuthKeyFile} + chmod 600 ${preAuthKeyFile} + + ${pkgs.tailscale}/bin/tailscale up \ + --login-server=https://${settings.public_url} \ + --authkey="$KEY" \ + --accept-routes \ + --advertise-routes=${routes} + ''; + }; + + systemd.services.headscale-approve-routes = { + description = "Auto approve routes"; + after = [ + "headscale.service" + "tailscaled.service" + "headscale-auto-enroll.service" + ]; + requires = [ + "headscale.service" + "tailscaled.service" + "headscale-auto-enroll.service" + ]; + + path = [ pkgs.jq ]; + + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "oneshot"; + User = "root"; + }; + + script = '' + set -euo pipefail + NODE_ID=$(${pkgs.tailscale}/bin/tailscale status --json | jq '.Self.ID' | tr -d '"') + ${pkgs.headscale}/bin/headscale node approve-routes --identifier $NODE_ID --routes ${routes} + ''; + + }; + + systemd.services.tailscaled-autoconnect.after = [ + "tailscaled.service" + "headscale-auto-enroll.service" + ]; + + services.tailscale = { + enable = true; + useRoutingFeatures = "server"; + openFirewall = true; + }; + + networking.firewall.allowedTCPPorts = [ + config.services.headscale.port + ]; + + services.headscale = { + enable = true; + address = "0.0.0.0"; + settings.server_url = "https://${settings.public_url}"; + + settings.dns = { + base_domain = settings.base_domain; + override_local_dns = true; + nameservers.global = settings.nameservers; + }; + }; + + }; + }; + }; +} diff --git a/modules/clan/headscale/flake-module.nix b/modules/clan/headscale/flake-module.nix new file mode 100644 index 0000000..d59c844 --- /dev/null +++ b/modules/clan/headscale/flake-module.nix @@ -0,0 +1,19 @@ +{ self, inputs, ... }: +let + module = ./default.nix; +in +{ + clan.modules = { + headscale = module; + }; + # perSystem = + # { ... }: + # { + # clan.nixosTests.service-headplane = { + # imports = [ ./tests/vm/default.nix ]; + # _module.args = { inherit self inputs; }; + # + # clan.modules."@clan/headplane" = module; + # }; + # }; +} diff --git a/sops/machines/alasia/key.json b/sops/machines/alasia/key.json new file mode 100755 index 0000000..5bbbe18 --- /dev/null +++ b/sops/machines/alasia/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age1yrqpfs0wtaxg9p9058g2gyq7kffjnnqdw26wa4a4uvjqkzvmq5wqvdtgxl", + "type": "age" + } +] \ No newline at end of file diff --git a/sops/secrets/alasia-age.key/groups/admins b/sops/secrets/alasia-age.key/groups/admins new file mode 120000 index 0000000..e5092e3 --- /dev/null +++ b/sops/secrets/alasia-age.key/groups/admins @@ -0,0 +1 @@ +../../../groups/admins \ No newline at end of file diff --git a/sops/secrets/alasia-age.key/secret b/sops/secrets/alasia-age.key/secret new file mode 100644 index 0000000..a38f6b7 --- /dev/null +++ b/sops/secrets/alasia-age.key/secret @@ -0,0 +1,46 @@ +{ + "data": "ENC[AES256_GCM,data:Q/ds6CIR16omumjGklFzjRn6CsYCsJ/qp3ZLYZPtvmCa5TOj5OBh3XLZkVNa1NaSyCv2s8S0G8ribflOsFFnTChdK3iEyzRxXpM=,iv:WIWHDzRZ0ki78D18/d2siTdqVssJxmCPpWHKrty/X3Y=,tag:pqZruPVZPJtEfodBCDeZKw==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLK2lYZWdHdzhqekpxeGFm\na3JjWHh1a2ZKVlptTk14Mm1ablpudTlaRGlBCnlEem1ZYkMvTGFNNFc2RGRNSkdr\nUXQ2Yk44MnJlL2wyVHpOQlI1cXFZS1EKLS0tIEVzc3VXYmZ6U01VMXlrdVFKUlI5\nSTdrR1BXNlArelBMVm5oWk5SeUZOYUEKSLWtYHUvkcPYC4h7dnHnWA3S84Tuf8ZN\ns2vwgOcFbm0APnoWQsJy4L3uqGoK5btB/EzgXtCopxlv+6CODhIscg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwaDBQc1RPaG5nN3NJbTkz\nSEVmd0dlMU1lYTJlNGRJUml3MFA3d3hvdUZVCi8vU1lsL29NSVY3UmZ3dUZwOE1B\na2h6MFhxUVQ2ZmdSUzRUZVJIRnNiWWcKLS0tIExzeUpueU9VZjBDRk1nVzR0ZmFq\nM0NDcSt6VytTb04yZ0pCdm83UWE0cEkKmLmWCFioA6MRExdjkYupUVtR0Cmo8o+J\ns7B49+L20jTQ3ok4b8Qpl8Q41E5i0FD44sO0Yc12ER6Z9OrDOxs18Q==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDgwQ2ZoMHlz\neFJWdnNqY1hqVXF5bkphM3I3YXpERVNPRzYrenJDbEpTVmcgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpFZ0NqMmZnSVAyU0g4eEFTUEZvK0hl\ncW5qdW1CcWNPWnJhaTNkNVowSlgwCi0tLSBhUWF1QjBxOXlML1BqcjErWnZ5dlo4\nc3JQRU42SEhkSFVxcDBmbmpCQndvCji6mMl3vDHlhYgHtBdZaA0iDxqX70jMCAww\n0SpnRzgndSeBQFVxs8Nqa4Lo3ti7juLg7fRuEXQIxq7pYBESj1Y=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGM4MnNxWXhj\nbG5XVjFGZERaRzVHV2lEQVNtOG4wemdaR2ZPNzFiNHVXbVUgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpGWGdVL3VlbHpFc0dvY24vZmFlL2ZO\nVXltZllXQi9LZGlGRmdIQk0yNmxZCi0tLSA4eDdVV0JuWnNmT1dLTG0zTFQxU3c0\nSmJvV3o4RzJ5WkRWVzJWa25VczFJCgQe4ow0UVMnRZbQtz8W+uPst0IoKcJThU8x\n0DwZO3J7wL9kCL1Sd2TPYKBRgcBHGvEa/mhOvIoURmNMhEXr0ME=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFNlV3oyZ2Mx\nQU1qMytLQ1Y4K0FaZVpwR0Y5eHpJN3RBL20yTjVzYnBVR0UgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwo0VWdKeUF0R3ZRZDBNUE5LTTlUYmVO\nd01hV1ZJdGVlR3l6emF0eGdFNThjCi0tLSBkNWlDMWUwS3N2SDY1TVpQNVFWdmUr\nT0N5RERxV3NIaDFiWTdvU3dDdWxBCpC9Zvjypga/Ul+ZbLoZw7S41Wvq8i7mxewy\nUOOTCpcCbBaCn24Z99UssHY3GbVygsz4554nDAdqmC+6s5bJxa4=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSRXpwQXk1eUNYNnAveHoz\nRkdPY2JKbmVBZXNjZ3ZtQ3pFT0ZjR1lIRVFvCllVeTltNEcrQjljYUUxOWNOa1lh\nUnYrMWI5czhxKy9Dc015cnFUd3dDNncKLS0tIE5NWEZIK21QdGhjUXc2ckNvNFBp\nSFJpZ1ZGNC9Xdk1sZHpnaDlEYzd5eHMKmsMek5EezKKiyG+9sVNwK92TJ5xdM4mY\naWzz8iFw1lkeJ3iwK5da5iPFolO6C6Sk1Kf2Mst84lklDKE6dtiwxg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIaFJNMjVPS2c1V2Zkak1Y\nQmtybk1XSThhZXYzTWZhYkdqYy9CZHQ2Zml3CnJPeUtxdWN2YTA5eHBxVXNBNmpw\najYrTDUrK1E4VjFHaXI3Zkp5Vmdwc1EKLS0tIENad1p3TmpaM3MzMzBvSXQ2eGNu\nRk9VZFFKZk9saGpHQzVjRUpvRWwwaGsKqjU3CjfNLuzLAf4uCmzkNbwZRkxDQuaK\nshnCgn26VQq5De8+QDoboYKOW5Qnf5rjMhKrpGW69C7fir5QIpe64w==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnaWV4cGV3WkhiVzU1WXox\nenR1ZGg4M2NiYmQwTEdFaCthS2dCbXVFTVh3CkFFdlkyRm9KYnZRQ0svaGYxR2ZK\nc2d3anJWZjZzdWpPYWtqMWpWTnZ5V00KLS0tIDFyajBoemlqYkhCRDVKQXIvaTFL\nRkp1YU1SZWlSa3l2b2IwN0dMQXo1bVkKxdaMlyWnIDt3e4ckZDD9Fqbc96GHFE9i\n478Ar+UAllWQ5IT2iDFvJVv/FUl2H8PX57aWkbSoe9CvsoKvvA8XrQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpbHprcnBIZWZYcmQ5b0Y5\nVW5SN2ZFVU9rSncvMzF2WW5pWVZKWnBBNmdrCkpCK3E0aGIwSDZ6YzRhUEcvVnFw\nUW1tMFhjZHZSSW1lSXh5QTdNNGdrbjgKLS0tIExwMStRdmt0ZHhZTmRYalgvSVYy\neWVsQ1g2eGNhSXVLaFFOVXNmcE80eHcKoABIslKMdmsaVJ2mvP+xPUVp0ZLwdUPu\nfOKgZuyY/LRILRosZPFX/efxI7qZx04xo5WMA++IrB03FFH1DQ6F8A==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + } + ], + "lastmodified": "2026-05-12T10:32:02Z", + "mac": "ENC[AES256_GCM,data:UherYfiTSm/qJ1gElQYS5LagP8d+6s7726HdCFk1xAkdPaqF5u9Jzxuqi/W6o6J2WO0JdgnMOWs9VUNhQbCpFCsCukUblrFZyySA6jhSd+CT4RbJ1UFtFUOjyEdEiRuxB+ARW8IuXcNRg8XTgK4GUw7VWPGSwq5JYjuvGE1GOJY=,iv:r1HgjnlTHZU8jbN/10NJmImaw/wZihwzfdRYNvS6RCI=,tag:uaZtEAdn7cTRRmVeGrSbZw==,type:str]", + "version": "3.13.0" + } +} diff --git a/sops/secrets/alasia-age.key/users/kurogeek b/sops/secrets/alasia-age.key/users/kurogeek new file mode 120000 index 0000000..54331f5 --- /dev/null +++ b/sops/secrets/alasia-age.key/users/kurogeek @@ -0,0 +1 @@ +../../../users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/alasia/openssh-cert/.validation-hash b/vars/per-machine/alasia/openssh-cert/.validation-hash new file mode 100644 index 0000000..fe718fb --- /dev/null +++ b/vars/per-machine/alasia/openssh-cert/.validation-hash @@ -0,0 +1 @@ +b6643bd6b44712f3a7cb9d17f0d8720d8e575f351ab214b0042fc870e6cb57f9 \ No newline at end of file diff --git a/vars/per-machine/alasia/openssh-cert/ssh.id_ed25519-cert.pub/value b/vars/per-machine/alasia/openssh-cert/ssh.id_ed25519-cert.pub/value new file mode 100644 index 0000000..cb9e907 --- /dev/null +++ b/vars/per-machine/alasia/openssh-cert/ssh.id_ed25519-cert.pub/value @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIBXKx4V8E5gvtnYHoEg62QIad9pVyk8AivKhfU6bfceFAAAAIADvFTFNkgH08nIX1+CLnd0btX0x93176Of3zm8LR0c+AAAAAAAAAAAAAAACAAAABmFsYXNpYQAAAA8AAAALYWxhc2lhLmNsYW4AAAAAAAAAAP//////////AAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACCH0ihJXtD/Ff8S+ANZV8eZbgwjI6/H3sfP3NZdzzJ6sAAAAFMAAAALc3NoLWVkMjU1MTkAAABA80/YStdtvThZYizoF+9GMfsrIorslQ/UWu3FVDXgomp5Q3so2evTwdpqPbuWxzK0DYvdPpKQgC2CrUx4xb/lDw== /tmp/vars-hfrz5fit/in/openssh/ssh.id_ed25519.pub diff --git a/vars/per-machine/alasia/openssh/ssh.id_ed25519.pub/value b/vars/per-machine/alasia/openssh/ssh.id_ed25519.pub/value new file mode 100644 index 0000000..399a31e --- /dev/null +++ b/vars/per-machine/alasia/openssh/ssh.id_ed25519.pub/value @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIADvFTFNkgH08nIX1+CLnd0btX0x93176Of3zm8LR0c+ diff --git a/vars/per-machine/alasia/openssh/ssh.id_ed25519/groups/admins b/vars/per-machine/alasia/openssh/ssh.id_ed25519/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/alasia/openssh/ssh.id_ed25519/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/alasia/openssh/ssh.id_ed25519/machines/alasia b/vars/per-machine/alasia/openssh/ssh.id_ed25519/machines/alasia new file mode 120000 index 0000000..9f1fd15 --- /dev/null +++ b/vars/per-machine/alasia/openssh/ssh.id_ed25519/machines/alasia @@ -0,0 +1 @@ +../../../../../../sops/machines/alasia \ No newline at end of file diff --git a/vars/per-machine/alasia/openssh/ssh.id_ed25519/secret b/vars/per-machine/alasia/openssh/ssh.id_ed25519/secret new file mode 100644 index 0000000..71224c8 --- /dev/null +++ b/vars/per-machine/alasia/openssh/ssh.id_ed25519/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:/fqeRibiIcE+VOToSYwCRNQ+SpQfms6ehjc+If+5wYQlsL/336zlLHMhyd5XTIrhSb3maGG8r/xJxztBiFlwjcG9vVGhcQiGifaYjYtIF72laVrs+xnTYjHUuaYKLQXnyNi/wwa3swm8lgsVSHZlBjbi6Rgxas3+gRqitGxXecqbiEyDyruqWJ4Z6I8hqt+EEL7YwSpVFBhv8wzMS9unddFLsg00U0RYZ2mtQzI/mb//GYmpE8IOX3ozSRxj5+1WZmCZOWzh3YpMZMhAi/1tFYyZAGXPqyo0b1fblrH2sVHqVbJQ3y4aOK7VAWmgLzv+GV8ViC51KzTsQ7J0sut23Q9RUI8hz1cmMUopJZ+C0wEMA1GBztxoXV5jATf3fs8cKvdgjKtLqQzSAyBgqtY31daBj/i0z+j2ZfTpx1YvnQop1DSX/Uk/DfhrOlGnAPofLtoEmC1O9MQYmJzRVC0qCS7X+7bqAmkoLKxoquDby8PTtVpRGIpExjVM5OOj0R4ZHspu,iv:D1inHcb9881k5Q7qD8MxUooCScCLi2dqDCXLoHu3fQ0=,tag:k/TqzrgLOCftINckre6xwg==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNS29RVFYvODloV04ybkQ1\nNnU4MkYxQmprNGdSZkFKZm1hZzFSQXpKd1dVCnZ3bXZ2QjdHbHhORk1IdkpFNy9M\nNTNZR2RVOEF4T1k3WTRBWmpxUDlOQjAKLS0tIFhHQVM1dTQ1VkdLMi8wYzJ5cTdO\nM0tlZHJleDErVmVFMFdNb21OcUlqeEkKHOtaT7+ICJPqwRrBDb0CSsmqPnBMU3VF\nKm5jH6stYfRahowAf5GJvDN6wAgrZtEL0g/hsU17cv0IK1Gv8Vr8Sw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQL0lhTDROODNld012R2pm\nQVhHQlFRSjVRaU1aOUFPc0V4NmFZMDN0djEwCnpYZ2E4bGVWOXJuTHJxNG4rUVRQ\nT2VDWUR0T0JkQzl6clNUN0d6QzhKVWcKLS0tIGNlM0pPZFJsdGY0bnU1b2NTRVlI\nNmFqb0xIb2dVL09ET3JpcVA5YSt6b3cKOBjM0irnoShxRrgv2rbQ7lw8wiNCkn0b\nq5B/8UQWOpj0/fg1mu5waNjECmMtOoB6LhJ8tBz1ctQunWB1uFxY1Q==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGxxUmFlYkkr\nVE9Ob0QxSTRXVklJMnVtYk9KK1JFWktBR2RoL3dWTHkrVncgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpQRHVyQWxSMitUZXo3U1F5WWpnQkZm\nNW03L3I1dzZrdklQUW9EcFBhMk8wCi0tLSBtanR0NUNVQjdDdUFNY0dxcUQ3TDZp\nSE5qRE53SDdMTmZLaG1JSjBsM2pjCow9Wr2Zm7NTnFQJpbFdlRrAmN9M8m2223tf\nFgwo9OGIOUMpacpYKiitVW4OhBdselr+mT/XYAZWGmMHh61Th48=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGdQSjVHOTZN\nUVdZOXgzM3dlTU00NytPVllRVlU4amI1QmdQb21MaDhpUXcgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwptOUlqNno4dEYyMjNUQStuR3hnTjh3\nS0NYVytWc2xWVy9HQ2RZYlU5ejZZCi0tLSBDeVh3c29mK09uVHNEWW1JQk5FZFBR\neEJLRHRDa3RDcmNoeXl2ZzZNSi84CqJOED4ameXulbcJ4EdWEF/d8paPY5zAWYn4\ni05c1p4okzkH0sw9fXiw+NV8NQqjoTnMB27V/Jl8Iwrc4hwQV54=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIC9zTmVjL044\nWTNRdXZRQ1kzMXRKMWpad2xtOUpxWEMyUDRIa0F1MkFteTQgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpSMUhHZlp6akk1TGFhaEU0UkorMXNX\nYW8zWGxjUzdQdHJYMG1NYmpMUlRnCi0tLSBFcHl6Z0RvK0Rabmt2YmtacHdVb2xx\nRzZOajdDMzkyZFVKbHNOMXpQbzJFCjMjXGTQIXmo8NaSZgBqbYVXoG3gymEKSTvt\n+JOX0GtyLT/8ez8cVc6lgcnHQVxdsyYwUbkAM0t2DMR/AykQtOY=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiVG93dlVFYWpHcTRhZVd2\nUEFHWnVCSjZkeDBNYjdKS2pwQmdNYmUzWFJVCnk3MjQwcklEMUk0anlsaFQrVWZT\nNC9xNVJqYjZjeHpUdFEzejJxaGgyMGcKLS0tIGp2WmR3MnVkOUdqSUZYQ3lUY2RX\nRWkrSGpNRE1uSjJOclQyM3lEVFA2ZXcKpVdHb/E9E7fDD8jEZFVdoLYmT/nPMM3P\n7TCwW6Q0l6bgYiP+BJRkUYAMSBgdaZDYR8KiggruO+WUljxJMe/DDg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3dzVGdzBQMHZZQ2ZseXN5\nQmc2TExMWnRwd3F5YklicHVVSU1tWlVMZkhjCnJkM0RHcGRjVUhaaTMwV1dXWTRz\nWHliNzc1NlVlUnRBcDBRb3QxQzZOTVEKLS0tIGJPNmc3YWgya3h5SG95VW1YU1pZ\naWxyMExzTWlQTGtBTGFVTmRFSHNzZUkKsYR4IEUrGfz5c1ZMWD0kiuo4/2n1y/OQ\n2foHqFi8LMYU6Lc1VExznLX94OpAcMCT7NhlPOOrOZJJRdLPM+/TRA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBobnRPdHhOOFVpSkdMSER6\nWVR0OWk0ZnI4RDNvQ1RVK202QmY2M3YzZVMwCkF1V2xsZGEyU2tKcEkyMkF4d2gr\ndHNDc2lzN2JuL1o4UmtWNVhBT1JnbTAKLS0tIFk4MDlzQ3JlSFBLY29NN25nL05J\nOVB3bitLbjFrL243NW0zZkNqTVViWWsKjFjbCTcbzQ+bvCyzDEbuHJLK0ui5P4Mj\nG3TniEi00FnsF+8kSrMydFqgSo2SyYgDOZB+dOqelDJnqkWZSz5aRA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpTFRqNmoyVDg4MDdiM0tv\nbDYxRHA4NG1XcWFsTmVvczRvS2lOYWVFbmxFClBsUW5mSDFpR2I4MmZxMlpuUjBm\nQ2NsY004NW9QeHV0Q2YrNGZGcXBMcmMKLS0tIHc3RXEyOUdRb0prOExlcG1sbzZu\ncVpubExyOURYSmpKNjlzMlp3NEdTNTAKgOyZSGI5H4ZBB/PyfOcAG6tucH305pqs\n18A29ZnzWzooYUIiydx1tv06rgkb0ukI7kcoZWH10e1x6GAHkxOwHw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwMkZzVWQweWpPaGJqdzAy\nTWduTUNaRjNWNEQ4SnozQU44aHk5YTFrNHpnCnRPTjQrNHd2L2RNMlh0Zm9JTHJ0\nVmNMR05uN2d0UFVKazhqSzdiZS9YeHMKLS0tIFpUblUwZWs2Tmwwa2kvandVTDQ0\nSkxWTlE4UW0zU3A0ZHR2MXJ4MWdpWnMKNVRJRlbg8bdqISpQ0yAuLDK8Wf5CmgTi\nSb0N7TAV77iHyK+ZdDuf/P6xibv2jmExYMlp4rEBx4juGKD3rxjTsQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1yrqpfs0wtaxg9p9058g2gyq7kffjnnqdw26wa4a4uvjqkzvmq5wqvdtgxl" + } + ], + "lastmodified": "2026-05-12T10:33:44Z", + "mac": "ENC[AES256_GCM,data:tS6LG1C3NYQEQyhtnFRhp5kzDIuWqaa9uyG4+D/gBa/7vNXY9lIHFnGlL1BoGT4/Dz1LC5hS9Ld6aipngK47zA3Xclbi0zD/chaLgFh7Uq4Ag4ega+K4GWo0Tt82bqtXhCqGdraXdahncg/zsbHcpFzGV2Ygg6mmn46+5U+Exqg=,iv:Oc/RWcMduGfT9VnC8DnLmpWkhL3zRrhFAw+DA54aSFo=,tag:vI2BeJFeZ18oLIHOF2ygkA==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/alasia/openssh/ssh.id_ed25519/users/kurogeek b/vars/per-machine/alasia/openssh/ssh.id_ed25519/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/alasia/openssh/ssh.id_ed25519/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/alasia/state-version/version/value b/vars/per-machine/alasia/state-version/version/value new file mode 100644 index 0000000..115ab7a --- /dev/null +++ b/vars/per-machine/alasia/state-version/version/value @@ -0,0 +1 @@ +25.11 \ No newline at end of file diff --git a/vars/per-machine/alasia/tor_tor/hostname/groups/admins b/vars/per-machine/alasia/tor_tor/hostname/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/alasia/tor_tor/hostname/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/alasia/tor_tor/hostname/machines/alasia b/vars/per-machine/alasia/tor_tor/hostname/machines/alasia new file mode 120000 index 0000000..9f1fd15 --- /dev/null +++ b/vars/per-machine/alasia/tor_tor/hostname/machines/alasia @@ -0,0 +1 @@ +../../../../../../sops/machines/alasia \ No newline at end of file diff --git a/vars/per-machine/alasia/tor_tor/hostname/secret b/vars/per-machine/alasia/tor_tor/hostname/secret new file mode 100644 index 0000000..9e9c854 --- /dev/null +++ b/vars/per-machine/alasia/tor_tor/hostname/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:Ru+X44EV9QcgpnNis54oxhC5bSc0SWnjhQdGIbIbrHpV5ymd7pdRfgsaX2zegTkJECZ4egzrHhrbC9gccvVh,iv:dQv/kq70gsMnchnIUHPrZCPzHKUF6o3WBL+Wq/2ZnbQ=,tag:9LNgLpB+XcfaBT/U6JH54Q==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiNDJhNk1rc1pEaS9TVk11\nNUJXdW5HWUZwblJVZkVwcmdTbUtmTzVycDFBCjNtcTdRSVVwTE1hdlovWTRXZFAx\nSDdpUzBkcTYzdG02U1JEemRIL0J5YlUKLS0tIG1OSG10Sjh2V05nK3BQSGc5WTBJ\nMktmWjZVT2ZaWHFUbHNyWE1DTzYyaXMK7tSpo1HiPeoCaORP+bs7RFDFWzIopiCp\nPHo87GfyZegR4Re5e/ZEO1SwkDn12JjhboScBZkw9dOpViHBKF+fGw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwdlNZZjdXZFQ3RE16ZFlI\nZVBVUGprSUpyOC9HMW9LbTZyK21salJMSG5rCmVVREp5YTYvMGMwZ3V3M2FLNG9i\nZ0pHQ2tJQm1Ca2trWjlmWDZCQms1RzAKLS0tIC9jVklNN2hNNHFKdjVKZFJEalkr\nOGN4V3dhZ3B5V1ZPeFl3K2FWM3RtdUEKM3TIF7lvCn7yQnDEmabH0W6bvATEMheI\n0VvibfUfBFKlsGgfm9EVhwmG6kgrnoswbhi4RaAbCNtKVcRXDTyGCw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEJwaEZ5TkJk\nY0dqWlF1UHQxM2NoaFVyNzdZTnN3ZjdCS2I2NnpnclRpMzggQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQo5WStTUjdEanVMUTVQeVZJQUdYWEl6\nVU0ySzZRNXJKdkJVeFVBTTQ2OURvCi0tLSB2a1VTaDhrRVVsWWJKNEhFZGt3N3FK\ndlBWbW9mZnFqUjZCNEVtWmlITFhRCvVdrdFFobbqKKJVWV93kpXnYmIYKXB6/T4U\nfeu6WDPiuRQle8mvtj+6OaUZk7SNyLPUErQ7R6Mo4ZjbFF0jAkg=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEJrRjRDYWNo\nK2dhb0VuNDV4Rk5laDl4UFpTY3dKTnRoMjArMWpNR01LeDggQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpVQ01tVG1yWTRtcWlrdk1xTTIvenl5\nQTlYZDZrQ2dTR2FWdXBDR1BhNHprCi0tLSBYT1Vla1JxN2phUzNRZnYvUk02bDRi\nRUF5THl2KzdGZ3E3QlQyenYvdmVBCrZxCIBeY6YbfRlEIVfUImqZZQIat67/EEu+\nVCls69buvJgtp4r8OKjmlCLPJToyflGUtYmLy4z25ZbMw4RgbH4=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEpTbVQyMnJ2\nSitWLzNVM3N0OXNJc0xtbXBwMFRzenBEUW9MMGV5emdid0EgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwp4MmlYVnRSNFZxSzRVaEh4c1h3OTRH\nZzlJSjFnc2dwZDRrM2VqWUx2R1pBCi0tLSByUEFkdHZIeEpmMk5oYlBJSlFmTFlB\nMmhTWWhUY01NbXBUL29BWXJKRTdVCocN+X343ftcNGWJOPViVic8nsxJuV3liJzG\nscmpP+Vpn6cp09PaXVpPpbP5y5WQBEabkvL3fX2d/HvJHuqpJZA=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCeVdkUTJ4bmJtYWF0SmlG\nWjJLZUpaOHpUOHl0emQ0UDJ4N1RiL2dtdlE0CjR5UTJieVlnaXFBUldOS2lkMkxD\nTDFIdGo3WFJWOTBZSmx3cTVDNEFkL0UKLS0tIHl1MlhWZFRVZUYwSVVhM3pwU2x4\nakF3em1TYStDbzlsNGRqV1RPNjgrK3cKceHiT2KKklxVN8CkfiBEEMDnISpmL3YW\nlwrac8iXC2COOmixDfp6KB3ulX82HxsifK7aNOZYMwvjdTTz7w+APw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzVzJzNTRGa25sdlM3ZzlW\nMkwreG5VRStNb09xUXNyb240Y2dwMy8wM3hnCk9heUhBUWFoc0pqTzIvU05ucHRr\ndXBVWVBWeEIrRTJkOHhEVWsyK0VjT3MKLS0tIG9nQVR5REVDSHhaa3NrQmhHY25t\ncmM1K216WjRrL2UrUDc0dDlxTytMOWMKEnQUcsq+jA7ONigihb8vEhKZakGrvx4N\n6afNB2/eiTGelhGyP98YelF7w9nZkKMw/563dNuqKGLlr2XX3MRVgA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBweFdsWDFwTGpaRlRLYUha\nclA0bHJuaVIwbzVlZnhGSVExM2hKUjlRR0I4CmpabFpHazFTRXVrUzljeWUrODZv\nTFc2TWNCTE1KU2d0bXd0dmlCTWhPbFUKLS0tIHdjYk9YOGZDT0Y4c0M2dDdra3Bw\nMm4yR3kzZTRuVTgzc3lYWkdXVlE2SmsKZflGZw3XYNbQLopJR4yHstMuWZJIxc7l\npmU3J81Rq9ptKqNtu5L2p5ZjhUHCM98wfGXO4vANvnyP3Jv4jcGdSw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUUkxGUDdOVUZLZTZoY2Q1\nYmFUSTRNYTJ5YVBTc0RuMUtJQmZGeVArNEVVCnp0R1JWT1huMEN4Um9TODMzTEhi\nT0Uwd09RREhrM1lIM1l3L3ovM2FLK2cKLS0tIEZlN1p4S1JzbkRQQVFHaldBanpy\nSjlVODlDSU1UY0RUZVRPSUkrdUJiS1EKr/ypZIqFporggU3vYhUgyx2AQ4KWlK8o\n9X4snFiIJQ6j0VdEXIrwtGmMpS4sqt49B94sAoS6+WHX4qSpJno3+Q==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBleUpOQ3czcmduT0R2Rlhq\ncUpZcmNZRG9YQmJjU01zT1hMaVE2SnRsSzB3CkdPbXo2OHhTY2dTRzdsQVdlYmZk\nampGaTZHVkgyRHZDT2ZUbExKckJTb1kKLS0tIDcwTUVONTVrVVJhMDduZGtOZDY3\nUk1EL1JBNkhDVEpoZVIrUHVrZmdvZVEK1xRyNDW4WI3OEd+9E9cN4hZ3TGzh1CUQ\nblbAmk0VK3fOvnXMvpAT3t/zSZ7aTqlEjNC13R0bkslfFgNxoTU7vg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1yrqpfs0wtaxg9p9058g2gyq7kffjnnqdw26wa4a4uvjqkzvmq5wqvdtgxl" + } + ], + "lastmodified": "2026-05-12T10:35:14Z", + "mac": "ENC[AES256_GCM,data:vmqoohqZFF8wHBCX4bYEFv6jfXTzrJ9baDYYm/ihgr6Dvxxy76ADpGcymr9wt2pzswEFIJ7kc41yLZxYViTeiApL90rCwPuLOnYeaPVc5hBOZihG/nWLQyIy4bXgDz6h6fBTNfaQneXlkgre5ruoysAg9MfFg5vIVnVobJzAqxc=,iv:jqu0gU6dQAL4FabsbHKU+c22oixcNPF0nan6vQjoXqo=,tag:9SXlRIi2T2OuePEUmkjwqQ==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/alasia/tor_tor/hostname/users/kurogeek b/vars/per-machine/alasia/tor_tor/hostname/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/alasia/tor_tor/hostname/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/groups/admins b/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/machines/alasia b/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/machines/alasia new file mode 120000 index 0000000..9f1fd15 --- /dev/null +++ b/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/machines/alasia @@ -0,0 +1 @@ +../../../../../../sops/machines/alasia \ No newline at end of file diff --git a/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/secret b/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/secret new file mode 100644 index 0000000..a44a4aa --- /dev/null +++ b/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:4GylMFZop4QeJIrPk7ysIKrN2rGpYyQca/OotFIzi2fHshmeaTzzzf0BXseehEdAUdoSnAwFLi/esaRib9zAkiQAoMneWCykwCmAJBWpZ8U2NI9pbnkiShsm9HhU926J,iv:Byb6nb4BWgJJjR4OjRIu2XCuRSP+N/69GatdbbSa/+s=,tag:3uBBjnPMFi8Us+HXTf4fqg==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMcjR3REROOW1adDhmMUxG\nQkNqMGxKN29Xa1VWc1cvTEYyekhjNE9uQ2pVCkJ5TW1najRBQjZhbFplSjF2SU4w\nSDdoZHd3ZC84TFpnbzRoL3ZDVGFOQXMKLS0tIEMvZVFzSnJ6azV0Q3ZqWjYxeXNH\nSnpJMkVIOFMrcmZ5aE1BQkRrMGdIV2cKlo2zSE7h5m5fut1dYR+2GfDpkT5eTHHQ\nf5lbn38nx2BcDFI3AIotm3EmZm/yWjT8BUVW9Es4nF6uqyufjSH0Yw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKQk5JZHhHNXQ4T2lWYWMr\nR2VNWDhHNXZHMW04d1BXdzIxS0Q3dUl3VURJCmM4VjhJR0U1Wng3QWxsWjFDdEU5\nVkltYmFzdmd6cVRQU2xrcktVS0NYaE0KLS0tIFMyOFNLenFnNWpJM2VQK1VpSG9D\nc09BbExGNEVWc3YrSGV3eWt2RjFLdW8KORoS6Y+BvJVU/v3xZAqVwsipw8TUO2Za\nKZXnnYzjQikzsrnWwrbUcHgo4EPP5yv9/dU3Bdk/AJLYz8+LMbVtsg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDFDcjF6VE9N\nMkFPRm9zbnU0NVpoSG1NbXJQQWY2RFR2aDZyV1J0MTIvRFkgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQo5ODBTUEVTKzVWei9iSTFzOHY5aHFX\nZTF6U2U2NEpiRU8xYUxlbmpNcGVzCi0tLSBmb1F1Tis1ZlZOTkswNG0wSXJSNEM4\nUjBveVJYWk05dXlZM3pONUExQW1vCg7mtJ9mdDzafY45MfqL0DLTNGd5cXKsl8Ds\n9xHmvj47R1Z3S4bVXyYnMT7S8n++jk/CPo4SEI1hArc/EHl25zU=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGtFZ2xaVi9h\nd0NyTU04dmdCYWVoMXBUZk1lK1d5YjgvN0dRaFdnaFd1VzAgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpqdkNjZFdyZkwzZk1CSEU1aEZ5SVhI\nTGdYNzFVUTExM3BKbWdiZTZ0MGxnCi0tLSBrNFR0UVQ5dGROaHEzZ1JCRjdwWG5U\naGtvcHlQVHBsQkkxNEs5UjZJSG9RClAtZBGV2CAw2txX9cYQgahkOxXdKdH+zQ8/\nxzO9sYTZEzlJWY83INsHinge+CbcFuElJW6q2hPYpvP4qpC6MdY=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIG5HN09vdkF3\nVFVFODZIbDNDT04rZ1VQODZhNE1kcTB0Z0taaGJWY21TQ2sgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpkRHd0R1crUE5hbHB3WnAxd0dQQnNn\nbjFoazdUMGwveXFmeGIwMmlyS0RjCi0tLSA3YzNndkhlMmhuZGpPcVBxYWcrTDMw\nOWI5UDhOKzByRVhXWGQ2UnlLOTYwChfp53nGgeT8KzrjjXGt+qtPWVqzsNlkyQxB\n/zNKo5LKcv5U2v1tVBEeNjSGQey2oL2hH/cYCLpwMngqZU4sJt0=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNc0c1Qmc3VFl0QlR5d1Nv\nakhVNUt4SzRaYjJTU0VlVGErZmpSbnV4NVhJCjRjYjkwSjFNcFhlaWhwWW5wakNZ\nRnBuUTFkNVRZRmUzQUQzY1NJTzFUa2sKLS0tIFdxNzNqY2g1WjUxVkJQYkM0REtT\ndkJQOXhTQXZMaVdmajVOV3p1S0RrWk0K/RJdNXfMdlstes32g2kTakDYfbG6MC0V\nF/IbRIOLah1BKaY3FXE4uJlGgbb/2cTh/kamQxk8oneegb9vmySAow==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVWlNPWjUxYWxGN3NIZWM3\nY3ZTYUlUaE95UzB4MGF3cjRuWW1nVklySncwCkd2MEYyN3R3Nlp3akNORGhwRVpo\nc0p3Q3VqWUVJRDk1eUpoT29uQ09pNmcKLS0tIEh6Vk5oQ25UbkZNc1dNMlRBZWdE\neVVDdW45Y2dyUW54bVZMaXRzSFJUOFUKBIC3Pe9i4C4Z/PnWgDT3Ryb9tdmKTtu9\n9pntUL9pTQbymgBsPbGMJjvKSVvjqm9ODNp5yMqQFsHS9OwYRUEYSw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBYXhFTDNodE9xWjExWjhD\nZnFBa3UxZ2ZQVElMcVc3djRkT1czQjBLN0ZvCmlscVU0bGQ1RmtXc0pqSmZCZkNr\nUnUwU0c3Z0NZR1BMUnNmZUNZclc3eFkKLS0tIGg0b3NGOHQ3blVFWFVKK2xtTEFv\nbkxGYkJLUVRpdDAyd1dJbDJac3NnZ1EKPodYbGcn5qlWTEqZg+oBQMRLk6FLHpe1\nIS41wjqWv+pt2d/pPpkmTt8UU4oyL/mwkUhViAkIpnoIzlBlLR+8sA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5QU85V2xVcEZhMkorSFBN\nSnFwNXJOL0lFV0sxclVtaGlhK2crWWxhRmpjCjZwU1ZjMWZpWWlPUEdnOVIwVkt5\nYmRWUkJSN1RiRTZSQ0N1aGlJWkFrYmcKLS0tIGlwMERid0Z1UXRHbkJMMGVVWjA3\nb0VIbFdwaGU5NSt0MUtLOXhQZ1E2ZHMKtE9wWV9hismtjoIFusPaNolKzolvo74M\nPbLqULV1EQUxZkMGCu9Lyt3iOtJJ6X3ilBg8eTHuucqKeXiG5UDEbA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXd050TjY3K3Z4Ky81eGYy\nUy85UTZab2FQYjRRZ1c3d2ZXcEdFcml3TUY0ClRydEI5YUNOb1Z2WFV3bnRCSjUz\na0tFakhsUWNIc052c3NqZmNsVFBIKzAKLS0tIHM3dW9KOG9HbjdoQmNFWjBXVWRB\nd0VhZ2Y4NjVmTVB4S05VN1VsWDFKckkKvu9SW/u4j0EE5AigImrLE5qOxES0mYqM\n1PIHVZ29n8tToa0v/29fv25MtBeqxbmA5IgyH46RT4rn0+iqDuFxgA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1yrqpfs0wtaxg9p9058g2gyq7kffjnnqdw26wa4a4uvjqkzvmq5wqvdtgxl" + } + ], + "lastmodified": "2026-05-12T10:35:58Z", + "mac": "ENC[AES256_GCM,data:xN2JDsR9lof6mUGOBQDGYXYUXZcbQ6kaCB/gy6h1pBIjbQ3lamYz2RkI9qD6ZLF+3LOQ8lNdG82YNNo92BHe+eSiZqNne0bQuzIKUK1iXp8iu8VOe7dl5vK2gGyssTttcp3OidOUoVBe1xPyvl9T76jgrKS4F1lsWM8OsfxMEnU=,iv:yKEo7XF4tzyVtPjmDVF4jEuObKokILFeJOu66DxKaSs=,tag:uU0/5dJGNckGQvxjpoFgNg==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/users/kurogeek b/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/alasia/tor_tor/hs_ed25519_secret_key/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/alasia/user-password-root/user-password-hash/groups/admins b/vars/per-machine/alasia/user-password-root/user-password-hash/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/alasia/user-password-root/user-password-hash/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/alasia/user-password-root/user-password-hash/machines/alasia b/vars/per-machine/alasia/user-password-root/user-password-hash/machines/alasia new file mode 120000 index 0000000..9f1fd15 --- /dev/null +++ b/vars/per-machine/alasia/user-password-root/user-password-hash/machines/alasia @@ -0,0 +1 @@ +../../../../../../sops/machines/alasia \ No newline at end of file diff --git a/vars/per-machine/alasia/user-password-root/user-password-hash/secret b/vars/per-machine/alasia/user-password-root/user-password-hash/secret new file mode 100644 index 0000000..180cf91 --- /dev/null +++ b/vars/per-machine/alasia/user-password-root/user-password-hash/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:XQJ25yrN1L1rKYVerBwF4w6fdTZfN7u0+cRiWr2QpU6Ea+MwLbNKxnaSzULSFPGa9L7V7hTQbmiZY/6PmSdpZHsy4LiDqEJt49ely91hCDebgJCoswbJ8Hj7IR9urtpv8tH2k3xSj/kK6w==,iv:92rt2MI1RCR4p0y5/sfSm+QhexEIYCbW36j7ciirRyc=,tag:y82QX/b6uCTgAuQ4mx+2nQ==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTYUtCMzlJNCtsb2lLVmxz\nMER6dkJSVktwb1N0Nk5rWHIvVWE2UGFnUTJNClk2UElyNkJpQzdmaVRlR0gwU0VE\nZTUrbXRvZkVkbU83bHhWQm8vK3Q0d2sKLS0tIGtpUXNoZFMxY0gwUnJZQjYyMjJY\nOWFoL0pSUjhXWUxyKzdTYVJHWUJmNlkKHLOLwmnr6KwPSYpwZK+TTxtueusXFOS0\nySppX8et+Ab4mqQKgrG18emFtd02CSziKsoNHEGljDx6XtWQ6Ux3TA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVVUh2TDhRT2V2V0tIOUJy\nTlJqNVVmOHpLazMrcGVQdnR3UjhSUE5yTjE4Ck9QRGs4ajkybEc5eTNqSVhIdFhy\nZkxudVh0OHBsZ29iSDZBZEJWS3Y5NlkKLS0tIDkyVEs1VCtidW5HdkdpMkh6SkRX\nMlh0L3RjUjkzalZwNStKT251Q3VmdmsK6N1crVvytcWNdyKlsj1HZDupbGP0GgXN\nBbPefbyi3GM5pnd6ZLzxawXyrr0oGZ4cVw7ah6MjChJfTmptqHjGVQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHVTVzFUeWFT\nbW9tKzZLWklPZFdWeng2bTNNU08yOUJlSHJ5cmZENGlPWEEgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpjemMwNmFUWUY4aUJSanVnRDN0Q3ZT\nYURYL3M5UHpNUlBNbmlDbERnYkF3Ci0tLSAvN0NUc0xFcjJDeGFNWUZZei9NRy8v\ncEpsYTBkNzBWRVN3YWpYaEdFTDVvCnGQLnlrPg0rAA4E2gFA5iA6LW6JBIeg+xPW\nRNj7lpnLQyKmfwfpQVFWSTGrBTwjuWXpbTfpG88oftOjCkbmoPQ=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDhBaW5IS08r\nbGFGdE5WQ1NKaE94K3hvb1E4UU5XaTQwRDNEamlsVWhoeGMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpmbXNrbWVSNlpTaTNjTDNoaXlra3l2\nRDNPdnRKREtCS3NDaUtPR29LSVRjCi0tLSBPMzVKV3c1d1oyUG93dHVEMlUxT1Yv\nN3RhZHVnbnBqV0xPc2dybU5rOUFBCgqrhlbdYCsmQiX/BOvOXHc5UdZL5DwLK+uv\nKNlPH0jJvTIBq6oM/9n4Y5mN/ZRIQq+Qm/qHT1mjplpNJMyqzlk=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEFGbWxWVWhY\nMlhXTUx5akNsU3lsS0pHNWdtMjRPZFpVUEQyY25JNXJQQzggQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwphdGRranp0QTdwZ2VIUVhSSHBkbW55\nTU5qSVBONnlxNmxoOWgvZm05ekR3Ci0tLSBlZjRhYStNbG1SWVhsTkMrUm9qTnJE\nTlROTFpsekJ0Q2NPWEVGUTgrbG9vCo/SbOuqmXVp2FLcEQ8v2PQIn2DcZxoZ3lv2\n3CAeS1AawjIMPH7wJ/3d7Q0mtLR13bXwkBZdBWazOalyjdJFD74=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoYm9SQnZKc3ZvS2hCeUIv\nTGFxVGxzR0lSZ2hsS0FHN2dsR2V6WXhqSlFRClZHY1l6VmtZaWFUeUhHRjlkOVZO\neFpjeXFWbG1JRytHQis4U1haa05rWTQKLS0tIFhEdEFJSVc5dTJhM3F3VVh1RTk2\nRHo4VWt0akRMKzZrNkVyQUpNNmdMQzQKuYPsz7JtuQkC9/QvtPWCSgCBkPAm87i0\nWNb5nDlXNPtEKYdGnYNQT+A0nj18O4AFPhogkaYMHAeXj+w6Iyzdkw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFMDhJOUxMbFErQ1doKzRk\nc3RPWEZpTGNDdG9XTUV0UlRubDJCcnZFSHp3ClpVQXVKdExVdG0xdlZ4bW9ic0lo\nMjhTeE5QR1VaejdwSDZCL1A0V2o1ekkKLS0tIEdDWFplS285cm1TdEhkbXRoeSth\nL2FPTjlwV3djWUhuc0VWTzFkSWFPVlkKp1gftzO8AFa8OoqWTIQFDluuHFMBqRLq\nC2aOm9A5t+Eu9FZsDimC8JwopuZT9RudOQ0BrNcEqk1oyQLVsh2F3w==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJU2c4T3JrOVN0RmN3VzZH\nMUM2KzgxTGRtQ3JyQWhnYXRUWVJUT3FiTWdjCkhGMG5FMWFoUTV5ME1xY0tQMFVG\nZjFabUMyM1R0N2NTRmFKUXNLeUM1SGsKLS0tIHVVQUZpUVo4dUJHUkorRHJkaFkv\nVUIyanJzTmwrRUp1R0tNS0xxRmMwc2MKwFuJuNOu6x7U0FcmmME0FJdZF4tMvJOZ\nMj61QM4u8GYxL6mxFpsBlB3WrLTT407azDFF6EeOuMtRbGSPtH9EBg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2cW9aaHFNc29xaFNVYmFN\nVk5zd1Bsc0pNN01Xc2dxRWRTTGQxWU82SmwwClB2bWNOS3lCVUdVNjlrWUJiU0tp\ndnAwQTBxd3J4aHMzd2hmL3R4TVplMGsKLS0tIHMzWXBGczdlSUhreWtUUzBRMmJm\nRGxXbllKV0REcXFoaDcxMW0vdDVqcVkK5Ypv0wYaugqrh4U7rxmAq+el/M+UEC9b\ne5MQCB3sd8vVsjUZsQEO8KixN6Iuijn6WLwfnxjgdoot9i7n0qhuZw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFaWhsT1FhdVljZ2kremhh\nRG44VGh1WDlWTWl2K1loR3J6K0VIaU1jWEg4CkRyeHJzRHQxRXJIOWZjb3YyZzRJ\nSjM3THRlTVRJR3RPbGdGcFFqODVXTDAKLS0tIGthWlZGSXN6NmR3dzBvMmhIbUVk\nbmdFb2VXclFJQjNETXFtT1JmaHd0TE0KTzqcdG+jhSiMGl53ZOgdekiOdAncB3Hw\nyOKnN1WaahKfz+WBVcB2Mf276KotJf4uUXxb3xD4/+DFQO5BhpkaJA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1yrqpfs0wtaxg9p9058g2gyq7kffjnnqdw26wa4a4uvjqkzvmq5wqvdtgxl" + } + ], + "lastmodified": "2026-05-12T10:37:45Z", + "mac": "ENC[AES256_GCM,data:q5bKeyrYTJiQJRZvnXuP783QDqmDtgptiIU8FFfl7d+72hHTx5fTN5rSA36rcygRckC1Nt5zHYTHMqGS9Ls82z6seiONhMyYgC6AJAWS7gDLemSMvKCGGNQthA5FCX4Rgpau1whrBEWr8GZnZNmuWkODKp3iasimsRX4OT9Uf5g=,iv:u1uFom8SD8aUMEjQKiJ6Oe6d5OF/uC9O4hJMiLbdCEw=,tag:Qu2vSf0rN3H9xqVfZhzi0A==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/alasia/user-password-root/user-password-hash/users/kurogeek b/vars/per-machine/alasia/user-password-root/user-password-hash/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/alasia/user-password-root/user-password-hash/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/alasia/user-password-root/user-password/groups/admins b/vars/per-machine/alasia/user-password-root/user-password/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/alasia/user-password-root/user-password/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/alasia/user-password-root/user-password/secret b/vars/per-machine/alasia/user-password-root/user-password/secret new file mode 100644 index 0000000..8a34b3a --- /dev/null +++ b/vars/per-machine/alasia/user-password-root/user-password/secret @@ -0,0 +1,46 @@ +{ + "data": "ENC[AES256_GCM,data:rMkCWzTss5IorJP/oVcktBeZhT+JOCg=,iv:nLmvQR9CDw+D41Spmq6/u5467ijuBu+itkPYw8kxqxU=,tag:w7pwZuGf72XzGr8DKAWBNw==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvUVBmUzhlY0xMdnJneXRp\nckdzVm1HTmpGVDlLa2plR0NNU2JqaGVBcm5FCkYyOVNCTXRScThVZTJ6UHg1eG5B\nc0Y1U3c3WmY0dmxtTDRIaEh4L3NwK0EKLS0tIGRCdURHb2dqbnRGRWdZaG45ajFV\nYWlxendJQnhHRndldytVbXZBRjVaSEkKrIEF2IAw97o/XTY544l4bI398Un48i2C\nMKhNqRP2PfrljGR+g2L2tfb1tbqvcZ8T02csWnOwnr5hMGmwlTcVaQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtMC9iQThxcmFCRGdwS1ZH\nNWRyUnVGNzdUNFBrNXpKVElDQk1YY21yUVc4CkdGNDdDWkltVmZweDRZTHRLYWsz\naWdhd3ZHUzYyczcwZ1VhK2RHYWE3elkKLS0tIERidGtadDdvYWJYaTJtMVZYUVYx\nenUzZUk1NkpiWDVMRkE3bGdPcm5nVkUKOPi1gpMKE8kyzcjn9pgehdOWhUOXaVzG\nwvCMtLghB5V6vC+jfHVL8Joy3JR2Zyii1m1BXFjfJmC6UAHrHeWfNg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIE13MzlKMlFF\nUUcreG8rRHdpNlBBcnRXcTdxL0hneHVmNEhYVE1BSTcwVDAgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpXYlBXc1Z4aTRWVm41REozME41Um00\nd0FFQndRTkhkRkZ6WnUyckNIUXRBCi0tLSBHVThWTmhmZm5kNmRwZnJ4L2ZkWWNt\ndERqUlRSSTN5QTRrNEJ3VkgvQXFBCk3LqmND1kE6iLXYaLrig3aK1iuYVQWMDWdA\nuuogNy8aE+7FBp26qUkR8XS72okYMUIbttok7K6ClK7T60XojF0=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIElzZWxubHkr\naHVDZlBQaVdhSmYyd1h5M3IvZ2lBZ3JKZ0FMa3R4VG1reWsgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpXSkVjQUhUZGZIT2NvR29FQ0NxRGZD\nL3BmS2c4Y043WTlnVHZLUVI1UkZJCi0tLSBHTmtJTHhqWCticFcyMzlwSHFjZlE1\nK0JEMTBvQStWOVlmN2dEN09nbEJJCsT/ErHUzHm6GhSzV067le7ToQAGfllmiPEP\nygM2QhRNDFg5VLUHtDHRplaWaLOWzinsU7Gnh/BrY0+hirSxyOs=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGpUcCt4d3lJ\ncExjS1QyWlIxZitBK2E3NUZILy95cVdmSHR2SzVwK0RyUkEgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpDUldzK2FPRGpGT2Q4akw2UW5YamUr\nNmxqN0xwc281NHJTMHlLclNqc2s4Ci0tLSBqakdHOUd6akREV1AyQ0pSTmhtaXVE\nWkFYZmpYZHFvb0FTSmp6TytoMkl3Cidbk6yq6HtfbS9o9n/XhosfRknfigBd42KD\nMciR0ZK6q41ktEd36w11nuWsIySyOyuDWP4bti+lTBxq/H9YmDw=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6TC9kT09JYy8wYm5DMUta\nTE90aFhpUVNzQTRLYkhJbE1FR3VVb0pEdlVNCnhhb2J4MStRQW9PM0l0c1AvdDZR\nVkZsKzJhT1RIeVVxVmk3UWtYRk4rRVUKLS0tIGMrMmxmUWJsUE1DVEg0L2tNT1dw\nMzVnb2pwbzBDbVhFVVN0V1JHMFlBYUUKIHOh40bgPepVun57ztXejay/rCUUB6Eb\nPnUyyM/1J8BaUVh/qJDt8KYftJ2MUKiLgI/0bu/GodbWxeq6HrTBVw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0Ym1weEo1a0MybDRtazhr\nR1FobUdqcTdNWkNzZFRhck4zMmE0alFQSmdjCjllREJoVWNKVVJ0aG55bjI2UWk1\nRlRHbitzZURDeWlWZVE1QThtNWl4Mm8KLS0tIDFjQTJSV2ZTdktBNHBlVDFSZW9t\nQ3ZIbWdCdXdrcGNTOTJtSVBCMVlIRVEK+6ivcXkQWbluG1fndslIq02q9t0EyAME\nWPEwqzSA9WQ/8SLNa6t8oBaX1Yw0FSoDvuD90scJX7t3ZlFQiVPNJw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNbjdaRnhiWFdSdjRzMDli\nemFYUHl1bXBYSEtaNm4rQTJBNWxsTzkwT1gwCnBEVC9kc2NFZmVsSUd0QnkwZmJH\nNjNKMktNOTgvNUNSMTVqeFlIZmtlYlUKLS0tIFR4VnJIdUxtcDBOYWJnbTFMSy93\ncjIvcGNvSk1YMEd6WnB6SER4TjF5eHcKsKSY5IX2jQUGTXV0ly4UUGpBVqecAGxE\nB0T01JA+XnXoogtxoB04INKg01eFEtD36MxGP/9vjvqER86fydFXIA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYL0J3RHZwNEJ1ckxHSzIr\ndy9KQ0daVFN5cW9aSUxWRjFYeTdQdldGZHdNCk9ock1QeURzd0V6NjN4dVZkSjl4\namVmNXdra0lzT2RlUEVZOXM1SDFCZVUKLS0tIFVtL2t1bGFRM1dmRHUvdHpTN0tC\nL0JNS1BnTFBEck1UaG1LaDVNOXdTU1kKOeno+PxBHEBz4k1I784t96xgyU4bqi0t\nBtWRmeCs7FhIobkjoQAUHAVy2edlOOC0nlVYmtw8y/iG2UeDz/Qe0Q==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + } + ], + "lastmodified": "2026-05-12T10:37:01Z", + "mac": "ENC[AES256_GCM,data:JIEy5ZlviCTekCCWPKdwsAU2w56rxFY/pJqHZdxoAKB09k2MPlcHyvTeI95uoqnQIsmCqVgBXjjZTpP2aCoGwpBlGyJBBy5zGENVGFu3HNfXKAdy5k4C/Ezheidf9TS30YENrPfGU/SYzOdS8LXHl0B39go6ktx5GFTSDwMb/ss=,iv:aDc/5ee9kJNiu2Vpy09YzqCY+UyEshrD8OzHz+u0H7E=,tag:5bMFANLE1QMB3H66jUTz4A==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/alasia/user-password-root/user-password/users/kurogeek b/vars/per-machine/alasia/user-password-root/user-password/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/alasia/user-password-root/user-password/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file