diff --git a/flake.nix b/flake.nix index 4afb27a..7a11f24 100644 --- a/flake.nix +++ b/flake.nix @@ -41,6 +41,8 @@ ./fmt.nix ./shell.nix + ./overlays + ./modules/nixos ./machines ./routers ./inventories diff --git a/machines/default.nix b/machines/default.nix index 3ae0f23..c8da58a 100644 --- a/machines/default.nix +++ b/machines/default.nix @@ -1,4 +1,8 @@ -{ inputs, self, ... }: +{ + inputs, + self, + ... +}: { imports = [ inputs.clan-core.flakeModules.default diff --git a/machines/rigel/configuration.nix b/machines/rigel/configuration.nix index b820028..39e7419 100644 --- a/machines/rigel/configuration.nix +++ b/machines/rigel/configuration.nix @@ -1,4 +1,9 @@ -{ config, ... }: +{ + inputs, + config, + pkgs, + ... +}: { imports = [ (import ../../lib/auto-accept-zerotier-members.nix { @@ -8,8 +13,54 @@ "2bd36db8cc" # kurogeek-thinkpad ]; }) + + inputs.self.nixosModules.inventree ]; + nixpkgs.overlays = [ + inputs.self.overlays.default + ]; + + clan.core.vars.generators.inventree = { + files = { + secret-key = { + owner = "inventree"; + group = "inventree"; + secret = true; + }; + oidc-key = { + owner = "inventree"; + group = "inventree"; + secret = true; + }; + admin-password = { + owner = "inventree"; + group = "inventree"; + secret = true; + }; + }; + runtimeInputs = [ + pkgs.pwgen + pkgs.xkcdpass + ]; + script = '' + pwgen -s 32 1 > $out/secret-key + pwgen -s 32 1 > $out/oidc-key + xkcdpass --numwords 4 --delimiter - --count 1 | tr -d "\n" > "$out"/admin-password + ''; + }; + + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.inventree = { + enable = true; + hostName = "rigel.local"; + config.site_url = "http://${config.services.inventree.hostName}"; + secretKeyFile = config.clan.core.vars.generators.inventree.files.secret-key.path; + config.oidc_private_key_file = config.clan.core.vars.generators.inventree.files.oidc-key.path; + config.adminPasswordFile = config.clan.core.vars.generators.inventree.files.admin-password.path; + }; + system.stateVersion = "25.11"; clan.core.sops.defaultGroups = [ "admins" ]; clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]"; diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix new file mode 100644 index 0000000..26161e3 --- /dev/null +++ b/modules/nixos/default.nix @@ -0,0 +1,5 @@ +{ + flake.nixosModules = { + inventree = import ../nixos/inventree; + }; +} diff --git a/modules/nixos/inventree/default.nix b/modules/nixos/inventree/default.nix new file mode 100644 index 0000000..109fe44 --- /dev/null +++ b/modules/nixos/inventree/default.nix @@ -0,0 +1,386 @@ +{ + lib, + config, + pkgs, + ... +}: +let + inherit (lib) + mkEnableOption + mkOption + types + mkIf + ; + + configFormat = pkgs.formats.json { }; + cfg = config.services.inventree; + pkg = cfg.package; + configFile = "${cfg.dataDir}/config.json"; + + inventree-invoke = pkgs.writeShellApplication { + name = "inventree-invoke"; + text = '' + export INVENTREE_CONFIG_FILE=${configFile} + export INVENTREE_SECRET_KEY_FILE=${cfg.secretKeyFile} + export PYTHONPATH=${pkg.pythonPath} + + exec -a "$0" ${pkgs.python3Packages.invoke}/bin/invoke -r ${cfg.package}/opt/inventree "$@" + ''; + }; +in +{ + options.services.inventree = { + enable = mkEnableOption "InvenTree parts manager"; + + package = lib.mkOption { + type = types.package; + default = pkgs.inventree; + description = '' + InvenTree package to use + ''; + }; + + hostName = mkOption { + type = types.str; + description = "FQDN for the InvenTree instance."; + }; + + dataDir = mkOption { + type = types.path; + default = "/var/lib/inventree"; + example = "/var/lib/inventree"; + description = '' + The default path for all inventree data. + ''; + }; + + secretKeyFile = mkOption { + type = types.path; + default = "${cfg.dataDir}/secret_key.txt"; + description = '' + Path to a file containing the secret key + ''; + }; + + config = mkOption { + type = types.submodule ({ + freeformType = configFormat.type; + options = { + adminUser = mkOption { + type = types.str; + default = "admin"; + }; + adminPasswordFile = mkOption { + type = types.path; + description = "Path to password file for user `admin`"; + }; + site_url = mkOption { + type = types.str; + default = "https://${cfg.hostName}"; + }; + static_root = mkOption { + type = types.path; + default = "${cfg.dataDir}/static"; + description = '' + Static file storage + ''; + }; + media_root = mkOption { + type = types.path; + default = "${cfg.dataDir}/media_root"; + description = "Media root directory"; + }; + backup_dir = mkOption { + type = types.path; + default = "${cfg.dataDir}/backups"; + description = "Backup directory"; + }; + oidc_private_key_file = mkOption { + type = types.path; + default = "${cfg.dataDir}/oidc.key"; + }; + }; + }); + default = { }; + description = '' + Config options, see https://docs.inventree.org/en/stable/start/config/ + for details + ''; + }; + + serverStartTimeout = mkOption { + type = types.str; + default = "10min"; + description = '' + TimeoutStartSec for the server systemd service. + See https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#TimeoutStartSec= + for more details + ''; + }; + + serverStopTimeout = mkOption { + type = types.str; + default = "5min"; + description = '' + TimeoutStopSec for the server systemd service. + See https://www.freedesktop.org/software/systemd/man/latest/systemd.service.html#TimeoutStopSec= + for more details + ''; + }; + + }; + + config = mkIf cfg.enable { + environment.systemPackages = [ inventree-invoke ]; + + systemd.tmpfiles.rules = ( + map (dir: "d ${dir} 0755 inventree inventree") [ + "${cfg.dataDir}" + "${cfg.dataDir}/static" + "${cfg.dataDir}/media_root" + "${cfg.dataDir}/backups" + ] + ); + + services.inventree.config = { + plugins_enabled = false; + plugin_file = "${cfg.dataDir}/plugins.txt"; + plugin_dir = "${cfg.dataDir}/plugins"; + database = { + ENGINE = "postgresql"; + NAME = "inventree"; + HOST = "/run/postgresql"; + }; + }; + + services.postgresql = { + enable = true; + ensureDatabases = [ "inventree" ]; + ensureUsers = [ + { + name = "inventree"; + ensureDBOwnership = true; + } + ]; + }; + + users.users.inventree = { + group = "inventree"; + isSystemUser = true; + description = "InvenTree daemon user"; + }; + + users.groups.inventree = { }; + + services.nginx.enable = true; + + services.nginx.virtualHosts.${cfg.hostName} = { + locations = + let + unixPath = config.systemd.sockets.inventree-gunicorn.socketConfig.ListenStream; + in + { + "/" = { + extraConfig = '' + client_max_body_size 100M; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + ''; + proxyPass = "http://unix:${unixPath}"; + }; + "/static/" = { + alias = "${cfg.config.static_root}/"; + extraConfig = '' + expires 30d; + ''; + }; + "/media/" = { + alias = "${cfg.config.media_root}/"; + extraConfig = '' + auth_request /auth; + ''; + }; + "/auth" = { + extraConfig = '' + internal; + ''; + proxyPass = "http://unix:${unixPath}:/auth/"; + }; + }; + }; + + systemd.targets.inventree = { + description = "Target for all InvenTree services"; + wantedBy = [ "multi-user.target" ]; + wants = [ "network-online.target" ]; + after = [ "network-online.target" ]; + }; + + systemd.services.inventree-config = { + description = "Inventree config generation"; + wantedBy = [ "inventree.target" ]; + partOf = [ "inventree.target" ]; + before = [ + "inventree-static.service" + "inventree-gunicorn.service" + "inventree-qcluster.service" + ]; + serviceConfig = { + # User = "root"; + # Group = "root"; + User = "inventree"; + Group = "inventree"; + Type = "oneshot"; + RemainAfterExit = true; + PrivateTmp = true; + }; + environment = { + INVENTREE_CONFIG_FILE = configFile; + INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile; + INVENTREE_AUTO_UPDATE = "1"; + INVENTREE_PLUGINS_ENABLED = "1"; + INVENTREE_PLUGIN_NOINSTALL = "1"; + INVENTREE_STATIC_ROOT = cfg.config.static_root; + INVENTREE_MEDIA_ROOT = cfg.config.media_root; + INVENTREE_BACKUP_DIR = cfg.config.backup_dir; + INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file; + INVENTREE_DB_ENGINE = cfg.config.database.ENGINE; + INVENTREE_DB_NAME = cfg.config.database.NAME; + INVENTREE_DB_HOST = cfg.config.database.HOST; + INVENTREE_DB_USER = "inventree"; + INVENTREE_ADMIN_USER = cfg.config.adminUser; + INVENTREE_ADMIN_PASSWORD_FILE = cfg.config.adminPasswordFile; + + INVENTREE_SITE_URL = cfg.config.site_url; + + PYTHONPATH = pkg.pythonPath; + }; + script = '' + set -euo pipefail + + umask u=rwx,g=,o= + + # chown inventree:inventree ${configFile} + + ${pkg}/opt/inventree/src/backend/InvenTree/manage.py migrate + ''; + }; + + systemd.services.inventree-static = { + description = "InvenTree static migration"; + wantedBy = [ "inventree.target" ]; + partOf = [ "inventree.target" ]; + before = [ "inventree-gunicorn.service" ]; + environment = { + INVENTREE_CONFIG_FILE = configFile; + INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile; + INVENTREE_AUTO_UPDATE = "1"; + INVENTREE_PLUGINS_ENABLED = "1"; + INVENTREE_PLUGIN_NOINSTALL = "1"; + INVENTREE_STATIC_ROOT = cfg.config.static_root; + INVENTREE_MEDIA_ROOT = cfg.config.media_root; + INVENTREE_BACKUP_DIR = cfg.config.backup_dir; + INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file; + INVENTREE_DB_ENGINE = cfg.config.database.ENGINE; + INVENTREE_DB_NAME = cfg.config.database.NAME; + INVENTREE_DB_HOST = cfg.config.database.HOST; + INVENTREE_DB_USER = "inventree"; + INVENTREE_ADMIN_USER = cfg.config.adminUser; + INVENTREE_ADMIN_PASSWORD_FILE = cfg.config.adminPasswordFile; + INVENTREE_SITE_URL = cfg.config.site_url; + + PYTHONPATH = pkg.pythonPath; + }; + serviceConfig = { + User = "inventree"; + Group = "inventree"; + StateDirectory = "inventree"; + #RuntimeDirectory = "inventree"; + PrivateTmp = true; + ExecStart = '' + ${pkg}/opt/inventree/src/backend/InvenTree/manage.py collectstatic --no-input + ''; + }; + }; + + systemd.services.inventree-gunicorn = { + description = "InvenTree Gunicorn server"; + requiredBy = [ "inventree.target" ]; + partOf = [ "inventree.target" ]; + #wantedBy = [ "inventree.target" ]; + environment = { + INVENTREE_CONFIG_FILE = configFile; + INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile; + INVENTREE_AUTO_UPDATE = "1"; + INVENTREE_PLUGINS_ENABLED = "1"; + INVENTREE_PLUGIN_NOINSTALL = "1"; + INVENTREE_STATIC_ROOT = cfg.config.static_root; + INVENTREE_MEDIA_ROOT = cfg.config.media_root; + INVENTREE_BACKUP_DIR = cfg.config.backup_dir; + INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file; + INVENTREE_DB_ENGINE = cfg.config.database.ENGINE; + INVENTREE_DB_NAME = cfg.config.database.NAME; + INVENTREE_DB_HOST = cfg.config.database.HOST; + INVENTREE_DB_USER = "inventree"; + INVENTREE_ADMIN_USER = cfg.config.adminUser; + INVENTREE_ADMIN_PASSWORD_FILE = cfg.config.adminPasswordFile; + INVENTREE_SITE_URL = cfg.config.site_url; + + PYTHONPATH = pkg.pythonPath; + }; + serviceConfig = { + User = "inventree"; + Group = "inventree"; + StateDirectory = "inventree"; + #RuntimeDirectory = "inventree"; + PrivateTmp = true; + ExecStart = '' + ${pkg.gunicorn}/bin/gunicorn InvenTree.wsgi \ + --pythonpath ${pkg}/opt/inventree/src/backend/InvenTree + ''; + }; + }; + + systemd.sockets.inventree-gunicorn = { + wantedBy = [ "sockets.target" ]; + partOf = [ "inventree.target" ]; + socketConfig.ListenStream = "/run/inventree/gunicorn.socket"; + }; + + systemd.services.inventree-qcluster = { + description = "InvenTree qcluster server"; + requiredBy = [ "inventree.target" ]; + wantedBy = [ "inventree.target" ]; + partOf = [ "inventree.target" ]; + environment = { + INVENTREE_CONFIG_FILE = configFile; + INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile; + INVENTREE_AUTO_UPDATE = "1"; + INVENTREE_PLUGINS_ENABLED = "0"; + INVENTREE_PLUGIN_NOINSTALL = "1"; + INVENTREE_STATIC_ROOT = cfg.config.static_root; + INVENTREE_MEDIA_ROOT = cfg.config.media_root; + INVENTREE_BACKUP_DIR = cfg.config.backup_dir; + INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file; + INVENTREE_DB_ENGINE = cfg.config.database.ENGINE; + INVENTREE_DB_NAME = cfg.config.database.NAME; + INVENTREE_DB_HOST = cfg.config.database.HOST; + INVENTREE_DB_USER = "inventree"; + INVENTREE_ADMIN_USER = cfg.config.adminUser; + INVENTREE_ADMIN_PASSWORD_FILE = cfg.config.adminPasswordFile; + INVENTREE_SITE_URL = cfg.config.site_url; + + PYTHONPATH = pkg.pythonPath; + }; + serviceConfig = { + User = "inventree"; + Group = "inventree"; + StateDirectory = "inventree"; + #RuntimeDirectory = "inventree"; + PrivateTmp = true; + ExecStart = '' + ${pkg}/opt/inventree/src/backend/InvenTree/manage.py qcluster + ''; + }; + }; + }; +} diff --git a/overlays/default.nix b/overlays/default.nix new file mode 100644 index 0000000..fa889b9 --- /dev/null +++ b/overlays/default.nix @@ -0,0 +1,7 @@ +{ inputs, ... }: +{ + flake.overlays = { + default = final: prev: import (../pkgs/overlay.nix) inputs final prev; + }; + +} diff --git a/pkgs/inventree/default.nix b/pkgs/inventree/default.nix new file mode 100644 index 0000000..ed72652 --- /dev/null +++ b/pkgs/inventree/default.nix @@ -0,0 +1,145 @@ +{ + stdenvNoCC, + python3, + fetchFromGitHub, + fetchYarnDeps, + yarnConfigHook, + nodejs, +}: +let + version = "unstable-2025-05-09"; + + src = fetchFromGitHub { + owner = "inventree"; + repo = "InvenTree"; + rev = "e0acfaa762da0dd7b2822b567202210ca8b7dbd3"; + hash = "sha256-K+cqErDUmgPO7625P3jp7+7BOYEfyJ1nElae6RlJvvI="; + }; + + frontend = stdenvNoCC.mkDerivation { + name = "inventree-frontend"; + inherit version src; + + yarnOfflineCache = fetchYarnDeps { + yarnLock = "${src}/src/frontend/yarn.lock"; + hash = "sha256-KpWuYCrkGN+4UnwV1STEbTL0FWcLZ7Wq8a8ST55OpGM="; + }; + + nativeBuildInputs = [ + yarnConfigHook + nodejs + ]; + + patchPhase = '' + runHook prePatch + cd src/frontend + runHook postPatch + ''; + + buildPhase = '' + echo "Running lingui" + ./node_modules/.bin/lingui compile --typescript + echo building lib + ./node_modules/.bin/tsc --p ./tsconfig.lib.json + ./node_modules/.bin/vite --config vite.lib.config.ts build + echo "Running tsc" + ./node_modules/.bin/tsc + echo "Running vite" + ./node_modules/.bin/vite build --emptyOutDir --outDir $out + ''; + }; + +in +python3.pkgs.buildPythonApplication rec { + pname = "InvenTree"; + inherit version src; + + format = "other"; + + dependencies = with python3.pkgs; [ + coreapi + cryptography + distutils + dj-rest-auth + django_4 + django-allauth + django-allauth.optional-dependencies.openid + django-allauth.optional-dependencies.mfa + django-allauth.optional-dependencies.socialaccount + django-cleanup + django-cors-headers + django-dbbackup + django-error-report-2 + django-filter + django-flags + django-formtools + django-ical + django-js-asset + django-maintenance-mode + django-markdownify + django-money + django-mptt + django-redis + django-oauth-toolkit + django-otp + django-q-sentry + django-q2 + django-redis + django-sesame + django-sql-utils + django-structlog + django-stdimage + django-taggit + django-user-sessions + django-weasyprint + djangorestframework + djangorestframework-simplejwt + djangorestframework-simplejwt.optional-dependencies.crypto + django-xforwardedfor-middleware + drf-spectacular + dulwich + feedparser + gunicorn + pdf2image + pillow + pint + pip-licenses + pypdf + python-barcode + python-barcode.optional-dependencies.images + python-dotenv + pyyaml + qrcode + qrcode.optional-dependencies.pil + rapidfuzz + sentry-sdk + tablib + tablib.optional-dependencies.xls + tablib.optional-dependencies.xlsx + tablib.optional-dependencies.yaml + weasyprint + whitenoise + + psycopg2 + fido2 + ]; + + nativeCheckInputs = with python3.pkgs; [ django-slowtests ]; + + installPhase = '' + mkdir -p $out/opt/inventree + cp -r . $out/opt/inventree + + echo "Installing frontend" + + mkdir -p $out/opt/inventree/src/backend/InvenTree/web/static/web + cp -r ${frontend}/* $out/opt/inventree/src/backend/InvenTree/web/static/web/ + cp -r ${frontend}/.* $out/opt/inventree/src/backend/InvenTree/web/static/web/ + ''; + + passthru = { + pythonPath = python3.pkgs.makePythonPath dependencies; + gunicorn = python3.pkgs.gunicorn; + inherit frontend; + }; +} diff --git a/pkgs/overlay.nix b/pkgs/overlay.nix new file mode 100644 index 0000000..76b4302 --- /dev/null +++ b/pkgs/overlay.nix @@ -0,0 +1,27 @@ +inputs: final: prev: { + + pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [ + (py-final: py-prev: { + django-dbbackup = py-final.callPackage ./python/django-dbbackup { }; + django-error-report-2 = py-final.callPackage ./python/django-error-report-2 { }; + django-flags = py-final.callPackage ./python/django-flags { }; + django-ical = py-final.callPackage ./python/django-ical { }; + django-markdownify = py-final.callPackage ./python/django-markdownify { }; + django-money = py-final.callPackage ./python/django-money { }; + django-q-sentry = py-final.callPackage ./python/django-q-sentry { }; + django-recurrence = py-final.callPackage ./python/django-recurrence { }; + django-slowtests = py-final.callPackage ./python/django-slowtests { }; + django-structlog = py-final.callPackage ./python/django-structlog { }; + django-stdimage = py-final.callPackage ./python/django-stdimage { }; + django-user-sessions = py-final.callPackage ./python/django-user-sessions { }; + django-weasyprint = py-final.callPackage ./python/django-weasyprint { }; + django-xforwardedfor-middleware = py-final.callPackage ./python/django-xforwardedfor-middleware { }; + pip-licenses = py-final.callPackage ./python/pip-licenses { }; + py-moneyed = py-final.callPackage ./python/py-moneyed { }; + pytest-pycodestyle = py-final.callPackage ./python/pytest-codestyle { }; + sentry-sdk = py-final.callPackage ./python/sentry-sdk { }; + }) + ]; + + inventree = final.callPackage ./inventree { python3 = final.python312; }; +} diff --git a/pkgs/python/django-dbbackup/default.nix b/pkgs/python/django-dbbackup/default.nix new file mode 100644 index 0000000..d775c7c --- /dev/null +++ b/pkgs/python/django-dbbackup/default.nix @@ -0,0 +1,42 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django_4, + pytz, +}: + +buildPythonPackage rec { + pname = "django-dbbackup"; + version = "4.2.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jazzband"; + repo = "django-dbbackup"; + rev = version; + hash = "sha256-GD+f9mbImGPQ6MOUK3ftHqiGv7TT39jNQsFvd0dnnWU="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ + django_4 + pytz + ]; + + pythonImportsCheck = [ "dbbackup" ]; + + meta = { + description = "Management commands to help backup and restore your project database and media files"; + homepage = "https://github.com/jazzband/django-dbbackup"; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ ]; + mainProgram = "django-dbbackup"; + }; +} diff --git a/pkgs/python/django-error-report-2/default.nix b/pkgs/python/django-error-report-2/default.nix new file mode 100644 index 0000000..5706887 --- /dev/null +++ b/pkgs/python/django-error-report-2/default.nix @@ -0,0 +1,37 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, +}: + +buildPythonPackage rec { + pname = "django-error-report-2"; + version = "0.4.2"; + pyproject = true; + + src = fetchFromGitHub { + owner = "matmair"; + repo = "django-error-report-2"; + rev = version; + hash = "sha256-ZCaslqgruJxM8345/jSlZGruM+27H9hvwL0wtPkUzc0="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ django ]; + + pythonImportsCheck = [ "error_report" ]; + + meta = { + description = "Log/View Django server errors"; + homepage = "https://github.com/matmair/django-error-report-2"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-flags/default.nix b/pkgs/python/django-flags/default.nix new file mode 100644 index 0000000..3d44281 --- /dev/null +++ b/pkgs/python/django-flags/default.nix @@ -0,0 +1,37 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, +}: + +buildPythonPackage rec { + pname = "django-flags"; + version = "5.0.13"; + pyproject = true; + + src = fetchFromGitHub { + owner = "cfpb"; + repo = "django-flags"; + rev = version; + hash = "sha256-WPMfFYoP6WaVzZmVtqAz4LlY761aCRyPhd5npc8bOOI="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ django ]; + + pythonImportsCheck = [ "flags" ]; + + meta = { + description = "Feature flags for Django projects"; + homepage = "https://github.com/cfpb/django-flags"; + license = lib.licenses.cc0; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-ical/default.nix b/pkgs/python/django-ical/default.nix new file mode 100644 index 0000000..3c41e90 --- /dev/null +++ b/pkgs/python/django-ical/default.nix @@ -0,0 +1,46 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + setuptools-scm, + wheel, + django, + django-recurrence, + icalendar, +}: + +buildPythonPackage rec { + pname = "django-ical"; + version = "1.9.2"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jazzband"; + repo = "django-ical"; + rev = version; + hash = "sha256-DUe0loayGcUS7MTyLn+g0KBxbIY7VsaoQNHGSMbMI3U="; + }; + + build-system = [ + setuptools + setuptools-scm + wheel + ]; + + dependencies = [ + django + django-recurrence + icalendar + ]; + + pythonImportsCheck = [ "django_ical" ]; + + meta = { + description = "ICal feeds for Django based on Django's syndication feed framework"; + homepage = "https://github.com/jazzband/django-ical"; + changelog = "https://github.com/jazzband/django-ical/blob/${src.rev}/CHANGES.rst"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-markdownify/default.nix b/pkgs/python/django-markdownify/default.nix new file mode 100644 index 0000000..9cc854d --- /dev/null +++ b/pkgs/python/django-markdownify/default.nix @@ -0,0 +1,39 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + bleach, + django, + markdown, +}: + +buildPythonPackage rec { + pname = "django-markdownify"; + version = "0.9.5"; + pyproject = true; + + src = fetchFromGitHub { + owner = "erwinmatijsen"; + repo = "django-markdownify"; + rev = version; + hash = "sha256-KYU8p8NRD4EIS/KhOk9nvmXCf0RWEc+IFZ57YtsDSWE="; + }; + + build-system = [ setuptools ]; + + dependencies = [ + bleach + django + markdown + ]; + + pythonImportsCheck = [ "markdownify" ]; + + meta = { + description = "Markdown template filter for Django"; + homepage = "https://github.com/erwinmatijsen/django-markdownify"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-money/default.nix b/pkgs/python/django-money/default.nix new file mode 100644 index 0000000..a04e885 --- /dev/null +++ b/pkgs/python/django-money/default.nix @@ -0,0 +1,41 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, + py-moneyed, +}: + +buildPythonPackage rec { + pname = "django-money"; + version = "3.2"; + pyproject = true; + + src = fetchFromGitHub { + owner = "django-money"; + repo = "django-money"; + rev = version; + hash = "sha256-eL26NsreUqtMJ26TmvmB53EJI4Sjs7qjFDnnt4N0vdI="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ + django + py-moneyed + ]; + + pythonImportsCheck = [ "djmoney" ]; + + meta = { + description = "Money fields for Django forms and models"; + homepage = "https://github.com/django-money/django-money"; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-q-sentry/default.nix b/pkgs/python/django-q-sentry/default.nix new file mode 100644 index 0000000..e4814f3 --- /dev/null +++ b/pkgs/python/django-q-sentry/default.nix @@ -0,0 +1,37 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + poetry-core, + setuptools, + sentry-sdk, +}: + +buildPythonPackage rec { + pname = "django-q-sentry"; + version = "0.1.6"; + pyproject = true; + + src = fetchFromGitHub { + owner = "danielwelch"; + repo = "django-q-sentry"; + rev = "d3a43a90c82734244d5ebf3295652223053f1354"; + hash = "sha256-3C7A+X18c7p19HWD/uPRtAMf29VjmrfXXh2z5PPOREY="; + }; + + build-system = [ + poetry-core + setuptools + ]; + + dependencies = [ sentry-sdk ]; + + pythonImportsCheck = [ "django_q_sentry" ]; + + meta = { + description = "Bringing Sentry error tracking to Django Q"; + homepage = "https://github.com/danielwelch/django-q-sentry"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-recurrence/default.nix b/pkgs/python/django-recurrence/default.nix new file mode 100644 index 0000000..89c5aee --- /dev/null +++ b/pkgs/python/django-recurrence/default.nix @@ -0,0 +1,56 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + pdm-backend, + django, + flake8, + pytest, + pytest-cov, + pytest-django, + pytest-sugar, + python-dateutil, + sphinx, + sphinx-rtd-theme, + tox, +}: + +buildPythonPackage rec { + pname = "django-recurrence"; + version = "1.12.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jazzband"; + repo = "django-recurrence"; + rev = version; + hash = "sha256-Q33zyMa1wI13RNLxynGAJHlagahpnFHCmZbHp0aPC/w="; + }; + + build-system = [ pdm-backend ]; + + dependencies = [ + django + flake8 + pytest + pytest-cov + pytest-django + pytest-sugar + python-dateutil + sphinx + sphinx-rtd-theme + tox + ]; + + pythonRelaxDeps = true; + + pythonImportsCheck = [ "recurrence" ]; + + meta = { + description = "Utility for working with recurring dates in Django"; + homepage = "https://github.com/django-recurrence/django-recurrence"; + changelog = "https://github.com/django-recurrence/django-recurrence/blob/${src.rev}/CHANGES.rst"; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-slowtests/default.nix b/pkgs/python/django-slowtests/default.nix new file mode 100644 index 0000000..28dd36a --- /dev/null +++ b/pkgs/python/django-slowtests/default.nix @@ -0,0 +1,38 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django_4, +}: + +buildPythonPackage rec { + pname = "django-slowtests"; + version = "1.1.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "realpython"; + repo = "django-slow-tests"; + rev = version; + hash = "sha256-gW9AZiMpXJp1m2X1cbm6GdZ9cH+TFqjNLQJFmsvGjB0="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ django_4 ]; + + pythonImportsCheck = [ "django_slowtests" ]; + + meta = { + description = "Locate your slowest tests"; + homepage = "https://github.com/realpython/django-slow-tests"; + changelog = "https://github.com/realpython/django-slow-tests/blob/${src.rev}/CHANGELOG.rst"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-stdimage/default.nix b/pkgs/python/django-stdimage/default.nix new file mode 100644 index 0000000..1bab49c --- /dev/null +++ b/pkgs/python/django-stdimage/default.nix @@ -0,0 +1,51 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + setuptools-scm, + wheel, + django, + pillow, + gettext, +}: + +buildPythonPackage rec { + pname = "django-stdimage"; + version = "6.0.2"; + pyproject = true; + + src = fetchFromGitHub { + owner = "codingjoe"; + repo = "django-stdimage"; + rev = version; + hash = "sha256-uwVU3Huc5fitAweShJjcMW//GBeIpJcxqKKLGo/EdIs="; + }; + + build-system = [ + setuptools + setuptools-scm + wheel + ]; + + dependencies = [ + django + pillow + ]; + + nativeBuildInputs = [ gettext ]; + + preBuild = '' + echo "bla bla" + echo $PATH + ''; + + pythonImportsCheck = [ "stdimage" ]; + + meta = { + description = ""; + homepage = "https://github.com/codingjoe/django-stdimage"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-structlog/default.nix b/pkgs/python/django-structlog/default.nix new file mode 100644 index 0000000..90e5e7a --- /dev/null +++ b/pkgs/python/django-structlog/default.nix @@ -0,0 +1,48 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + asgiref, + django, + django-ipware, + structlog, + celery, + django-extensions, +}: + +buildPythonPackage rec { + pname = "django-structlog"; + version = "9.1.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jrobichaud"; + repo = "django-structlog"; + rev = version; + hash = "sha256-SEigOdlXZtfLAgRgGkv/eDNDAiiHd7YthRJ/H6e1v5U="; + }; + + build-system = [ setuptools ]; + + dependencies = [ + asgiref + django + django-ipware + structlog + ]; + + optional-dependencies = { + celery = [ celery ]; + commands = [ django-extensions ]; + }; + + pythonImportsCheck = [ "django_structlog" ]; + + meta = { + description = ""; + homepage = "https://github.com/jrobichaud/django-structlog"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-user-sessions/default.nix b/pkgs/python/django-user-sessions/default.nix new file mode 100644 index 0000000..7d240f1 --- /dev/null +++ b/pkgs/python/django-user-sessions/default.nix @@ -0,0 +1,39 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + setuptools-scm, + wheel, + django, +}: + +buildPythonPackage rec { + pname = "django-user-sessions"; + version = "2.0.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "jazzband"; + repo = "django-user-sessions"; + rev = version; + hash = "sha256-Wexy6G2pZ8LTnqtJkBZIePV7qhQW8gu/mKiQfZtgf/o="; + }; + + build-system = [ + setuptools + setuptools-scm + wheel + ]; + + dependencies = [ django ]; + + pythonImportsCheck = [ "user_sessions" ]; + + meta = { + description = "Extend Django sessions with a foreign key back to the user, allowing enumerating all user's sessions"; + homepage = "http://github.com/jazzband/django-user-sessions"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-weasyprint/default.nix b/pkgs/python/django-weasyprint/default.nix new file mode 100644 index 0000000..07d026e --- /dev/null +++ b/pkgs/python/django-weasyprint/default.nix @@ -0,0 +1,38 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + django, + weasyprint, +}: + +buildPythonPackage rec { + pname = "django-weasyprint"; + version = "2.4.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "fdemmer"; + repo = "django-weasyprint"; + rev = "v${version}"; + hash = "sha256-eSh1p+5MyYb6GIEgSdlFxPzVCenlkwSCTkTzgKjezIg="; + }; + + build-system = [ setuptools ]; + + dependencies = [ + django + weasyprint + ]; + + pythonImportsCheck = [ "django_weasyprint" ]; + + meta = { + description = "A Django class-based view generating PDF resposes using WeasyPrint"; + homepage = "https://github.com/fdemmer/django-weasyprint"; + changelog = "https://github.com/fdemmer/django-weasyprint/blob/${src.rev}/CHANGELOG.md"; + license = lib.licenses.asl20; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/django-xforwardedfor-middleware/default.nix b/pkgs/python/django-xforwardedfor-middleware/default.nix new file mode 100644 index 0000000..6af14f9 --- /dev/null +++ b/pkgs/python/django-xforwardedfor-middleware/default.nix @@ -0,0 +1,37 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + django, +}: + +buildPythonPackage rec { + pname = "django-xforwardedfor-middleware"; + version = "2.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "allo-"; + repo = "django-xforwardedfor-middleware"; + rev = "v${version}"; + hash = "sha256-dDXSb17kXOSeIgY6wid1QFHhUjrapasWgCEb/El51eA="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ django ]; + + pythonImportsCheck = [ "x_forwarded_for" ]; + + meta = { + description = "Use the X-Forwarded-For header to get the real ip of a request"; + homepage = "https://github.com/allo-/django-xforwardedfor-middleware"; + license = lib.licenses.publicDomain; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/pip-licenses/default.nix b/pkgs/python/pip-licenses/default.nix new file mode 100644 index 0000000..dc97147 --- /dev/null +++ b/pkgs/python/pip-licenses/default.nix @@ -0,0 +1,74 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + setuptools-scm, + wheel, + prettytable, + tomli, + autopep8, + black, + docutils, + isort, + mypy, + pip-tools, + pypandoc, + pytest-cov, + pytest-pycodestyle, + pytest-runner, + tomli-w, + twine, +}: + +buildPythonPackage rec { + pname = "pip-licenses"; + version = "5.0.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "raimon49"; + repo = "pip-licenses"; + rev = "v-${version}"; + hash = "sha256-6xw6BCuXSzNcwkpHaEFC5UPpubPUwhx/pg6vZq2er7A="; + }; + + build-system = [ + setuptools + setuptools-scm + wheel + ]; + + dependencies = [ + prettytable + tomli + ]; + + optional-dependencies = { + dev = [ + autopep8 + black + docutils + isort + mypy + pip-tools + pypandoc + pytest-cov + pytest-pycodestyle + pytest-runner + tomli-w + twine + wheel + ]; + }; + + pythonImportsCheck = [ "piplicenses" ]; + + meta = { + description = "Dump the license list of packages installed with pip"; + homepage = "https://github.com/raimon49/pip-licenses"; + changelog = "https://github.com/raimon49/pip-licenses/blob/${src.rev}/CHANGELOG.md"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/py-moneyed/default.nix b/pkgs/python/py-moneyed/default.nix new file mode 100644 index 0000000..e953766 --- /dev/null +++ b/pkgs/python/py-moneyed/default.nix @@ -0,0 +1,42 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + babel, + typing-extensions, +}: + +buildPythonPackage rec { + pname = "py-moneyed"; + version = "3.0"; + pyproject = true; + + src = fetchFromGitHub { + owner = "py-moneyed"; + repo = "py-moneyed"; + rev = "v${version}"; + hash = "sha256-k0ZbLwog6TYxKDLZV7eH1Br8buMPfpOkgp+pMN/qdB8="; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ + babel + typing-extensions + ]; + + pythonImportsCheck = [ "moneyed" ]; + + meta = { + description = "Provides Currency and Money classes for use in your Python code"; + homepage = "http://github.com/py-moneyed/py-moneyed"; + changelog = "https://github.com/py-moneyed/py-moneyed/blob/${src.rev}/CHANGES.rst"; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/pkgs/python/sentry-sdk/default.nix b/pkgs/python/sentry-sdk/default.nix new file mode 100644 index 0000000..0c75d44 --- /dev/null +++ b/pkgs/python/sentry-sdk/default.nix @@ -0,0 +1,43 @@ +{ + lib, + buildPythonPackage, + fetchFromGitHub, + setuptools, + wheel, + certifi, + urllib3, +}: + +buildPythonPackage rec { + pname = "sentry-sdk"; + version = "2.26.1"; + pyproject = true; + + src = fetchFromGitHub { + owner = "getsentry"; + repo = "sentry-python"; + rev = version; + hash = "sha256-Wl8yq2X9GuPcqaS93hkKXs2cDzz282Xceaai4NjbVZY="; + fetchSubmodules = true; + }; + + build-system = [ + setuptools + wheel + ]; + + dependencies = [ + certifi + urllib3 + ]; + + pythonImportsCheck = [ "sentry_sdk" ]; + + meta = { + description = "The official Python SDK for Sentry.io"; + homepage = "https://github.com/getsentry/sentry-python"; + changelog = "https://github.com/getsentry/sentry-python/blob/${src.rev}/CHANGELOG.md"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ ]; + }; +} diff --git a/vars/per-machine/rigel/inventree/admin-password/groups/admins b/vars/per-machine/rigel/inventree/admin-password/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/rigel/inventree/admin-password/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/rigel/inventree/admin-password/machines/rigel b/vars/per-machine/rigel/inventree/admin-password/machines/rigel new file mode 120000 index 0000000..47a146c --- /dev/null +++ b/vars/per-machine/rigel/inventree/admin-password/machines/rigel @@ -0,0 +1 @@ +../../../../../../sops/machines/rigel \ No newline at end of file diff --git a/vars/per-machine/rigel/inventree/admin-password/secret b/vars/per-machine/rigel/inventree/admin-password/secret new file mode 100644 index 0000000..72df2ed --- /dev/null +++ b/vars/per-machine/rigel/inventree/admin-password/secret @@ -0,0 +1,47 @@ +{ + "data": "ENC[AES256_GCM,data:zvgWIdH7rcqvo2iK2iAKUm/Y86Bw3MIEfR1ORnk=,iv:mZh5NQtqcvo1mqMloplYUyOIqqTevabrD3184d+HCWU=,tag:0Eg89dJfqHVC+AuQpwvcWQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTN0UyR25hYmlQUklFZ0tL\nYkVaSWNXTmY3dlhxNEVHU2JMRWlaVDRWUHdNCnpMU3Z6NWN2M1hZUVJWcnZTSXZn\nNjFmR2o0TURnUlZuYzFRaFAwN2N4eEkKLS0tIGtuR2xtYllzTlFsTGFHZFBlQlU0\nMHRaQm9mM3Z2MjFjY21xR3ozRDU0MEkKGx/4vViXoCSGsTfspDHKDKa/z4+OqSXA\n3O6Lty/Z7fcIzQ620/o78FymLvckry4WcbNv91ygD757xEMPs2w/DQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDaHBHZk9BcU5lQ2lBL1Zl\nZUx0UEpvUGtrME9KM3l4SkNrKzBDeklGOFg0CmIvYUhvVVYzV3VseCtxZXNPUEwz\nUHVBMFJ5RGN5M2hIWFcvVmYreHJUbUkKLS0tIDkvcTRndlBBZEpFeThjdGtzby9J\nWUk2Y0kwV0NHbmIzVDhFRWpuZzlwdkUKeRxby++AnjmG0z5gIoCKl8agSX2DM79E\nuwC28eA4rmq8AkXya5HmBNkC190BKVukNgUrf1WADNhIiqNWbRhwWA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFZzZjU4cjM5\nakM3WEt5eDU4bnUvbFZsVnN5ajJtR1dNRS9mVUJmVUgvbHcgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQptNE1LVWZsd09aNjhLcURCUXU1VC9R\nQ0JiN211ZEJrZThPRW96UUZaVWhzCi0tLSBoUjRFY0tmNzRhUVlrdE8rWXV2UTFQ\nSG90OTNDUWMwc2xjd0NOWXluQU5nCg+k/2HOJLSlO/EljnXeUIKagzrv2wzGSilZ\nFh+NKEf5yzhGfuizhT68GgLTy91LklHz1MXdFN5OWxcaHUQDPWg=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGpEU21KOHVR\nYWJBeHlLS0ZQeXdnN1BvUWx0TlVkRkwyRmN4QUJPRW5tMnMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpGQU9PbzV5d3VVaFFPMm5WeGNQeERI\nZDMyeDVTdzdabXAxb01GdkpnbnNrCi0tLSBTc0llSmFqLzBSMVZwVnlEZWRXdXBu\nazNDN3dlTUFidklqSVdTME8zbXZZChqfY7W5yfXWDfXtbTq37zLMiCAETwdubf0w\nP6XXbk2PMQnBSpC0DtZrzH2h/6blg67v12MR8WV30az92hBwCgs=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDM1cWs3VlBx\nelpBYjE2S05KR1hWK0gvOVZzQWRyamJraHN1TkdSVzZCeTAgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpMclRWemRpZzdqdU54WERJZ3kydXdq\nanB1RWxZNVk1WkRXc1NqMHFFSC9RCi0tLSBibDlFVm9pTlhuTFIxN2pZY1UyRVc0\nVlRrZWhRTS8rSllLaklFNFZkSkprCjtoODS+/3/9Az764qn6ICxfMUIj26QBv37U\nqKFKEKWtd3nXR1El2eZGIUNZ2bNr6iZ3uYLztN8QvQvBrDhCMxo=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQN3ZqSTIzT0xLdGRJUGJ3\nY0hjV0l6bndYMk9OSVdwQk1WWXpHR0EwNmpRCjM5VHBlOVNzTWVoQzgyL3FjdGJS\nMDcrVmxGZklkeFVMaUhNUmg2bFR4MlUKLS0tIEZ2cnFVejFabVVPbHh0L3B1alkr\nOHJLSTloeTlVV2VhdzQ0MENHRlF5UFUKsN0LowCStW63TUitkdT25o1evdiGXnYq\nXZyjm9d1D9Q3YqA8nTkEUS9j0/VV0v3WMbwwa7Q7BbLa5aStbOgH8A==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3VzVnb2VoZG1iTytRY3lC\namNuYk1pTXpuanpBQlhRSUhoWElJVkxrbHlVCkI5OE1oT1RSQlBDWDFiNC9zdWVV\nSmJOU1FPMHpKY1QzZnFwRzNyM3NLZFUKLS0tIGpBcnFqaUM1b3BIanJvVUxXcHZR\nSXIxREtHVzErQjh0ZGprQm5JR0U1Rk0K+SUWUIeq9YzJy+2UK/5jn1XyAxMcA+Be\nStAdKZrT0N2z/XT7oPm4Yd1oyv49dvZMAEPGlBz3/m3pSA0FOzyiDA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDeTlDMDU0QjRUSXkzbnVU\nN08yYzU4L0ZLYWRvaWt2aHhUTXNqc2pJN2lBCnNFRGRGUFZacjNuaXFuMU5Qd1Ba\nSHVIU2R4NllhZjNXRytML3pBMXRWVTQKLS0tIHJDaHdyemV5OVBIcGhUQUoyZVZV\nRWhhM1RINUFQQTVaczZhS01IVm9oSDgKdRcoZHYIG4vUJ9G+a3M+EEcEZO/zew4n\nLR5/l5TsvVF4CO5FO0Pc01kPXaL6xVE637fXzfaD1J+RAqB6f0VSbA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzZjl1ZS9kZ25rMnd5SGRx\nZ3Ruc0pmSTR0SDZicWx4aHJGakQ0ajV3cjBVCmlMVzJlZ2N3N2t6cUdMREtwKzNH\nMVVjdjFGL05KYmxJYlhHZEQ3ZHpvTWMKLS0tIG5DUEprNndBVHBGU09KWEh4K2FD\nV0MvQ2xsNjY4UVdFOWIwRVBrdEw4RzAKhgsSbnhQiJwVS1VvlG/sDxy0RAqvcA0k\nntYQYkMfBM58pB07/nWhkh6jKL9BD9skRo4BjhgNQ6TMHg66QCz/7Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-10-10T06:29:46Z", + "mac": "ENC[AES256_GCM,data:0XzwEMtc++XgiAq3aC2rM/aTXWSFO9ZgZOd8bLbAk5wlcTCx4dgDya5p1Ym4Cn/WqE671Hdx3JJdXdLGhhoqb4uFwxymdh1bTuDJ7PaXBWczXpQAFGhbMoejpRtpWgfA49BPafx2XSKrge68gi+gAw9E8XELWIENFavufFqxgys=,iv:FyYyhpujre4D6zbM2FTjCsdNbusqPtz9JIQs1SCbojg=,tag:SextpN5OAhIntRrHHUJFhg==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/per-machine/rigel/inventree/admin-password/users/kurogeek b/vars/per-machine/rigel/inventree/admin-password/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/rigel/inventree/admin-password/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/rigel/inventree/oidc-key/groups/admins b/vars/per-machine/rigel/inventree/oidc-key/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/rigel/inventree/oidc-key/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/rigel/inventree/oidc-key/machines/rigel b/vars/per-machine/rigel/inventree/oidc-key/machines/rigel new file mode 120000 index 0000000..47a146c --- /dev/null +++ b/vars/per-machine/rigel/inventree/oidc-key/machines/rigel @@ -0,0 +1 @@ +../../../../../../sops/machines/rigel \ No newline at end of file diff --git a/vars/per-machine/rigel/inventree/oidc-key/secret b/vars/per-machine/rigel/inventree/oidc-key/secret new file mode 100644 index 0000000..1d4004c --- /dev/null +++ b/vars/per-machine/rigel/inventree/oidc-key/secret @@ -0,0 +1,47 @@ +{ + "data": "ENC[AES256_GCM,data:Vir/YqT3y7jFv3wLO7QldbxcNJJlNhtONZdB4uWALNz7,iv:AL+gr53D+K3kz7lgAaXdMd/CQLqbPbbmWFPiqfGbWA8=,tag:jG038lc2qt5txWc4ZYmzcQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1YnNiSDZXM3BMaThiQVFO\nUHFidVFGYS9tcnFkSDNlckU4UnQxdjBIUmlvCndhNnA2Ym9UYWJIaHdVVC9URktP\nYStDVG01WWJBTW9XNTFBRXI2dWR5ck0KLS0tIGYyeW1KWFRYb0w2QVpNeFUzSUlB\nUENodnhFTUxZcWNCOEVFdHFCMkFCaEkKZCanC5/lc55dQ7usVMJGx1WNOa6r/ZpT\nGeyYHV0YK3MnTH4gSJAiluRM248iI+IRFxZSlvfnqHYNk80ptiIuhQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxTHlvSHROeDJBNVRySzV1\nM3BRQWloY1NML0V5Tk5UbExmbHdNWFFtMFEwCnpDaWFweXFoREhPU1M0VWlzZVV1\nNnVITFk5TmhINzBWUXpxZzBhYVlBLzQKLS0tIHE4THZQQ0JodWROZ1hSOVJjVWwy\nc2REK253eUh4QTRQSXA3L25QMzhEUDgKjo27VyMAm0OG4gQS3t7xbIwwm2Vxc1We\nHdHID+A6LzIszCnhzYzi1qwecZbUkgfRgQxgTp42ABl5Kr5L+uPWAA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIC9MU2JwOVBw\nbXMxMzNWM3lNNFU5UTZ0bUpzbkliTW1hQTBhRi9DSjRMVEUgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQp1MlJVcmtVWWNwYSs1NzRzbS8xWk51\nTGZaRURFT2E4OGVnK1FXSUN0Z1dNCi0tLSBHNHFOZm9HQ3MxK3FnT1QzdGFaSDZx\nRTgwV21VYkJCcmZubkRzNVNCVHZFCiuXxJW4Ldxc0ISOIXA4R0JNldoRTQJezJ2x\nEeExlPcoAL3ClF7/WHMxGw1yNftukARaNItY3AGk6+wtcX/I/Wc=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDB6R3ZPdGls\ncmx2MVF5K3U1cHI1UnRhWVV5WWRCelM5MmpwUG9UVkxGVGcgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwp3M1BUMGJtMUdNVk1Va2pQZXBvbGtC\nOVVGYVd4ZHZ5SXY5ZDc3QUJwcE9jCi0tLSBKTDlnWmJUdGViK0hZY0xiZEZKN1JM\nOEY3RGp4MTNNb254WDNkMHJ0RnZNCkBC4IPzDlOeEFB8N3OGZMoCDvvsRNXsj0ge\nDbjrWopTUWUTOxEwl2g7OphTUJym4vetXp5/Y+RczmEZtHvjCmM=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHE2V1hlSDNJ\nd2VIRVZCWFVsb0NyZzZGU2c2TFV1by84OEQ1Z2hZN1FpQVEgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwo2NTdvdm1RRG5DMGRMcUMydEgvNFBw\nTVp1YnZjbEhsMTQ3RWRpL1lxayswCi0tLSB6SXlOdWxIUm9QczdPcnhLZEhTaWxL\nQXcxdEN6dWovRjFuV09IeGZ0cTBFChHb+FlnPfLgxWf1IvjER1sPrK15fmgxNDie\ncfU5HqB0p7KwIrUVJOusZHUC7WLnIiu/f23wFSJe++00Fk8y0GM=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwc3NxOU8yYUtLQitLcVNK\nSmxFaEpDNWtYQy9yT1dTQndlR2ExUitobHhvCkFkemc4YktCOE85RVRkeVZIVExI\nVTd3S3VZUGdTdjlQTStXN1lFUFhTRE0KLS0tIDJzWGJOalNUYVhrbVR4V1dSM1A5\nZTNHSWpvajA0T1RnL05lWHRROEVmTGsKvzZCUBXPe4bl/H/tKWBObt0Ti2WgXijW\nFkC54FXoOU9Xs9jsw3XqG6GQbWmizGWl7Ox2XjYD0AHnhzFmSQiSdw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCZXVydWJsSDdRc1ljUmxr\ndWplYzNkSWdLOGZVeHJVbll0WTczL0Y3UkRNCm5PQmJyNzkybHBnS0lwcjFWTkwx\nN2FYdHJ5WU1yZDNpajNnaDcxSGRIMjgKLS0tIHFYb2wwaitwMWlWUlhuWnloNWFM\nYS9SNERqeHJ5OURlVy9NNjVnMW1vU1UKVC8J5MjG0gpHqfZb6Q31nNjy94w28+PT\n3LTRDoz6Xfgi12MExKuIKCYZ/BbpxSSSb3YjTv9Kgc14VfodhMRTvA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLZjRydnoxM2VZcytZZ2NL\nSVY5QTJsRlA5NjNrZ2RNMmJkZFl6V2UrVlJzCitzTldQUEtPK2VCRlpxenk5bHdL\nZkRMWGRmQ1hIYUVxN2VIUFFPdmgwa28KLS0tIGtYa1BzajNkOFlIWHJmYjdRazdX\ncm5CTGR1aTduMnZUQk44c0ltNy93bXcKvEzzbP4e1Xb3by0nWIl7UY0ntIHMfgEL\nvhDpk5r2ohlL6+EK5ZxyMpDR2KwyMqa+N4ot/+REgnWCAgYBJLaoYQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMbHFVcVJnVzhlR1RKSEd5\nVXE4KzBLOVFzOXZDNHZ0QS9ISXFScDBQNlhNCjh1dDhPeEhkN1RTWkZiYUtyT3ZI\nUGdxaS9RNzA4dVp4OUZ6bEVjS0NzMVkKLS0tIERja2tIM0J4WWIrRFo1dmE1eHBz\nRGxzK2x5T0Jod2tuZDNadFNNclRidEkKOnE7XbKpDzkSDbHiY0/PSxXVMJ5dBqKr\nvgfLBn1OSOguR2LUNgmJWSDHf6uvWiuOIEHJMU8x/ITiUE07VH9alw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-10-10T06:29:46Z", + "mac": "ENC[AES256_GCM,data:F9YRXRHC7i1EJTEmwyiVT5PR8HTaiyuVM3QuqW3fFSMXqUChRkW7Ysj+gKeUuiFFU2EjVOnl41nzbZbCqvVYHFO53+NUNb7/Kc5/uDj/5G0X2v8maFju2TNQbTC2zMaJl2wP7oZe+q+4hlHFUoiyzXdcUbk6BuHogdC95OvvV7A=,iv:7MkHKnmUWNck6MC9nRCnsdF4+Kfpsi2IKfGIJ/mkP3A=,tag:oKT6nfrrihh3KcLnWDkTyg==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/per-machine/rigel/inventree/oidc-key/users/kurogeek b/vars/per-machine/rigel/inventree/oidc-key/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/rigel/inventree/oidc-key/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/rigel/inventree/secret-key/groups/admins b/vars/per-machine/rigel/inventree/secret-key/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/rigel/inventree/secret-key/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/rigel/inventree/secret-key/machines/rigel b/vars/per-machine/rigel/inventree/secret-key/machines/rigel new file mode 120000 index 0000000..47a146c --- /dev/null +++ b/vars/per-machine/rigel/inventree/secret-key/machines/rigel @@ -0,0 +1 @@ +../../../../../../sops/machines/rigel \ No newline at end of file diff --git a/vars/per-machine/rigel/inventree/secret-key/secret b/vars/per-machine/rigel/inventree/secret-key/secret new file mode 100644 index 0000000..3450572 --- /dev/null +++ b/vars/per-machine/rigel/inventree/secret-key/secret @@ -0,0 +1,47 @@ +{ + "data": "ENC[AES256_GCM,data:+ZB+i9LXEzwfyQ9+uzKLqruIQ5BSaIy7Q2syBihRJ+Ih,iv:l5RUXyXnl65mE+bp4uix50RB/UlbzD9r8IFq3R81UAI=,tag:nYT3UBB7jYxmoA/GUZu8pg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBINHdUOGJYMWJkSG1hUWNJ\ncUcwRzFXVFNienNoTFJzc0ozeDcza29uSEc4CklsTGx4ZVRHR1M5c3NoUWxGUUFJ\nUno5dW1tZG5tc05IUmpnaG5tZVFRbmMKLS0tIGhkSjVhWGdDb2VRdUQzTUZ3L0Zj\nZUhZeHVjSWsvU0M3cGRCWndJMWxYQ2MKG6Yfa0RzT3jb1Gwc/aEA8J3/GklYRiAh\nm7LJU6Q8dpmCi8UMqnSMP67pmhB35z2AzkHpWkkfB3cHXKYmMlYvLg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4M0JzNjNic2xTcS85NTYv\nYXIxYVphOTBKOGhya0JZRWVDSFp0WXZ5RkR3Cm8rU2xRQVFvalNobVY0YWRHeXM3\nVHU1bGJmVnp3MS9rT0h5bnRjWXpsVmMKLS0tIEpMKzE5a1BQY1BxWmtBeTVYQ0Zz\nb3JQT1VPbTJEYzNYUUJOMW1rc3ZLeUkKLHj/jme6UogkVuzlp/PUIY4I0caFaVvk\nsmsQaec28v1KxzjpSw+aRFq32sP5L/60k2CmOV4gf6YKb2aGa/W89g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIE9jTndYQlpn\nU3RBZ0kvVDdRRFNOWDFISGZCMlBKQzhNQVlJZHFxdFhUVHcgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQp0aXQ3VEQ3b1h1ZzZlYzNvSlhQa1Q5\nQ1NIUUhhYXVVT1hDcFNhZjRVQVRrCi0tLSB5UkNGZjBGU0VqN3krNlo3U3drMmtq\na3pxUFJ4eUQwNk1kekdMbXR4ZWRnChaEHEA/Hg8p8tgfV20e+llfpyiSUAealEHY\n5Asq75zpldlxHGzjVtjzMlrq3wv/VWDyvjz9JZURTzuZoyS13R4=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGJwZHVRdS9W\nT2d0YzdFODVocmd6VGRBRVBVM0F5aERLVW9aQzZmeHRNSFUgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpRUEkyOGJPc0o3ajRFR25OSmFrNW9o\nUVpKSUNMZzlGOVlkaUh0ZHpWajJVCi0tLSBGeUZKbjkrRS9Gd0dZblZTT1ZFcDk5\nZEFkSkRmTnQxQmFhKzIvNVNDS2dZCh3XxCkZc5PaOqePh6rJIGLT+m+lq1Eu6z0b\nfybCPW7J8AP7ACqQHGb90/NXXk0pwfYD6qjOm9m3+QsUg9OQyTM=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGcwM1pWWDIw\nQ2ZCVEk2NjNuYXlMcDN2Ulk2SWFudUxaYVIycnI1bkJEV2sgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpTM0pmYUF5S2NNM05FLy94enBwdUpr\nUlIyYUFIaU56dnk2aU9kUFJvUmhRCi0tLSBzamRyM2k2WTV5UExTTGZSNGYyNmxK\nQy9jN0lpREdzSm9uRkxZOUhCT0ZBCjp0GFU4LCI+PIqLyfM/JpKMAJ+Wnl68E68o\nds2bhB7/0lXcwSBmoFHURkgo1Qyc+l1ZXHWecyGQLf2dOUvCm0k=\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzMCtrcGdPbE1Kcng3VUdv\nUTE3aHZJUW5HQkdkanFBbS83VkxJOEY2NGlnCnc2N29hS2oyeXpvbVZGbHRpTDBV\nSWVwNUhRL01uMUxzbWIrV05OSXRHTTAKLS0tIDhxYmxMMGZ1cTJEcHhtWmJiNzNa\nbW1BNXFsN3BEbGV5WGdUQ2lhaEwybzAKM1GY/6rpIOfzHqtO+g59slHsJwc/XJwL\nLYm31qykqv8bARFwQnT/g1JfiH1k1PLAlk00lKW+NsHtzYiVJUvjmw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYcjhLR2NDZCtEWG1qb3FT\nUGVUNDhuOGhwOE5mZzlkQ2MvNEtjQWMzOUd3CmkvYW9nVzdRZlFRTzVGVURzMnZK\nQWwvaXVCeDQ5WHlTL3p1RFRRRWpXTFkKLS0tIFZIdWRYTU5RQ203Q1l0SXNQY2NF\nZTJUOEg0S09sQ0hacVJxLzNWd1FFQmMK/iYDlJXmyX3cGvLixJ5pxoC5hwJoItfB\nMhjFBauPWRWE9lau+ICP8gQnTDSlBISc0TLXjElWMGslcuOPntgppw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVUkUvalU4VTlqR25lN0dE\nY2lrajNYWC9oL0tCQ1lFVDdlYkwyUmRKY2lVCjhHVi8vS1ZwRFQrcHdFSTUzNVY2\nWWtRTDhCVmY2bG9XNTRqYWlmU2VFTDgKLS0tIHhsMVlidkt3K3BoOWZ5OHpQMVVV\nWHB4MTJ1TU40M1RYS0hWVzZDUDBqRlkKpLzd+JisAovhQhYVxbbckGAkTL9ADkD4\nJtqnRVT627h6ImL5E8MX5WUb7Tq1nXwklcrELTWnfAYb1rOQ4/Qtkw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQcTFMa2h5TG5mZWsxRjNQ\nV0lhbXFCRVV5YUZGMW00VmZlNHVoVFhlSEJJClc5ZW1xNHBnNjEvSkNUdGFmNXN6\ndkc3bm5LVkpIMmE3MllxSW5WVzA5OEkKLS0tIE54cU9wVXgrT2J6T1hVcWRqS040\ndFJ2L3JTVStLUnZ2MXQyWEhwcDJFeHcKQgg1wdTnv1wM39XWvNTJqtWFSaGr9odF\nrgraoVdOszDjB38aP3ltxzjLB4XzMsBXIpdvK547mNNe6BEZFOEYWw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-10-10T06:29:47Z", + "mac": "ENC[AES256_GCM,data:uN0fTMrrPTbkzyS1tp4SxSIdjKPDFKZ+sAeAqk9X5aXzBgLKdyOu9CynhNQ+1cCMmDudat0Aa4tzfXnMZdEeG4h0OiSIkEI/in9HqbIUJ6KJ1YE+Sg1Cn1bPJvQz/oT/1U8NhB8F9B8paCy81pxPnNPkO4H+HWr9zcDp6G8Ztzg=,iv:IEl3kHo7DFUXO2pTRVgCcuFXEXP+dnSyfa5fAuk1tsw=,tag:3+W/rX/+vOd+X2pyw/3Q/w==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/per-machine/rigel/inventree/secret-key/users/kurogeek b/vars/per-machine/rigel/inventree/secret-key/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/rigel/inventree/secret-key/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file