diff --git a/inventories/default.nix b/inventories/default.nix index 6a275af..8699239 100644 --- a/inventories/default.nix +++ b/inventories/default.nix @@ -277,6 +277,18 @@ dataDir = "/mnt/hdd/samba"; }; }; + + wordpress = { + module = { + name = "wordpress"; + input = "self"; + }; + roles.server.machines."tangra".settings = { + tenants = [ + "poyfestival.com" + ]; + }; + }; }; }; }; diff --git a/inventory.json b/inventory.json index 096bbb0..b4027b2 100644 --- a/inventory.json +++ b/inventory.json @@ -47,6 +47,9 @@ }, "bosona": { "installedAt": 1779098893 + }, + "tangra": { + "installedAt": 1779958921 } } } \ No newline at end of file diff --git a/machines/tangra/configuration.nix b/machines/tangra/configuration.nix new file mode 100644 index 0000000..a2c083b --- /dev/null +++ b/machines/tangra/configuration.nix @@ -0,0 +1,32 @@ +{ + system.stateVersion = "25.11"; + nixpkgs.hostPlatform = { + system = "x86_64-linux"; + }; + + clan.core.settings.name = "tangra"; + clan.core.settings.machine.description = + "A Hetzner VPS machine own by Alex. This is a machine for poyfestival.com"; + + clan.core.sops.defaultGroups = [ "admins" ]; + + clan.core.vars.generators.acme = { + share = true; + files.email.secret = false; + + prompts.email = { + type = "line"; + description = "Email for ACME registeration"; + }; + + script = '' + cat $prompts/email > $out/email + ''; + }; + + users.users.nginx.extraGroups = [ "acme" ]; + + security.acme.acceptTerms = true; + + imports = [ ]; +} diff --git a/machines/tangra/disko.nix b/machines/tangra/disko.nix new file mode 100644 index 0000000..508d653 --- /dev/null +++ b/machines/tangra/disko.nix @@ -0,0 +1,86 @@ +{ ... }: +let + hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}"; + os = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_119349241"; +in +{ + + boot.loader = { + systemd-boot = { + enable = true; + }; + efi = { + canTouchEfiVariables = true; + }; + }; + + boot.zfs.forceImportRoot = true; + + disko.devices = { + disk = { + "os-${hashDisk os}" = { + type = "disk"; + device = os; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "nofail" ]; + }; + }; + system = { + size = "100%"; + content = { + type = "zfs"; + pool = "zroot"; + }; + }; + }; + }; + }; + }; + zpool = { + zroot = { + type = "zpool"; + rootFsOptions = { + mountpoint = "none"; + compression = "lz4"; + acltype = "posixacl"; + xattr = "sa"; + "com.sun:auto-snapshot" = "true"; + }; + options.ashift = "12"; + datasets = { + "root" = { + type = "zfs_fs"; + options.mountpoint = "none"; + }; + "root/nixos" = { + type = "zfs_fs"; + options.mountpoint = "/"; + mountpoint = "/"; + }; + "root/home" = { + type = "zfs_fs"; + options.mountpoint = "/home"; + mountpoint = "/home"; + }; + "root/tmp" = { + type = "zfs_fs"; + mountpoint = "/tmp"; + options = { + mountpoint = "/tmp"; + sync = "disabled"; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/tangra/facter.json b/machines/tangra/facter.json new file mode 100644 index 0000000..6c1f3e4 --- /dev/null +++ b/machines/tangra/facter.json @@ -0,0 +1,2789 @@ +{ + "version": 1, + "system": "x86_64-linux", + "virtualisation": "kvm", + "hardware": { + "bios": { + "apm_info": { + "supported": false, + "enabled": false, + "version": 0, + "sub_version": 0, + "bios_flags": 0 + }, + "vbe_info": { + "version": 0, + "video_memory": 0 + }, + "pnp": false, + "pnp_id": 0, + "lba_support": false, + "low_memory_size": 0, + "smbios_version": 768 + }, + "bridge": [ + { + "index": 7, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.7", + "sysfs_bus_id": "0000:00:02.7", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167939072, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 7, + "command": 1031, + "header_type": 1, + "secondary_bus": 8, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": ["pcieport"], + "driver_modules": ["pcieportdrv"], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 8, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0001", + "name": "ISA bridge", + "value": 1 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "2918", + "value": 10520 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "Intel ISA bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.0", + "sysfs_bus_id": "0000:00:1f.0", + "detail": { + "function": 0, + "command": 3, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 0 + }, + "driver": "lpc_ich", + "driver_module": "lpc_ich", + "drivers": ["lpc_ich"], + "driver_modules": ["lpc_ich"], + "module_alias": "pci:v00008086d00002918sv00001AF4sd00001100bc06sc01i00" + }, + { + "index": 9, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.5", + "sysfs_bus_id": "0000:00:02.5", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167947264, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 5, + "command": 1031, + "header_type": 1, + "secondary_bus": 6, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": ["pcieport"], + "driver_modules": ["pcieportdrv"], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 12, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.3", + "sysfs_bus_id": "0000:00:02.3", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167955456, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 3, + "command": 1031, + "header_type": 1, + "secondary_bus": 4, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": ["pcieport"], + "driver_modules": ["pcieportdrv"], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 14, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1", + "sysfs_bus_id": "0000:00:02.1", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167963648, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 1, + "command": 1031, + "header_type": 1, + "secondary_bus": 2, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": ["pcieport"], + "driver_modules": ["pcieportdrv"], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 16, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0000", + "name": "Host bridge", + "value": 0 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "29c0", + "value": 10688 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "model": "Intel Host bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:00.0", + "sysfs_bus_id": "0000:00:00.0", + "detail": { + "function": 0, + "command": 3, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d000029C0sv00001AF4sd00001100bc06sc00i00" + }, + { + "index": 18, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 3 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:03.0", + "sysfs_bus_id": "0000:00:03.0", + "resources": [ + { + "type": "irq", + "base": 23, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167934976, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 1, + "secondary_bus": 9, + "irq": 23, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": ["pcieport"], + "driver_modules": ["pcieportdrv"], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 19, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.6", + "sysfs_bus_id": "0000:00:02.6", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167943168, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 6, + "command": 1031, + "header_type": 1, + "secondary_bus": 7, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": ["pcieport"], + "driver_modules": ["pcieportdrv"], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 20, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.4", + "sysfs_bus_id": "0000:00:02.4", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167951360, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 4, + "command": 1031, + "header_type": 1, + "secondary_bus": 5, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": ["pcieport"], + "driver_modules": ["pcieportdrv"], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 22, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.2", + "sysfs_bus_id": "0000:00:02.2", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167959552, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 2, + "command": 1031, + "header_type": 1, + "secondary_bus": 3, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": ["pcieport"], + "driver_modules": ["pcieportdrv"], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 24, + "attached_to": 0, + "class_list": ["pci", "bridge"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0", + "sysfs_bus_id": "0000:00:02.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167967744, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 1, + "secondary_bus": 1, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": ["pcieport"], + "driver_modules": ["pcieportdrv"], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + } + ], + "cdrom": [ + { + "index": 33, + "attached_to": 6, + "class_list": ["cdrom", "scsi", "block_device"], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 1, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0002", + "name": "CD-ROM", + "value": 2 + }, + "pci_interface": { + "hex": "0003", + "name": "DVD", + "value": 3 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU DVD-ROM", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU DVD-ROM", + "sysfs_id": "/class/block/sr0", + "sysfs_bus_id": "1:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:1f.2/ata1/host1/target1:0:0/1:0:0:0", + "unix_device_name": "/dev/sr0", + "unix_device_number": { + "type": 98, + "major": 11, + "minor": 0, + "range": 1 + }, + "unix_device_names": [ + "/dev/cdrom", + "/dev/disk/by-id/ata-QEMU_DVD-ROM_QM00001", + "/dev/disk/by-path/pci-0000:00:1f.2-ata-1", + "/dev/disk/by-path/pci-0000:00:1f.2-ata-1.0", + "/dev/sr0" + ], + "unix_device_name2": "/dev/sg1", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 1, + "range": 1 + }, + "driver": "ahci", + "driver_module": "ahci", + "drivers": ["ahci", "sr"], + "driver_modules": ["ahci", "sr_mod"] + } + ], + "cpu": [ + { + "architecture": "x86_64", + "vendor_name": "AuthenticAMD", + "family": 25, + "model": 17, + "stepping": 0, + "features": [ + "fpu", + "vme", + "de", + "pse", + "tsc", + "msr", + "pae", + "mce", + "cx8", + "apic", + "sep", + "mtrr", + "pge", + "mca", + "cmov", + "pat", + "pse36", + "clflush", + "mmx", + "fxsr", + "sse", + "sse2", + "syscall", + "nx", + "mmxext", + "fxsr_opt", + "pdpe1gb", + "rdtscp", + "lm", + "rep_good", + "nopl", + "xtopology", + "cpuid", + "extd_apicid", + "tsc_known_freq", + "pni", + "pclmulqdq", + "ssse3", + "fma", + "cx16", + "pcid", + "sse4_1", + "sse4_2", + "x2apic", + "movbe", + "popcnt", + "aes", + "xsave", + "avx", + "f16c", + "rdrand", + "hypervisor", + "lahf_lm", + "cr8_legacy", + "abm", + "sse4a", + "misalignsse", + "3dnowprefetch", + "osvw", + "topoext", + "perfctr_core", + "ssbd", + "ibrs", + "ibpb", + "stibp", + "ibrs_enhanced", + "vmmcall", + "fsgsbase", + "bmi1", + "avx2", + "smep", + "bmi2", + "erms", + "invpcid", + "avx512f", + "avx512dq", + "rdseed", + "adx", + "smap", + "avx512ifma", + "clflushopt", + "clwb", + "avx512cd", + "sha_ni", + "avx512bw", + "avx512vl", + "xsaveopt", + "xsavec", + "xgetbv1", + "xsaves", + "avx512_bf16", + "clzero", + "xsaveerptr", + "wbnoinvd", + "arat", + "avx512vbmi", + "umip", + "pku", + "ospke", + "avx512_vbmi2", + "gfni", + "vaes", + "vpclmulqdq", + "avx512_vnni", + "avx512_bitalg", + "avx512_vpopcntdq", + "la57", + "rdpid", + "fsrm" + ], + "bugs": [ + "sysret_ss_attrs", + "spectre_v1", + "spectre_v2", + "spec_store_bypass", + "srso", + "ibpb_no_ret" + ], + "bogo": 4792.79, + "cache": 1024, + "physical_id": 0, + "siblings": 1, + "cores": 1, + "fpu": true, + "fpu_exception": true, + "cpuid_level": 13, + "write_protect": false, + "tlb_size": 1024, + "clflush_size": 64, + "cache_alignment": 64, + "address_sizes": { + "physical": "0x28", + "virtual": "0x39" + } + } + ], + "disk": [ + { + "index": 34, + "attached_to": 29, + "class_list": ["disk", "scsi", "block_device"], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0000", + "name": "Disk", + "value": 0 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU HARDDISK", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU HARDDISK", + "sysfs_id": "/class/block/sda", + "sysfs_bus_id": "0:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:02.5/0000:06:00.0/virtio5/host0/target0:0:0/0:0:0:0", + "unix_device_name": "/dev/sda", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 0, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_119349241", + "/dev/disk/by-path/pci-0000:06:00.0-scsi-0:0:0:0", + "/dev/sda" + ], + "unix_device_name2": "/dev/sg0", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 0, + "range": 1 + }, + "rom_id": "0x80", + "resources": [ + { + "type": "disk_geo", + "cylinders": 39064, + "heads": 64, + "sectors": 32, + "size": "0x0", + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 80003072, + "value_2": 512 + } + ], + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": ["sd", "virtio_scsi"], + "driver_modules": ["sd_mod", "virtio_scsi"] + } + ], + "graphics_card": [ + { + "index": 11, + "attached_to": 0, + "class_list": ["graphics_card", "pci"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0003", + "name": "Display controller", + "value": 3 + }, + "sub_class": { + "hex": "0000", + "name": "VGA compatible controller", + "value": 0 + }, + "pci_interface": { + "hex": "0000", + "name": "VGA", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1050", + "value": 4176 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "VGA compatible controller", + "sysfs_id": "/devices/pci0000:00/0000:00:01.0", + "sysfs_bus_id": "0000:00:01.0", + "resources": [ + { + "type": "irq", + "base": 21, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2147483648, + "range": 8388608, + "enabled": true, + "access": "read_only", + "prefetch": "no" + }, + { + "type": "mem", + "base": 2167971840, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 786432, + "range": 131072, + "enabled": false, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 826249576448, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 21, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": ["virtio-pci"], + "driver_modules": ["virtio_pci"], + "module_alias": "pci:v00001AF4d00001050sv00001AF4sd00001100bc03sc00i00" + } + ], + "hub": [ + { + "index": 35, + "attached_to": 10, + "class_list": ["usb", "hub"], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "010a", + "name": "Hub", + "value": 266 + }, + "vendor": { + "hex": "1d6b", + "name": "Linux 6.14.10 xhci-hcd", + "value": 7531 + }, + "device": { + "hex": "0002", + "name": "xHCI Host Controller", + "value": 2 + }, + "revision": { + "hex": "0000", + "name": "6.14", + "value": 0 + }, + "serial": "0000:02:00.0", + "model": "Linux 6.14.10 xhci-hcd xHCI Host Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1/0000:02:00.0/usb1/1-0:1.0", + "sysfs_bus_id": "1-0:1.0", + "resources": [ + { + "type": "baud", + "speed": 480000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 1, + "interface_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "hub", + "driver_module": "usbcore", + "drivers": ["hub"], + "driver_modules": ["usbcore"], + "module_alias": "usb:v1D6Bp0002d0614dc09dsc00dp01ic09isc00ip00in00" + }, + { + "index": 37, + "attached_to": 10, + "class_list": ["usb", "hub"], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "010a", + "name": "Hub", + "value": 266 + }, + "vendor": { + "hex": "1d6b", + "name": "Linux 6.14.10 xhci-hcd", + "value": 7531 + }, + "device": { + "hex": "0003", + "name": "xHCI Host Controller", + "value": 3 + }, + "revision": { + "hex": "0000", + "name": "6.14", + "value": 0 + }, + "serial": "0000:02:00.0", + "model": "Linux 6.14.10 xhci-hcd xHCI Host Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1/0000:02:00.0/usb2/2-0:1.0", + "sysfs_bus_id": "2-0:1.0", + "detail": { + "device_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 3, + "interface_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "hub", + "driver_module": "usbcore", + "drivers": ["hub"], + "driver_modules": ["usbcore"], + "module_alias": "usb:v1D6Bp0003d0614dc09dsc00dp03ic09isc00ip00in00" + } + ], + "memory": [ + { + "index": 4, + "attached_to": 0, + "class_list": ["memory"], + "base_class": { + "hex": "0101", + "name": "Internally Used Class", + "value": 257 + }, + "sub_class": { + "hex": "0002", + "name": "Main Memory", + "value": 2 + }, + "model": "Main Memory", + "resources": [ + { + "type": "mem", + "base": 0, + "range": 2010701824, + "enabled": true, + "access": "read_write", + "prefetch": "unknown" + }, + { + "type": "phys_mem", + "range": 2013265920 + } + ] + } + ], + "monitor": [ + { + "index": 31, + "attached_to": 11, + "class_list": ["monitor"], + "base_class": { + "hex": "0100", + "name": "Monitor", + "value": 256 + }, + "sub_class": { + "hex": "0002", + "name": "LCD Monitor", + "value": 2 + }, + "vendor": { + "hex": "4914", + "value": 18708 + }, + "device": { + "hex": "1234", + "name": "QEMU Monitor", + "value": 4660 + }, + "serial": "0", + "model": "QEMU Monitor", + "resources": [ + { + "type": "monitor", + "width": 1024, + "height": 768, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1280, + "height": 800, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1600, + "height": 1200, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1920, + "height": 1080, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 2048, + "height": 1152, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 640, + "height": 480, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 800, + "height": 600, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "size", + "unit": "mm", + "value_1": 325, + "value_2": 203 + } + ], + "detail": { + "manufacture_year": 2014, + "manufacture_week": 42, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "clock": 107300, + "width": 1280, + "height": 800, + "width_millimetres": 325, + "height_millimetres": 203, + "horizontal_flag": 45, + "vertical_flag": 45, + "vendor": "", + "name": "QEMU Monitor" + }, + "driver_info": { + "type": "display", + "width": 2048, + "height": 1152, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "bandwidth": 0, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "horizontal_flag": 45, + "vertical_flag": 45 + } + } + ], + "mouse": [ + { + "index": 36, + "attached_to": 35, + "class_list": ["mouse", "usb"], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0105", + "name": "Mouse", + "value": 261 + }, + "sub_class": { + "hex": "0003", + "name": "USB Mouse", + "value": 3 + }, + "vendor": { + "hex": "0627", + "name": "QEMU", + "value": 1575 + }, + "device": { + "hex": "0001", + "name": "QEMU USB Tablet", + "value": 1 + }, + "serial": "28754-0000:00:02.1:00.0-1", + "compat_vendor": "Unknown", + "compat_device": "Generic USB Mouse", + "model": "QEMU USB Tablet", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1/0000:02:00.0/usb1/1-1/1-1:1.0", + "sysfs_bus_id": "1-1:1.0", + "unix_device_name": "/dev/input/mice", + "unix_device_number": { + "type": 99, + "major": 13, + "minor": 63, + "range": 1 + }, + "unix_device_names": ["/dev/input/mice"], + "unix_device_name2": "/dev/input/mouse0", + "unix_device_number2": { + "type": 99, + "major": 13, + "minor": 32, + "range": 1 + }, + "resources": [ + { + "type": "baud", + "speed": 480000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 0, + "interface_class": { + "hex": "0003", + "name": "hid", + "value": 3 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "usbhid", + "driver_module": "usbhid", + "drivers": ["usbhid"], + "driver_modules": ["usbhid"], + "driver_info": { + "type": "mouse", + "db_entry_0": ["explorerps/2", "exps2"], + "xf86": "explorerps/2", + "gpm": "exps2", + "buttons": -1, + "wheels": -1 + }, + "module_alias": "usb:v0627p0001d0000dc00dsc00dp00ic03isc00ip00in00" + } + ], + "network_controller": [ + { + "index": 25, + "attached_to": 13, + "class_list": ["network_controller"], + "bus_type": { + "hex": "008f", + "name": "Virtio", + "value": 143 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": "Virtio", + "device": "Ethernet Card 0", + "model": "Virtio Ethernet Card 0", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0/0000:01:00.0/virtio1", + "sysfs_bus_id": "virtio1", + "unix_device_name": "enp1s0", + "unix_device_names": ["enp1s0"], + "resources": [ + { + "type": "hwaddr", + "address": 57 + }, + { + "type": "phwaddr", + "address": 57 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": ["virtio_net"], + "driver_modules": ["virtio_net"], + "module_alias": "virtio:d00000001v00001AF4" + } + ], + "network_interface": [ + { + "index": 38, + "attached_to": 0, + "class_list": ["network_interface"], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0000", + "name": "Loopback", + "value": 0 + }, + "model": "Loopback network interface", + "sysfs_id": "/class/net/lo", + "unix_device_name": "lo", + "unix_device_names": ["lo"] + }, + { + "index": 39, + "attached_to": 25, + "class_list": ["network_interface"], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0001", + "name": "Ethernet", + "value": 1 + }, + "model": "Ethernet network interface", + "sysfs_id": "/class/net/enp1s0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:02.0/0000:01:00.0/virtio1", + "unix_device_name": "enp1s0", + "unix_device_names": ["enp1s0"], + "resources": [ + { + "type": "hwaddr", + "address": 57 + }, + { + "type": "phwaddr", + "address": 57 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": ["virtio_net"], + "driver_modules": ["virtio_net"] + } + ], + "pci": [ + { + "index": 5, + "attached_to": 22, + "class_list": ["pci", "unknown"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 3, + "number": 0 + }, + "base_class": { + "hex": "0007", + "name": "Communication controller", + "value": 7 + }, + "sub_class": { + "hex": "0080", + "name": "Communication controller", + "value": 128 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1043", + "value": 4163 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Communication controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.2/0000:03:00.0", + "sysfs_bus_id": "0000:03:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2164260864, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 826245382144, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": ["virtio-pci"], + "driver_modules": ["virtio_pci"], + "module_alias": "pci:v00001AF4d00001043sv00001AF4sd00001100bc07sc80i00" + }, + { + "index": 13, + "attached_to": 24, + "class_list": ["pci", "unknown"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 1, + "number": 0 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1041", + "value": 4161 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Ethernet controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0/0000:01:00.0", + "sysfs_bus_id": "0000:01:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2166358016, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 2166882304, + "range": 524288, + "enabled": false, + "access": "read_only", + "prefetch": "no" + }, + { + "type": "mem", + "base": 826244333568, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": ["virtio-pci"], + "driver_modules": ["virtio_pci"], + "module_alias": "pci:v00001AF4d00001041sv00001AF4sd00001100bc02sc00i00" + }, + { + "index": 15, + "attached_to": 0, + "class_list": ["pci", "unknown"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "hex": "000c", + "name": "Serial bus controller", + "value": 12 + }, + "sub_class": { + "hex": "0005", + "name": "SMBus", + "value": 5 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "2930", + "value": 10544 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "Intel SMBus", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.3", + "sysfs_bus_id": "0000:00:1f.3", + "resources": [ + { + "type": "io", + "base": 24576, + "range": 64, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 16, + "triggered": 0, + "enabled": true + } + ], + "detail": { + "function": 3, + "command": 3, + "header_type": 0, + "secondary_bus": 0, + "irq": 16, + "prog_if": 0 + }, + "driver": "i801_smbus", + "driver_module": "i2c_i801", + "drivers": ["i801_smbus"], + "driver_modules": ["i2c_i801"], + "module_alias": "pci:v00008086d00002930sv00001AF4sd00001100bc0Csc05i00" + }, + { + "index": 21, + "attached_to": 20, + "class_list": ["pci", "unknown"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 5, + "number": 0 + }, + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "00ff", + "value": 255 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1044", + "value": 4164 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.4/0000:05:00.0", + "sysfs_bus_id": "0000:05:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2163212288, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 826247479296, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": ["virtio-pci"], + "driver_modules": ["virtio_pci"], + "module_alias": "pci:v00001AF4d00001044sv00001AF4sd00001100bc00scFFi00" + }, + { + "index": 23, + "attached_to": 12, + "class_list": ["pci", "unknown"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 4, + "number": 0 + }, + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "00ff", + "value": 255 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1045", + "value": 4165 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.3/0000:04:00.0", + "sysfs_bus_id": "0000:04:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 826246430720, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": ["virtio-pci"], + "driver_modules": ["virtio_pci"], + "module_alias": "pci:v00001AF4d00001045sv00001AF4sd00001100bc00scFFi00" + } + ], + "storage_controller": [ + { + "index": 6, + "attached_to": 0, + "class_list": ["storage_controller", "pci"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0006", + "value": 6 + }, + "pci_interface": { + "hex": "0001", + "value": 1 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "2922", + "value": 10530 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "Intel Mass storage controller", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.2", + "sysfs_bus_id": "0000:00:1f.2", + "resources": [ + { + "type": "io", + "base": 24640, + "range": 32, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 44, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2167930880, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 2, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 44, + "prog_if": 1 + }, + "driver": "ahci", + "driver_module": "ahci", + "drivers": ["ahci"], + "driver_modules": ["ahci"], + "module_alias": "pci:v00008086d00002922sv00001AF4sd00001100bc01sc06i01" + }, + { + "index": 17, + "attached_to": 9, + "class_list": ["storage_controller", "pci"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 6, + "number": 0 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0000", + "name": "SCSI storage controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1048", + "value": 4168 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "SCSI storage controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.5/0000:06:00.0", + "sysfs_bus_id": "0000:06:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2162163712, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 826248527872, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": ["virtio-pci"], + "driver_modules": ["virtio_pci"], + "module_alias": "pci:v00001AF4d00001048sv00001AF4sd00001100bc01sc00i00" + } + ], + "system": { + "form_factor": "desktop" + }, + "unknown": [ + { + "index": 26, + "attached_to": 21, + "class_list": ["unknown"], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.4/0000:05:00.0/virtio4", + "sysfs_bus_id": "virtio4", + "driver": "virtio_rng", + "driver_module": "virtio_rng", + "drivers": ["virtio_rng"], + "driver_modules": ["virtio_rng"], + "module_alias": "virtio:d00000004v00001AF4" + }, + { + "index": 27, + "attached_to": 5, + "class_list": ["unknown"], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.2/0000:03:00.0/virtio2", + "sysfs_bus_id": "virtio2", + "driver": "virtio_console", + "driver_module": "virtio_console", + "drivers": ["virtio_console"], + "driver_modules": ["virtio_console"], + "module_alias": "virtio:d00000003v00001AF4" + }, + { + "index": 28, + "attached_to": 11, + "class_list": ["unknown"], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:01.0/virtio0", + "sysfs_bus_id": "virtio0", + "driver": "virtio_gpu", + "driver_module": "virtio_gpu", + "drivers": ["virtio_gpu"], + "driver_modules": ["virtio_gpu"], + "module_alias": "virtio:d00000010v00001AF4" + }, + { + "index": 29, + "attached_to": 17, + "class_list": ["unknown"], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.5/0000:06:00.0/virtio5", + "sysfs_bus_id": "virtio5", + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": ["virtio_scsi"], + "driver_modules": ["virtio_scsi"], + "module_alias": "virtio:d00000008v00001AF4" + }, + { + "index": 30, + "attached_to": 23, + "class_list": ["unknown"], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.3/0000:04:00.0/virtio3", + "sysfs_bus_id": "virtio3", + "driver": "virtio_balloon", + "driver_module": "virtio_balloon", + "drivers": ["virtio_balloon"], + "driver_modules": ["virtio_balloon"], + "module_alias": "virtio:d00000005v00001AF4" + }, + { + "index": 32, + "attached_to": 0, + "class_list": ["unknown"], + "base_class": { + "hex": "0007", + "name": "Communication controller", + "value": 7 + }, + "sub_class": { + "hex": "0000", + "name": "Serial controller", + "value": 0 + }, + "pci_interface": { + "hex": "0002", + "name": "16550", + "value": 2 + }, + "device": { + "hex": "0000", + "name": "16550A", + "value": 0 + }, + "model": "16550A", + "unix_device_name": "/dev/ttyS0", + "unix_device_names": ["/dev/ttyS0"], + "resources": [ + { + "type": "io", + "base": 1016, + "range": 0, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 4, + "triggered": 0, + "enabled": true + } + ] + } + ], + "usb_controller": [ + { + "index": 10, + "attached_to": 14, + "class_list": ["usb_controller", "pci"], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 2, + "number": 0 + }, + "base_class": { + "hex": "000c", + "name": "Serial bus controller", + "value": 12 + }, + "sub_class": { + "hex": "0003", + "name": "USB Controller", + "value": 3 + }, + "pci_interface": { + "hex": "0030", + "value": 48 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "000d", + "value": 13 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "USB Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1/0000:02:00.0", + "sysfs_bus_id": "0000:02:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2165309440, + "range": 16384, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 48 + }, + "driver": "xhci_hcd", + "driver_module": "xhci_pci", + "drivers": ["xhci_hcd"], + "driver_modules": ["xhci_pci"], + "module_alias": "pci:v00001B36d0000000Dsv00001AF4sd00001100bc0Csc03i30" + } + ] + }, + "smbios": { + "bios": { + "handle": 0, + "vendor": "Hetzner", + "version": "20171111", + "date": "11/11/2017", + "features": null, + "start_address": "0xe8000", + "rom_size": 65536 + }, + "board": { + "handle": 512, + "manufacturer": "KVM", + "product": "Standard PC (Q35 + ICH9, 2009)", + "version": "pc-q35-8.2", + "board_type": { + "hex": "000a", + "name": "Motherboard", + "value": 10 + }, + "features": ["Hosting Board"], + "location": "", + "chassis": 768 + }, + "chassis": [ + { + "handle": 768, + "manufacturer": "QEMU", + "version": "NotSpecified", + "chassis_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "lock_present": false, + "bootup_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "power_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "thermal_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "security_state": { + "hex": "0002", + "name": "Unknown", + "value": 2 + }, + "oem": "0x0" + } + ], + "memory_array": [ + { + "handle": 4096, + "location": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "usage": { + "hex": "0003", + "name": "System memory", + "value": 3 + }, + "ecc": { + "hex": "0006", + "name": "Multi-bit", + "value": 6 + }, + "max_size": "0x1f4000", + "error_handle": 65534, + "slots": 1 + } + ], + "memory_array_mapped_address": [ + { + "handle": 4864, + "array_handle": 4096, + "start_address": "0x0", + "end_address": "0x7d000000", + "part_width": 1 + } + ], + "memory_device": [ + { + "handle": 4352, + "location": "DIMM 0", + "bank_location": "", + "manufacturer": "QEMU", + "part_number": "", + "array_handle": 4096, + "error_handle": 65534, + "width": 0, + "ecc_bits": 0, + "size": 2048000, + "form_factor": { + "hex": "0009", + "name": "DIMM", + "value": 9 + }, + "set": 0, + "memory_type": { + "hex": "0007", + "name": "RAM", + "value": 7 + }, + "memory_type_details": ["Other"], + "speed": 0 + } + ], + "processor": [ + { + "handle": 1024, + "socket": "CPU 0", + "socket_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "socket_populated": true, + "manufacturer": "QEMU", + "version": "NotSpecified", + "part": "", + "processor_type": { + "hex": "0003", + "name": "CPU", + "value": 3 + }, + "processor_family": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "processor_status": { + "hex": "0001", + "name": "Enabled", + "value": 1 + }, + "clock_ext": 0, + "clock_max": 2000, + "cache_handle_l1": 0, + "cache_handle_l2": 0, + "cache_handle_l3": 0 + } + ], + "system": { + "handle": 256, + "manufacturer": "Hetzner", + "product": "vServer", + "version": "20171111", + "wake_up": { + "hex": "0006", + "name": "Power Switch", + "value": 6 + } + } + } +} diff --git a/modules/clan/wordpress/default.nix b/modules/clan/wordpress/default.nix new file mode 100644 index 0000000..72ff871 --- /dev/null +++ b/modules/clan/wordpress/default.nix @@ -0,0 +1,145 @@ +{ ... }: +{ + _class = "clan.service"; + manifest.name = "wordpress"; + manifest.description = "wordpress with multi-tenant support and state of plugins and themes are allowed"; + manifest.readme = "wordpress with multi-tenant support and state of plugins and themes are allowed"; + manifest.categories = [ "System" ]; + + roles.server = { + description = "A default server role"; + interface = + { lib, ... }: + { + options = { + tenants = lib.mkOption { + type = with lib.types; listOf str; + default = [ "localhost" ]; + description = "List of tenants website to host on the instance"; + example = [ "example.com" ]; + }; + }; + }; + + perInstance = + { settings, ... }: + { + nixosModule = + { + pkgs, + lib, + config, + ... + }: + let + user = "wordpress"; + + mkSafeDBName = domain: "wp_${builtins.replaceStrings [ "." ] [ "_" ] domain}"; + + mkWordpressSite = domain: { + database = { + name = mkSafeDBName domain; + user = user; + }; + package = wp-pkg domain; + extraConfig = '' + define('FS_METHOD', 'direct'); + ''; + themes = { }; + }; + + stateDir = hostName: "/var/lib/wordpress/${hostName}"; + + wp-pkg = + hostName: + let + upStreamSrc = pkgs.wordpress; + in + pkgs.stdenv.mkDerivation { + pname = "wordpress-custom"; + version = upStreamSrc.version; + src = upStreamSrc; + + installPhase = '' + mkdir -p $out + cp -r * $out/ + + rm -rf $out/share/wordpress/wp-content/plugins + rm -rf $out/share/wordpress/wp-content/themes + + # symlink uploads directory + ln -s "${stateDir hostName}"/wp-content/themes $out/share/wordpress/wp-content/themes + ln -s "${stateDir hostName}"/wp-content/plugins $out/share/wordpress/wp-content/plugins + ln -s "${stateDir hostName}"/wp-content/upgrade $out/share/wordpress/wp-content/upgrade + + ''; + }; + webserver = config.services.${config.services.wordpress.webserver}; + in + { + services.wordpress.webserver = "nginx"; + + services.wordpress.sites = builtins.listToAttrs ( + map (tenant: { + name = tenant; + value = mkWordpressSite tenant; + + }) settings.tenants + ); + + systemd.tmpfiles.rules = lib.flatten ( + map (tenant: [ + "d '${stateDir tenant}/wp-content' 0750 ${user} ${webserver.group} - -" + "d '${stateDir tenant}/wp-content/themes' 0750 ${user} ${webserver.group} - -" + "Z '${stateDir tenant}/wp-content/themes' 0750 ${user} ${webserver.group} - -" + "d '${stateDir tenant}/wp-content/plugins' 0750 ${user} ${webserver.group} - -" + "Z '${stateDir tenant}/wp-content/plugins' 0750 ${user} ${webserver.group} - -" + "d '${stateDir tenant}/wp-content/upgrade' 0750 ${user} ${webserver.group} - -" + "Z '${stateDir tenant}/wp-content/upgrade' 0750 ${user} ${webserver.group} - -" + ]) settings.tenants + ); + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; + + security.acme.certs = lib.listToAttrs ( + map ( + tenant: + (lib.nameValuePair tenant { + email = config.clan.core.vars.generators.acme.files.email.value; + webroot = "/var/lib/acme/acme-challenge/${tenant}"; + }) + ) settings.tenants + ); + + services.nginx.virtualHosts = lib.listToAttrs ( + map ( + tenant: + (lib.nameValuePair tenant { + forceSSL = true; + useACMEHost = tenant; + acmeRoot = config.security.acme.certs.${tenant}.webroot; + }) + ) settings.tenants + ); + + clan.core.vars.generators.acme = { + share = true; + files.email.secret = false; + + prompts.email = { + type = "line"; + description = "Email for ACME registeration"; + }; + + script = '' + cat $prompts/email > $out/email + ''; + }; + + }; + }; + }; +} diff --git a/modules/clan/wordpress/flake-module.nix b/modules/clan/wordpress/flake-module.nix new file mode 100644 index 0000000..db425c7 --- /dev/null +++ b/modules/clan/wordpress/flake-module.nix @@ -0,0 +1,19 @@ +{ self, inputs, ... }: +let + module = ./default.nix; +in +{ + clan.modules = { + wordpress = module; + }; + perSystem = + { ... }: + { + clan.nixosTests.service-wordpress = { + imports = [ ./tests/vm/default.nix ]; + _module.args = { inherit self inputs; }; + + clan.modules."@clan/wordpress" = module; + }; + }; +} diff --git a/modules/clan/wordpress/tests/vm/default.nix b/modules/clan/wordpress/tests/vm/default.nix new file mode 100644 index 0000000..139c9dc --- /dev/null +++ b/modules/clan/wordpress/tests/vm/default.nix @@ -0,0 +1,59 @@ +{ + self, + config, + lib, + hostPkgs, + ... +}: +{ + name = "service-wordpress"; + result.update-vars = + let + relativeDir = lib.removePrefix "${self}/" (toString config.clan.directory); + in + hostPkgs.writeShellScriptBin "update-vars" '' + set -x + export PRJ_ROOT=$(git rev-parse --show-toplevel) + ${ + self.inputs.clan-core.packages.${hostPkgs.system}.clan-cli + }/bin/clan-generate-test-vars $PRJ_ROOT/${relativeDir} ${config.name} + ''; + + clan = { + test.useContainers = false; + directory = ./.; + inventory = { + machines.server = { }; + + instances = { + wordpress-test = { + module.name = "@clan/wordpress"; + module.input = "self"; + roles.server.machines."server".settings = { + tenants = [ + "localhost" + "site2.localhost" + ]; + }; + }; + }; + }; + }; + + nodes = { + server = { }; + }; + + testScript = '' + start_all() + + server.wait_for_unit("phpfpm-wordpress-localhost.service") + server.wait_for_unit("phpfpm-wordpress-site2.localhost.service") + + server.succeed("systemctl status phpfpm-wordpress-localhost.service") + server.succeed("systemctl status phpfpm-wordpress-site2.localhost.service") + server.wait_for_open_port(80) + server.succeed("curl -H \"Host: localhost\" http://127.0.0.1:80 ") + server.succeed("curl -H \"Host: site2.localhost\" http://127.0.0.1:80 ") + ''; +} diff --git a/sops/machines/tangra/key.json b/sops/machines/tangra/key.json new file mode 100755 index 0000000..ace941d --- /dev/null +++ b/sops/machines/tangra/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age14pdszyzzu9lwzhxs7xz7k94knvgensay9qr4p6j9z8qnqnvqup8qpvk6ra", + "type": "age" + } +] \ No newline at end of file diff --git a/sops/secrets/tangra-age.key/groups/admins b/sops/secrets/tangra-age.key/groups/admins new file mode 120000 index 0000000..e5092e3 --- /dev/null +++ b/sops/secrets/tangra-age.key/groups/admins @@ -0,0 +1 @@ +../../../groups/admins \ No newline at end of file diff --git a/sops/secrets/tangra-age.key/secret b/sops/secrets/tangra-age.key/secret new file mode 100644 index 0000000..f154a7c --- /dev/null +++ b/sops/secrets/tangra-age.key/secret @@ -0,0 +1,46 @@ +{ + "data": "ENC[AES256_GCM,data:H6zKr5xrPfHM7L1PAA3yHY2T9K6/IPfPshUncIldSW/9mMFMbLz0d4E+hp5IZCm50fLl5PHFOjIK5h390knrH3fz0zzmCgE3kn4=,iv:5XiZsewvqB8Z5v+0IDrdHl2YjrpwX9BVOg63U5ME6Zc=,tag:L1S/TgS3Rq8Pp5EC1VITgQ==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYZ1NobkZOY3V3bm5JNHdx\nZjhTbXkzVXNvUkE4UnNJRjFhc1dGc1loMndJCnBkWkZxM0Y2TDZORFVxek8zZWdG\nQ1h3Qy9pZmpWSzdmcE5RZlRaY3hBNWcKLS0tIG0wK01ya2pnT0NrMWdTRnp2WTI4\neFA3Ujk3N3VaNVpOQzNiSDVpNThGdWMKii698kqkazUHyoFmRogEAOuTwcjeQS/c\nhU2Hm4AAzb41G6KqH2LKxDhF3j4TZaKennSkC2bH5ruTbMHxNup7CQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5R1lURmRWOTVyTU00SktX\nb1RaYWtpZHRleDdObC90VWhMemp0MDBBRmtVCi9iQ0dpaGFPQm9sUURwS2JGL1gr\nYmEzdHp4S0VNaHpVMFBwUmxweGE4RGsKLS0tIHFhUDh5QjFaVktzRloxMkhQVmk4\nbXNTczhoVmpZY28rRjZqbXBOYjNXcDgKGxmMonIfC9kgzIrkL3SQkiAPSPloZIDM\nT1+f4ydepFm0hPYn+/Bv/tdKkgpErRIT5xU+EE/Rt2WrxiyJzRSZyQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEZZa044T252\nUXdGMVhTRzBxVGd1U1c4WktXeDRwQnRaNndOWUZKNUJ6eXcgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpTMlZOeklYYUxVNERvQktxM29DMkVE\nd3NIRUpDcUpicVhnVEtKaXM1RU1nCi0tLSBFelMyYTVxaU40K0FKMXUzbGdvWUxH\nMUFyQkxNT0N5RE0zdHRxR2RkanZvCvyZswq45eIaE2IKLtx1Z2ayjAKthvmc9uQ/\nO5lIEaC44kgxrLXPJqk93fY2q1d0FaJMdBPRmQ5n5Y+T6yaqF0Y=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGVKUWM4dXY2\nNW5QK1VmN1I2dDhINnNDUXpMUmFsbDZXazlyZEI4WC9JVHMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpwSTN4TEdXQzJ6Q3pQLzA0VFV3YThy\nc0xQM2FKT2RkckNqRXFNRzZVU29rCi0tLSBOUEhTTWpmcy9TelE0YWZuM2RGdER1\nRi9EQXkrd2krUGNyc3drNXJsSnE4Cmyrlx1n0/TGV3ebUYYe/7zB0tpmAGyaTLER\nUshbqgbybtLAfiEyq9ZAolHhVmkQ1GCJbOaIzZUneOi5NYem1+k=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHNJSVlBQXAw\nQWdDUVRuNUdhdkxORXFGc050Y3pKVWRuTlVTbURROS9wMTggQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpWNGllcTZtdmVoY2lTSHhOMkNtam9w\nb2dmOWlGdWsvcWZXN2pRMUJEcGZvCi0tLSBPTFA3OVdPK2hLd0pIZVJkbW50WkIw\nSmtPZXFkcTNoazVnTXYrR0NxVnA0Cu++kUfu1nrTWaa+p4KaRUpVa16L9xXkubQS\ntiRwmxYBhXgZn+jLPvDWqkBwNbbezD8QoY5bJsOaCoFvPoAB3sI=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0Ry9uaE04UzNLc2Mxbmgy\nRDFNNEtnTVh3U2xoZ08wVmxPSUV1cXpSTERZCjlEL1R0UWUyd0FiN1FtbnRuYnpV\nUUVoT0JzUDUwTzNvWVNic0hvaTFCZzQKLS0tIDF2UVp5WTJFRUxZN1B5SU5Uc3h6\neTBiMFo4ZnBSMFJBSHE4ejMwMFp5SzQKzaGWhdQJ70djvkOv0CMCyzBpWtgoyNog\nfXlSb1nEnx0S4n7BbQeUMcbNZR0Gz8BzfovJIokGeN2VI/CNc9NijA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5UGJSY0VEa01BVitIeTdu\ndGFXajF4WU5GUTFTT0hrL1B5RWtSTG9JSXp3Ck5SMFZFUDV1ZXNhNGRIenNFQU9N\ndlR1OVMyNnA0eC9RaVN5K0hGdVRXbjgKLS0tIDBsdFpnZGF2cWN3MEptN0M1TWhS\nUFdDbHVEWDhzYmUwRlRYWVMza0kreWMKpwl8k1XM+6czx+zWG5A2dTy6BIb6AxTw\nr04mzDlMG4M8KZAQ9n/ZhVJgAEIdyMckahQThpLDKPTY2PJvJF5/FQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMZnQ0NjRQUExUVmpUekl3\nMk9HS2VDOU5FS0drZGZocTZNc3VRZmpEMnlJCmJ4S1cvY3RoRHErcUpxYUdaZmJn\nYlAwQ3c4VGV0MGkxT2NVMjJ2eUNEYncKLS0tIDNTVDRNN0NZaWJiMDk2WTR2aWov\nSzRsQm9wcWx3R2ZmZnZ4bnlmNmhtR0EK7KHcKUBvAEFB/65Pv/55POguBOOMw+t+\nFwlvTxPo5Ec94XAc/lqvOz/RfYF73Os4qiGzkZ8WXft7FHl9kkqfBg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIOFpnZWltdWIrRU1LblNt\nQ21xRE92a1FXQThkVkI4bk9WWFB6dzhkeFJVCnVjK2cxdUlyS2xYTTFKVm5mc3Fv\ndHVHQXBVRzJqQTBDMUxTVFkvczNnMlUKLS0tIEU1ZlFvcmFtdDJKcDJHYnRiMnZv\naHlCOEJKNmh3bHFhcHFMM2lhRC9GcDgK1vvGk+P2/DriuNi9pdwgsr99GAvZdPAp\nDWBG6cH9pSbLGu2+rsrOGPdQ+kgp7pz/XNEDFMMzL3Nh5LNk6+r3uQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + } + ], + "lastmodified": "2026-05-28T06:47:03Z", + "mac": "ENC[AES256_GCM,data:XZLMRmecN1YpFNph8UgUzztJaKN71udV8bBsiTc+eyRD0BOdFBbCQ13sVf7YzGXthlyTG6jWSJRRWSQ0G+0B88GGIMzGDnxXafbQdd0swF6Ff41KftKvKtxAsUg3nMErUo+oQ7JM4RzOFsowi5qmdM/ANZokCc6c4xzVR6DZTAo=,iv:gwuk9sbxuWdKUyRE/rUcQ1WnoqKFfZFvCDwxxPQpQL8=,tag:Qqcmc354g7DuU4q0SSEiFw==,type:str]", + "version": "3.13.0" + } +} diff --git a/sops/secrets/tangra-age.key/users/kurogeek b/sops/secrets/tangra-age.key/users/kurogeek new file mode 120000 index 0000000..54331f5 --- /dev/null +++ b/sops/secrets/tangra-age.key/users/kurogeek @@ -0,0 +1 @@ +../../../users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/tangra/openssh-cert/.validation-hash b/vars/per-machine/tangra/openssh-cert/.validation-hash new file mode 100644 index 0000000..615a651 --- /dev/null +++ b/vars/per-machine/tangra/openssh-cert/.validation-hash @@ -0,0 +1 @@ +9c6a25028e3d8c9821d2af3ee592080d0fa152d38346930c1f04951787d2e734 \ No newline at end of file diff --git a/vars/per-machine/tangra/openssh-cert/ssh.id_ed25519-cert.pub/value b/vars/per-machine/tangra/openssh-cert/ssh.id_ed25519-cert.pub/value new file mode 100644 index 0000000..8d090e9 --- /dev/null +++ b/vars/per-machine/tangra/openssh-cert/ssh.id_ed25519-cert.pub/value @@ -0,0 +1 @@ +ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIDKzbKyaQywfgti9trDJGnnCptpuA8ayfxZHE6ST3TMjAAAAIDxgNyEJ7VktnhHLiISIeJn5j0mTzgRrKK+aZJBIImxHAAAAAAAAAAAAAAACAAAABnRhbmdyYQAAAA8AAAALdGFuZ3JhLmNsYW4AAAAAAAAAAP//////////AAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACCH0ihJXtD/Ff8S+ANZV8eZbgwjI6/H3sfP3NZdzzJ6sAAAAFMAAAALc3NoLWVkMjU1MTkAAABA1LI0WlRoj0pARALAKV5sfOdqZ0BPcbQ/DOdvAKMtHr+s4j1AZRHVB/kh7SrZFoXf1UBechTbVTVcXF5IZjUPDQ== /tmp/vars-i3mdwzkm/in/openssh/ssh.id_ed25519.pub diff --git a/vars/per-machine/tangra/openssh/ssh.id_ed25519.pub/value b/vars/per-machine/tangra/openssh/ssh.id_ed25519.pub/value new file mode 100644 index 0000000..f94135c --- /dev/null +++ b/vars/per-machine/tangra/openssh/ssh.id_ed25519.pub/value @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDxgNyEJ7VktnhHLiISIeJn5j0mTzgRrKK+aZJBIImxH diff --git a/vars/per-machine/tangra/openssh/ssh.id_ed25519/groups/admins b/vars/per-machine/tangra/openssh/ssh.id_ed25519/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/tangra/openssh/ssh.id_ed25519/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/tangra/openssh/ssh.id_ed25519/machines/tangra b/vars/per-machine/tangra/openssh/ssh.id_ed25519/machines/tangra new file mode 120000 index 0000000..cd04106 --- /dev/null +++ b/vars/per-machine/tangra/openssh/ssh.id_ed25519/machines/tangra @@ -0,0 +1 @@ +../../../../../../sops/machines/tangra \ No newline at end of file diff --git a/vars/per-machine/tangra/openssh/ssh.id_ed25519/secret b/vars/per-machine/tangra/openssh/ssh.id_ed25519/secret new file mode 100644 index 0000000..c56c244 --- /dev/null +++ b/vars/per-machine/tangra/openssh/ssh.id_ed25519/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:QsgMWhakW0PZ5M4cunh67s2IFwLx59uHjg+en9n7/Bc2p52MHou0PVWE05YRQF3/v+rc0a+LjJk08rFcwpA+bhYQCQkZpCBVhetX+LA4aPnzyEMU6k17PZrmi1UkZw3oEWASY227SFAT45xL8Z9zBjfhv8vOuj5MdLnvTvuzBUWiEhbaQmY9WonzyA36OXaQC+biO56kKFqf/lQ6w0w8sUJ62Ha3bGzMUKv29SzMkqoEsaCCWfZDkcvON/ThOYPkPBU5163gI5ahHIN7yNU/8SNk4hCjHicXzlxqGDC/WuzqtQNjPNTt+9LKlfJDxE2b9771wBoXvxXrSI9O0qt7cM/iIiLonRLLbnrO/U1kWtxoZ1CMygra8xP+pJ//ANBY2mgcznWumG8bQJ9J6pV2BP7nbUTnn8oVUKIfFDuAU9hDXEdcSIadd1BjvrOa8/x2uz1ehPHuUMVEM7yzTQERPsI2J1NbKE9TouVysliIoWlY9PLMuWalqxxMr8mfeVx1Xpzd,iv:dqNnlFMFifsh0xKco9lCpmHffCpIbrfckbn8WJJ81IQ=,tag:CbJjJO8R4El2NUdT/469YA==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvTnVlbGk4b2NlSy9YYlR3\nNjlMWkYyQlhLbTJESVh2cWlsdjBPcnBkUWtvCkpwTndxLzBZd1g0alFvUVRuaVFy\ncXdZNXprNEJwNEZRdkNuOGFpU1dwb00KLS0tIHM5TFhEZ1UwdFpqdlRpdVRMYk15\nYW9mZXRZeTlGaUZCZzZ6ZmdxU1JqRkUKW0m5oHWIZ21LyQyr6PF/JpOydyFZNnHd\ns1D+DDDx53RZT6h2/ySqj3v2OT6OqppGcmnu1k/g6JsIFlcMhOnvaQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlNTRDUXNKaTNFVlZnZGxO\nU1gvNUxDZFlVVk5Yc3hYcVNVSERTNTBVR1VFCit5bTdQT1UvWjYvYUsyelgraGJq\nRDJZNnRkdDBDVkZrTlR0dnJQSk5EMUEKLS0tIDF1Vk93bG9zMG16MjdabUdsQjc1\nY1FQOWZCMjV6cUVZamcrYXpMYUFqTlkKYuXBX+l0Mi5zx+zbRxeX7ekTSs3q+jAU\nvLB+bDDVEre9iA3Xc6gE0XuoMfDA4cFBtk01AAYo9mw4pZ8OPIHDMg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age14pdszyzzu9lwzhxs7xz7k94knvgensay9qr4p6j9z8qnqnvqup8qpvk6ra" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzWWtBWWlZU2FnRzMvcjFv\nWVAza21XbjFWN0J5dDMwYWxrb0xKc05zNGtFClBYWHVMWG05ZTlOK0d5ZUVEVnNk\nc2dnazBxc0tqSVAyMmpZT3JPZkVCcTQKLS0tIHZPMTRTRXNxOUNWcjhtL0NTdTlW\naS91SVgwbzdXLzAzcUN0b3VmS2luV3cKr8fbwJRXSozjMWS5KEzjw0vH8S8l4MGV\nqFW4To6t331AeMzSWaRAyeRC7Gn+iOBMRghQWG3w+mP++AU4U9fo/w==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHpPM2ZNL2g4\ndlJsaDNPTWJhM0xrbERPZ0R0YW40ZEpCR3FVTGNCaGhzeFUgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpQTTN1NHhKM1g3cU5XSFNDS0tQV1o1\nUWZiTjh5VWRtNkVablE4TjhGc0E0Ci0tLSBuaU93Y0lSdC9NTFI5M0lyL2JhK04w\ncWpGZFpleDVJQVJvd1VGZEFwZUtJCtDcGwUA2xhFfp07r1QM6i+ZU5teTjdNxEMD\n0ToleHNTn/6wUBirwGMz9BCt0MF0q8nSZ8Qz1ey9dbRlSsWCi3s=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDF1eFNwcmkx\neTdReFJrNXpmQnNlei9QTHVKSVpxNTVweHkrZ3BMVDNjeFEgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwplS2dIL3ZJYzlqdHdVS2VTb0VZMURw\nVlg5REtDVzFRNGpYM0xveVlnSDlBCi0tLSBrWkJDc0pZSldUNWNvMklGa0NXL3BW\nMTZSYm5CYUtja2g5VVlaNmVVZElZCvvIpW9QSWKo6GysXf9OjwjBsrkDmYahHYvx\nn6DXSzc69rNKk5Yjw5uitwPDaUJf8B5Nsp1A5+pCgPgM9/B0zbY=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGFIOVd4aHNU\nSEgybEtCUUxiRFJRdEpIVExWV01RdUpJR0l5V1dwdXlXbXMgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpYbkxDV1dwRVorNTF1TUNiUk1VdmRU\nYmp3YjZxSU4xOEMvWGFvMWplRDhJCi0tLSBURlhneWptcjJtRDJBTGxvRDJabDdU\nZWpvNURqSFJDWmtOdjBaSzU3dG9BCvjk+IW/vCFAHzLNji7WQd0B+ZslaE9I6SC2\nmNPywn4YAvhdm5x2LNibxVz7CkLvAAifZMEHa0E01m9NtJEqlUw=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1S0x1anNITUhFTEczVHFu\ncVJPYldadk1rekQ0aTVCeHp1NXFvcjYzQjJvCk9rYm5HTXBiZmx5ZVA2TlRvZSs2\naE1VVW1xczFmeUFWSE53blpnanRsSE0KLS0tIHE4dm5tc1NuZ3R0bGlTcE9YRXpv\nS2FZbEhBQXphVE5OcThwbU5aNHpCdXcK9auwFg7oE0lI9dIjKD96ezencWIW7CkL\nR1NBZyS5Z+nKOqI93R927OzrVExlZ6BeEPFSuyS9zZDTpbI5eKA06g==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTY3E3dG5EZkcyd1RsSHlo\nTFN0cFRZVzc0cWpWaDRNUEhGakk4VmNreXpvCjVJS2NHTEhDdWJvZFpyYnpHbUpk\nQ1dtVXowS1lWd1NNT1p5K01PNjNLRlkKLS0tIGlBaEgwUGtsUkpQUHNuN0UwOGNI\nSlQrakx4R1AxSHZHclE4R2t5cU9MRmcK7OeoOokvNY/OyoUBBOHocXy33sO8tKVH\nZqE6DSRs091kwFRJcQoxsgLlbpbYS1LHczRzX0vfaizRv4zvogwGdQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArRFAxSnAxYmR1NzJJd0tr\nd3dzeUxzcmdJejVoWkV1TjZDNG9CdG8wT1JVCjBySXdTZXlDUUFNWDZ2ZVVJb0Qx\nMGt6WWYxT0ZHK2NIdHFJY3RvcVcrMEUKLS0tIGY1VEFoZmNLaWEyRTdqRnJGc2Ev\nMmw4T00rbjhhcFovRmJDcThJZzl2Vk0KomKf7Hq9B3sq5nzoibvTidtwc/6qU2SN\noBhAiF9TbxxEbRLso+uEJ1/bsp/13Fy0HldEh62TDFHswmfFGN1enA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuVEgwbjhLTTBBQ1BVZ1Nu\nQllOQlNWSkw3ODRpVkNyNjgvRHE2Qndwd0NNClFVYzZvV0lmY1JLWUVDbjFmc0NX\nalVlYzRuVjJDWWY5Vyt3MWJJV1ovUmsKLS0tIHdqSmJ5TlU5cXh4K1Z1WFJ2dzZo\naytGWk03eW5Id2FIdURDVHhWb1ZUMEkK02R5NqH5xkGIOOyGdWlZ+WRpwZ1SxP+p\nm3ypMvwlOGcOSGbOT8fj9zBxfyT822XQCvzF3YQbm9ltIQ7PmTwFvQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + } + ], + "lastmodified": "2026-05-28T06:47:29Z", + "mac": "ENC[AES256_GCM,data:LtKHC6vVaMWai/dpRlxUuoI28oNI3GRjr/h8d7sJeKpdcdSIRlJKKfXnd1i68UKoaVCGDv8K62AYPcLzrLj7/rTCzeVrX2dIWFmvIbR4YZ0P3B60jWq1wZEEuPSIOdFAMvSREZlyS+gl/exUxIcp/8HI92SIiYxretEx09IvvJo=,iv:R9ffCrYbKUnnUhDEWI6oOMDnXPhd9Z4jaBkEMyYBYos=,tag:dWPUENimEZcNUbyXczfsUw==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/tangra/openssh/ssh.id_ed25519/users/kurogeek b/vars/per-machine/tangra/openssh/ssh.id_ed25519/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/tangra/openssh/ssh.id_ed25519/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/tangra/state-version/version/value b/vars/per-machine/tangra/state-version/version/value new file mode 100644 index 0000000..115ab7a --- /dev/null +++ b/vars/per-machine/tangra/state-version/version/value @@ -0,0 +1 @@ +25.11 \ No newline at end of file diff --git a/vars/per-machine/tangra/tor_tor/hostname/groups/admins b/vars/per-machine/tangra/tor_tor/hostname/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/tangra/tor_tor/hostname/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/tangra/tor_tor/hostname/machines/tangra b/vars/per-machine/tangra/tor_tor/hostname/machines/tangra new file mode 120000 index 0000000..cd04106 --- /dev/null +++ b/vars/per-machine/tangra/tor_tor/hostname/machines/tangra @@ -0,0 +1 @@ +../../../../../../sops/machines/tangra \ No newline at end of file diff --git a/vars/per-machine/tangra/tor_tor/hostname/secret b/vars/per-machine/tangra/tor_tor/hostname/secret new file mode 100644 index 0000000..9a4d16d --- /dev/null +++ b/vars/per-machine/tangra/tor_tor/hostname/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:v06nkR14kS3WGpYdRFv6wp87L45Joz89qlEXnLNIEmXpcKLvy3WUTIozOgWfbhvqxoXMDoElWBxQtKWaXZDk,iv:R6t8lOKLrgQ6UQNTK6JP42pCgLzxpDF2JbEa49EJdzo=,tag:Q39yTcYHDuQNrwBf69chWw==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjcUtSOGNyY3hTeWFMUHVq\nMzd6NXlORTJZRFQzUFl2M04rMW9jOU9NbWpZCm1hTkZKNTNOTzV4MnNUUVhxTlIw\nSjE3WUFxdU4xdGNKYmNQVmVmTE9ZN0kKLS0tIHp2ZXNWUjNSWU9OZkVOVTZ3aDly\naWlkUktjbGkzdkE0QmlhMjdTZEVyMFUKtY6+D1e7hPWOx4OkRf08xpkOyiznKW+T\naFtkfybCPKEPvKfKaP+9Y6C5WLUDmIntSrkp0IQ34qOiAl3aT5YsAg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSQ21sa09RaGNhVjRWeHdk\nc3JGWTZZUXNNRG9FOVljL0pqakswZmk2ZHhnCnFCcG1iMWhWSW45Wm1WcjRHMFZt\nRDdydkROQVg5c0VvbTVtUG1rcXZ1TTgKLS0tIDVTalpXTnpYazU5QWpGVVhTMXZm\nb0hFWlpXdGdKUjBMWHZUbFFvWkVQS1UKdcNRWbAdiAZuola8vw5Rn0UMqxocUTt0\n3BHKxwixo+lXbgYTd8SsvHISg8z/eI8PRtqbPQ2yQJTDMRETYqmm7A==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age14pdszyzzu9lwzhxs7xz7k94knvgensay9qr4p6j9z8qnqnvqup8qpvk6ra" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzRFRGdlpZM01yb1l2V2RM\nNjNIUGZra0pDd2FlQUZQTkw3dFR4YTBleFRzCkcvNW5yNlQ1Uy9qd3dMQkVmRVBv\nV3RiMjNTYVJPNXpqclRTUHd4OXVUdVUKLS0tIEo2MWtMT2NVdU15L0FEcHBYeEgy\nS3dGY0k0WEtyR3NEQ0djUWpodDIvZ0kKQlY6Xw0R9eur9Eh/GWbtq/Rc7BrHewZc\npRWpCfm8pwmfqzuoQi2QeZ5/lbdXTzfotKaFR9auqQE3uHXloH69TA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGFFYXJkNmdl\neWxxNzBpVDFKRDhDY3g2c2ZEVkQxaVVTREJXK08wRHdjQ3MgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpwb3NWakFtdk5YdXZ3UytqZ1lqL013\nS1VldmRwZjdiK1RRQnhpSDJpbTdJCi0tLSBNNC94L21KK21BM0h4UGZZVVpvVG5v\ncUQ5K09ZVDdpUU9nbzRHWm1USXJjCs5r6rLD5Epn75DTkf5xQQL+QmtPA6wj889I\noCSbYhvQWQS2urycve7JppTjtakbUIi5f5YKxFLgO/ZS8RB2+hY=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGlLT095S3Jv\ndW8zMlNuSUcrblJiRTNFQ216dFRlb3p5WjJ6L2gzZExleUkgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpGT0tYaE5LdVQwSDFWVjBKb0xEeDl3\nRmpiYk92K1NrWXRUQ0JJMEJPOWowCi0tLSBLU0dRaFFEMTNHZ2ovS1JYNGo2Rnh6\nSTFGWHBSSW5FS3hQeldqOUVLVTg4CjJLxwNxKu+5lXqtGnx4Kmgt2o9lzhHQm4nI\nhUmjcaSiqgMe3hWlPXn+Z1JYG5KDTU2X6EWjchQpwXTfgLxbdv8=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGJzOXdLcmJD\nV2NPcEI4K0tqdGdVK2Nsam05Ym11U2lLR2ZWUjRROEtReXcgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpPWmprcmhxaEtSSXZYMUowaWNLZW5H\nRzZxVEVYckI5bml0ZTdJd05CTkJVCi0tLSBTZWZ5eTMvOG03N2FlTGhueHdLaUhN\nZlJ5YTBXcFdtUzlGL0x5M2dKclJBCk2ZU5AZgge0+BVZrs3XvCpd0xk9GIKWPb/w\n8YvSnSJPOyG1BtGOtaAkDWlbXiGDtZavEhU4pbVpuZWwRsSLrCU=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqMFl6OHJzQkFDSHZ2Sm8v\nQ1ZpZGYvaisvSW9VT2EwSjg3ZjcwVXNwVGhFCi94V2diaUFGQVdYNEhPQnVQbGxH\nUkxDMUpxZWVTMFhsZ1Q1OFNQMGdiNUkKLS0tIDFiZGFvVXdhYmRaZWhrc3ltcUo5\nNzIvMWNKNEh6d1VYZmhxVWZEQ0k5OUUKpEsjH/05xgVb0mdutZaP/SulQwVwijcg\n+gnq3jtbrOODuH3xxE8D+4Hm/z/nqcp6xVe3L6siM4d7s8VpQVQNMA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBScnptUEdTYXFxZ0Q2RVIr\nK2RqczJhQ1dWeS94eDVqS2oxR2xMdi9yVEhNCmlhZjJqVldObXUxV1p1c3lEZ2p5\nUE83c2NYbGFqTElZeGFrazRqeEFuUXcKLS0tIFd3NGlxc2RlUE8xTHJVQ1lrL0tG\nT2lvOXFERk5RV3pDWldzMk5xRVBhV0UKSgyzl9Hbx5xB585amSEIPzdIk1LfuuaJ\n69MoRhIDyyfLYOH9kSE6aMNK5Wkn239alg0zadYZ5zQYaN0Fm+8XHA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWS0d6aUdsWFBuTjZjckVT\nbVl4NFVyUVJlRUpoUlc3R0s2WWxTbnRmcGk4CkpPRmZJMjVUWmFOZlZqT2lOb1Rz\nQmFFcVBWS0xFVVhUa0U3YlpoQVFuWDgKLS0tIEJHemtHQVpLN1p4a0dhbVV3dW5U\nWnJvOWdENGpmZ0czaWQrNjlHdUFvWEEKfnSrNdVYe7Nk/UlN+Nmex6O7vdnqJmAT\n2Eo+FhdY/05KDX/11tQ9zAQzQ6BV0tDhSlHuVscwdckHL3M+GzJmZA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHMVR2eEtQc0E4VkIwU0w1\nSi9rRWlQZGlrWHB0RE1yZVl3VHNTWFBMRjFJCm1xZVVXT0NXTVVRMjR6SFErQ3p6\nTTdnSHBJOTJIUnhUUXgxdkNTaEtQdFUKLS0tIFpDL0F3RzVDK3R0OEMyeURsdjdH\nY1MzUWhFMGFYNzZGQzhqd3FqaUs1RFUK0owLyd/jrv7psucWxe9MGmRRYem4Riv6\n1ftk6csTVVYQgCX4B2SfbCLJixasfUlgzUZqu25VHt+Vfm18RWUpRg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + } + ], + "lastmodified": "2026-05-28T06:48:21Z", + "mac": "ENC[AES256_GCM,data:qBk3SIlzGHPCcun/KaOjiCRpavFKqB4XhI4Gc6TCwzqMwiy0sWcAKpuEjwTror/YllaHqGN026ij2wVizHU/PDg5cVndGnb0hpM3S3sWWEUj+XlU1tERYb6UDmv9Sakslgx2X7N3rhAOCOTi/iKGuVh90hQs9MWcqydbmkTXA6Y=,iv:asyG+qy4DoY1gYVZEVasiUllcqGa+ysqeR1e3Zs7Huk=,tag:iPXSSejGvYp9U64Hig+dyg==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/tangra/tor_tor/hostname/users/kurogeek b/vars/per-machine/tangra/tor_tor/hostname/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/tangra/tor_tor/hostname/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/groups/admins b/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/machines/tangra b/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/machines/tangra new file mode 120000 index 0000000..cd04106 --- /dev/null +++ b/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/machines/tangra @@ -0,0 +1 @@ +../../../../../../sops/machines/tangra \ No newline at end of file diff --git a/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/secret b/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/secret new file mode 100644 index 0000000..058c38c --- /dev/null +++ b/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:A+dBBwMAROEfzmGVwbUVOSYrSkl9pwPAeJVNsawVV1nZFqSd7T2NLzJJ0c0ciUXYUy732QcRmPchkTWRpQcR/iddSr9R/kVjU2dP1dulK47afKJEU2eTiJTK1Y8ySzqO,iv:Q/1tx4r5WqS6L9L8YQUSOWhaHRvQ34Z98TuVpmPCnyU=,tag:GNhVRRtjFEAy0Pi8pZ3sCQ==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvMEN4a3NzTzFKUGU3MUNj\nNUI3VXdhMkFOdFI2YVowRkxPNjVackZsNXhNCklvSWpvMnp1aFF0bFl1ck9xUmJJ\nV1dQREpZYndpS0RTU3Bvb1hWcE1HSTQKLS0tIHlVTXFUaVJydUhvRTFCNTZyUzRv\nSWtVNG5Eb0w0RzBHbkFJay9tT0lXd0EKgsTL+vY0HkX2gUJ/0R/kFD603TC8M9Pc\nrPbaxnCkIpTpOl7ywtjolEkpfQDJxYkATJ4e6RMN2NMjfrI0Xmmz6g==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGVkFIblY5WnlPVzZCUC9m\nUFN1U0l1V3lkU2lPTERaa0Q0c3Q4ems3WGhvCmdXdkw1SFE2RFlMbGxlYUNnanI3\nZEJEbVB4NHpDWkNSNjl0dktmbWhKQmMKLS0tIGtSbktRaFd5Qmk3U1cxK09meitr\nRXQ5UnBKRWF4VHkyTUJTRitnOEozVEkKv9xKHG7YEyuf36qWFpWhhA0adQ3QgHxQ\n72d99rTZ/0Qop9FaOrGM89Y36N7zw79/ySgNf6/cMhjAArV52FkUUg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age14pdszyzzu9lwzhxs7xz7k94knvgensay9qr4p6j9z8qnqnvqup8qpvk6ra" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5UCtBaU55N3ZITmpDTXFN\nQVlVazFqd1MxaEk0aHovTUd2dUlKbnFtTHpZCmNUSWRMWW1aTFNtRTFzZHkwQk1M\nb3BRaU5IM2tjSjFCS1k2UkVDU1NkNkEKLS0tIDQ2SXJPTVgvakFUZ1lHakxBdGZK\nMU5FZGRPalNydFRwYjkyaVBocmhraG8KZnKhu5X1As9MZ//2QhAKlVX4f/PDh9CL\nivPzW4CnDfs3uEu9kIrbqq/7ena5FpTDjUYHE7H98l3guFOLq/sN8w==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGxoNkxXUnha\na2R4NHJRMXloaHVueUZKdmxSSk5uZkdnQ2RZT3Yxczk0MnMgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQovcDFFOHloOTJ6ZnZ0SHdZV0lhc096\nVk9aK3hDZ2dFQThwUmV5cFdFeU5zCi0tLSA3M1RDaUJxV1NySDRybnoxbFFXYTdL\nSnp4eHl5ZllDcVNVU0IrR1BxM3hjCqR/TAxDmtDSxUkLK9PLlbK7lTRb8IRYa4Bh\nN0jQh1aPNQyotnQAAPNWjCZhmgD/81M+W8JGKdCL5Yq4kZt8X1M=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJICtvOGozZDdN\nVXZReWc2SWx2THFQSzdjVkNkamQrLzR0VG9Yc1ljMkFFWGMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpvK2orYUFsWkwwemNGbExsWXJ6R2F1\nMFZoeHN0V0VsRlpXbUhzaG9mek93Ci0tLSB1ZFVScEw4eVJyMDZyZlczMzhYQUNP\ndG82YzlIcG5icjBxZmlNMkpuV25ZCuN81aglkKC7XKWv8ANluC5mUDYDcgTUyA3+\nM6vs3wkamhP23CsHIrkz4pS957w9pu4Hod8PI6z8veIjDID7oM0=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHRaejJtTHVV\ndnFxVlpqSS9TQjBMNGJtYzNMODhWUnViY000WDA4ZS95RU0gQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpWK2hQMFVlZDNOU0hrQ1lWYlZxbzJR\ncXZPUXFSdnNFajBoYWZ3VTRxajRZCi0tLSBac0J1NDJXM1JmUjV6aU5GaVFRUFg5\nRVBHOXp1Q240R05KVldtS1dVQ3pFCqau0DUskZ4HsNwrPDWSICFYG9DHo/EoRlF7\noabk71D+LjDWTT+KrdUJlMI/oV2kU5lMqhkph0+SIRuOUKi9N2k=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArNjNNaS9wb2pmaTJzYmFT\nTVp0MWFCbkNKZE1acXgyTStDNmFBUzV2OEZJCjNLa0lkV2htbk9vN1dBT1d5MFRM\nK2wvWHMwamhlOGRqVEdVdXFLaW9hMUkKLS0tIDlLMWFVSGRzWGRZSzE1ekFGZHB4\nVm5GbGNuemlMUnJNVXJ4emlZU285aEkKbwiYvTcF3MdVAiJrecTDtBmWYj4ScOde\nkRuQv+VtZix5UtSlwmpzDXkrJiwbFQXRZ54400hui+Sj3LQBQ+EUPA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5VnlONkdHU0tGOEJ5aFJN\nd09PQzBjTFN5dnlqZERObjc3TWtxYVp2U2dNCmVYL1NBcVB6b29sczl5dXdFbWNE\nNEI2czVydlAranRVUEN2dTNPQlZodGcKLS0tIDBCamwveEExbnB6Q2hEUXJFMmRr\nWWNaWWpVc2ljQWcvdHIvQ2VuRjd1R2MKPMxx/Pximxq+iQIkDW5Kkm0255SrLstR\n9R7ovhfGwx0jkfFMKu1YqMtB/98fdmkSxb5m/VISUzyVJDQiWjjx0w==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4T1NjSUczd1QrWVV4OXMr\ncnY1UDA1ZERhYlRUNksxTTJ4UDJEcEdkMkgwClpBS2ZqdFQxTUErN1g5eFB1Ujdn\nVjJod1hhYnJSc3pZdEZwZFNidGlzak0KLS0tIGVubkIrRTZZeVNLTkpyZzRyOTJl\nTXFNNmFqZWR6V285ZHo1SHh1bW1ueGMKK330yns3p6vzgzHY8QCWXbyqXY2BNkm7\ndKXp0jzIEwgIpi3in4HyWxp1j8g2+2XFHihgWMBkdpN2uokSJqZ/PA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCcUMySU5IWGFXV0Q1aUlX\nT1JpRzlpZGNMMEc5ek1CNlpySHdvcmlJT0I4CmkwNEdqMXhla2h0MzRzV3lSTllw\nUXhvem5aampFdXlMem9yVDFMRUZIcVUKLS0tIElHWjJRWVBWNGJITHpGc3htZW9U\nazJMT1VFd3lnOFFtc2pvTHdDZzdPYkUKNmGgOeXmyP2X67bDSB7K/LZvT1AHSqFP\nBoHkJ7nkDEEkOnCsDvvnz3gDSBIINU5vRbXkjtPHw3BCQerw89qHLA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + } + ], + "lastmodified": "2026-05-28T06:48:47Z", + "mac": "ENC[AES256_GCM,data:28M1rriTkoEJ5Nr0yDin1J0a72buDnIoU9f2zmuU0+taoQMoUA1WjUkz6pmduulY8TmcVPhHnD3qSXz08IdGw5B2XAeFR9t+sXPUtBe8iZ/rEsdZCJrltrQXDZh61GHx3SFfefEy4vU9WYHzYWUsy+UVQVt7FiOaMsatlGaYYoI=,iv:2ivX5X8fAFZwpEQh4vPmPDwBLF2E1y5kpNmMgxXxyAU=,tag:5StypSl4rWkaKIYqQbl2+Q==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/users/kurogeek b/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/tangra/tor_tor/hs_ed25519_secret_key/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/tangra/user-password-root/user-password-hash/groups/admins b/vars/per-machine/tangra/user-password-root/user-password-hash/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/tangra/user-password-root/user-password-hash/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/tangra/user-password-root/user-password-hash/machines/tangra b/vars/per-machine/tangra/user-password-root/user-password-hash/machines/tangra new file mode 120000 index 0000000..cd04106 --- /dev/null +++ b/vars/per-machine/tangra/user-password-root/user-password-hash/machines/tangra @@ -0,0 +1 @@ +../../../../../../sops/machines/tangra \ No newline at end of file diff --git a/vars/per-machine/tangra/user-password-root/user-password-hash/secret b/vars/per-machine/tangra/user-password-root/user-password-hash/secret new file mode 100644 index 0000000..aade591 --- /dev/null +++ b/vars/per-machine/tangra/user-password-root/user-password-hash/secret @@ -0,0 +1,50 @@ +{ + "data": "ENC[AES256_GCM,data:nsSfqXtTk3NmRskWJZxAEnMzO+14VQXlXoOA1mumO8P+9laZYOmxt9C2LQ52iKjBb1TopnzSAyIsX9FTsJcRYRWbOiM4MdjJLDOcU4cV6IwpcFsOT2iuvLbzQJX16S4oYnpSyqPvmpQs7g==,iv:x3tgDY0EG0WDPS+odMPw2xneuBDmMbZ/IyoPA+TpI6g=,tag:3oR9Fvz/EO0rKiWyX9xpAQ==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPNWN0KytueVROWURsdHY0\nbXJlckNMaE0ydU40RENvZEljckZXTlh0NG0wCjB1Zll3NWQwc2ltTUFjb1VQcTZU\nUnF3V1hLV0hJYXdyTmw1Y1lxc1QyMUkKLS0tIDh4Mk9ZVWdENUNoNWlSY0RSTGUr\nbmNCYlVBRVFyUUhaanNqaHE5aW5HSXMKzRJiBGLlOkGXzvPBLDNKVTZy79w8DRhT\n7Le0wLBG76ynF0PEtLc5Q2uHQRqbupBl/MhOI2jWLYzdzj3SOhvDbg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzOFVjTFY5T0EwNkRZc1My\nRytBdWsyRFBzTkREVGdpcEpMaHVCRS9zSEdzCnBtNHc1S2VlNW9SL3NlaWgrcVRl\nOXZOTzRLMUtaNmk3bGRBZkNpTEFIeEkKLS0tIGlZc2FmWEY2dVdBOWFaQXlxTkZD\namdHMnZETm9ZTVVMb01UYUEweXNoQ2sKcTdpB1O1x/ohG148wZcOmydBr079U1dC\nM/YhsrJQql6QT0f5yVCZhHzApBOqk1Qfp2EmFidLvnBK8NmpUtObgA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age14pdszyzzu9lwzhxs7xz7k94knvgensay9qr4p6j9z8qnqnvqup8qpvk6ra" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyUzIrTWRqejNvMkY0UDNG\nY1Jqb1ZEdTloVTZPNWI2cUhoQWZwV3NKU3lvCjFCV0xKYTJHdTVRblhJZlA1Vlhh\nR3p2YjJGaXdqQWZpMVpyaFlXQTNYeTgKLS0tIHdzdkVLVExCYTZIaVRQQ3IwOEVa\nRkdXNmc3ai80c2tuZVdPWG9WWk1EOUUKhcizilNi8u8xx3GIaSgEgWxaacJ0rKdb\nTjMSgcXPVZJ7af9EmAT5sT0hLX/zt5iy303E3YyZX9AY/vu9NUTepg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEc1K3RIdU5G\nZmpQRHFwMjljckJKV05QMk5PNHdWQkJXV3pZSktiNVhseEEgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQp3K0Z3d3hsUUE3ZVBWekpJeWYxVVN5\nQkVTQmwxb1QrZ1J1QVRyell1MTRBCi0tLSBxK2NKaWphY0Q5Ri9HbWdqTDlmZk5v\nZllhUjZ5Y0YxWVliMmJJWkkzOEhjCs+XewV/G3Lo/qlNhC6JLIlOmAZTDLl2/Q/3\ng83ay/ZEmRwi1EgojwojQHQI1362+jzZYqMEEpbVkD6lSf8XXw0=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEZVbEUva1dU\naHV5RC9ZeGY5VnBlTlZ3WitpWTIyRXFMTHI2SENYK21BUWsgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpEbzI4QytNR1RWOHBQVU16OE1Bb1V4\nYkJITy90MVpTS0JCOEkyWVM1TW5rCi0tLSBneG5DRTAyOTlXQURhMkFDT2I4Ulho\nS1RDTDFkck9vN09WZzBRM2g4YzJjCpbqCtvJPKkmReDrB8NeiS0qoZbJVmuRC+tl\njlrYfnvE8bjYIyZB+84ikCmXPXk0cfTSli0PBXRyBkeSBegZI5s=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIFE0NjhURnVs\naHRJL1JiM25nSjRnU2dLajBwSjlPeHJOazZkNlhjV2NLbm8gQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpWeDBhbWtxU2V2OVByMjdWdTJRQzFZ\nei95QzFZYTEzc0I0U0dudng5R280Ci0tLSB4cGlISUxOTzJjaElSOXR5QnEzcWlJ\nYnYzMnZiSEJZR3JqbTF3YkNOT3p3CqmGwcATjOOoMyE3s1g27Fo4jAw5Ifw4xuba\nrNl2Z1NvtkbDHyAGIMauS0t1YfyeDzK38EdCZms73uHp0Di1r8M=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOd3NzZ3IwaWtXK2JHTlRE\nN0ZiUjlMNjhNNFhJVXhWNElsRWRiRHVtdlYwCjBQVlJGY09PQlVvV0hJdTdsZVlI\nQTY0SGFLaFY0c0RUVWFRQmNaZkJFTHMKLS0tIEFheTkrOFhyZUdsUDQxZEZUTHAv\nS0dnNURybG5CdFpOanNPTklReEw5OEEKr6eIvraUWpagaKREA93P0YC64MTiPUn6\nSFh/lbwE1KZMX2KWpbR1eVr+8O+IYBMCrXHJa/NtIF6ePQSKXyjzhg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhTTNxeGFwQXRBQzBJOFdQ\nYmdIREZ6cktvY2h4SWdld0g3ZEpFdGljOENFClUxSG1IOHAwZ1ErOG5hMjN1RDUy\nK2RaUXptcXNBVDFmYzAvL1pHcVhWd2sKLS0tIHVOT0I2SFdzbTBIRkpSaUN1emVH\nMldtT3d5c2xuZU1rNElCRFlZSmFGdTAKWdAaGYhIKi5F5KAbsNjs3TpiEXQ+pHz3\njhUM6lyGQR6A8ePzetMJyTEof4rQOrlVFOIhimVWkuAIwKX0ZdTd1w==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjeXhibUUxdTdncUxJbkV2\naHJzYjhlWnVPNndkVDJHcEQxSEdBRlgwem1JCmp1cEs3L2ZBVkRGeW1aOUtUQ21C\ndkRBUC9lcHZCZFA4NXBqTVFrMk44RGcKLS0tIHduOEFRcFNFMjVCMGZnbnFsVXor\nMXZLWitNcVgrY00wTjJqZnZYeFgxSHMKNc26OJfM51SU0RDc8hGWrTj9XYJJ0YTC\nrvV4hG/N4kOBwTn+S3iGWSFFWqzsWmdmZxuxoPesTQk2/999Xb727g==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvUWRadmovcFhyandsOWd1\ncDJURjhobEZPVG5qZW82NER1UEM0QU4zRnlnCng5cFROeVVrM2FSa2pncXV2TXJs\nUGVKTFFaM3FrRjZRVzlORERtN1N1ajgKLS0tIEdWeDdxcEIwalhGSE9JL0dxUUZn\naGNRcXdVV0t1eDRJaVV2V1V1Z012c2cKpae9HN6bqQ2/fM/ynEEDbEoTzjh3iHAK\nV/RT3S0HsWlVzq88PkQOIFYCdBL2t3Ogy8V5DXvOsrGi5Qg0BzrALg==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + } + ], + "lastmodified": "2026-05-28T06:49:50Z", + "mac": "ENC[AES256_GCM,data:SqSXpsnXcgFlQBgM9Xp27XDL+Tqg9kaWXTfR3xZeoHXeduIpFUF5wZ03nZcmai8Eiuq39Ij2ssECdAY3uqPrYsgOmVm3mSjuvIxP8GZKiFuHk2qA3nMiQx8nL8wNRO1M+VeAo5P0+xzpk6LYGGMvd4i03HQK5kZQNNM3l9JLCl8=,iv:Ak//hMN+4D9e4olwHyMYP33WkkBJyCs0Lu1s3EiccjE=,tag:G13WznJPLJ2NQsw5USTacg==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/tangra/user-password-root/user-password-hash/users/kurogeek b/vars/per-machine/tangra/user-password-root/user-password-hash/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/tangra/user-password-root/user-password-hash/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file diff --git a/vars/per-machine/tangra/user-password-root/user-password/groups/admins b/vars/per-machine/tangra/user-password-root/user-password/groups/admins new file mode 120000 index 0000000..6765aa1 --- /dev/null +++ b/vars/per-machine/tangra/user-password-root/user-password/groups/admins @@ -0,0 +1 @@ +../../../../../../sops/groups/admins \ No newline at end of file diff --git a/vars/per-machine/tangra/user-password-root/user-password/secret b/vars/per-machine/tangra/user-password-root/user-password/secret new file mode 100644 index 0000000..ab41356 --- /dev/null +++ b/vars/per-machine/tangra/user-password-root/user-password/secret @@ -0,0 +1,46 @@ +{ + "data": "ENC[AES256_GCM,data:vjISynXRyWPJgyPEXY4OPqhfQ0kzQDRjKK2DpaqWe3pz,iv:nl3bMcjP5M+HTgR/IuUsX5YzJqgmBNfygm5JRM8ZFa4=,tag:K8cM5fFmDfVIHGyMFf/fqA==,type:str]", + "sops": { + "age": [ + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQQkRuSjIveS9Rdkcvd0hr\nWVNheVVycVBwUTl3NDlEQ245RzBNQjh2SzE0CnFMR2VmQ3VZMDlHVVg1QVI0WHNu\nbFFBZXRsRDI1U1kwV0V2alVCU1czODgKLS0tIG0zdGs2bGVoNGZIQnRXUFRkOTkz\nRXRQdm5mOVYzb3IveTBjZmZOQmFZZEEKfs1vIgW7qqomOVoiP1NL3/eiNRas1+4I\ngrp7xFo0aPISBPq3gJTgaZ3rNw6eiNnsHXalYvNtetiQ1/1dbBxE5g==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoRHorRXdrdmR1R25vN01T\nVVA0a2JxNzJVNDFvTkk0MnFGMkJ4K2JkQkFRCm9oNmdrdlI0ek9xZm5WOWUrbTMr\nQWsramhEdHppMjFWQTlpZ05pT3BqaUkKLS0tIGg0cnVBYXJFcU0xVTlNL051ZE43\nNENUanlaNGJ2NVVxNmFXZUgwZ1dTc2sKZ5kV056b7XvZRjv/FjxV+fecaPfvDK6E\nbHQ7YGEdTiJODZo/ugK42NnqbQbmSFuUj2IEYzLfNDV3pEdJkM+FXA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGpFS0JvTVQ5\nT2U1OXRhY3lXOHJPcjRRODZIK24zRzIzV0NVRk5qUlAwVjggQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQozdzJIOW5ld3YySW00cUtLUTdKbnFG\nNGtoS0FrWXA0cU5peTFtMUJBL0lZCi0tLSBBaWQzZEt0QnJYV0RncUJkYkRROUIy\nZzZOY0c2bXdrbTAyY2VuTkJLVjNjCgqfVeKbVOYwjphcFzmbDiD2+sVGbZkaX6kj\nh0gl4Qe44+VnaPqaQvmdt6yHZrIt2rdcf3jRP5UjZ9MhwlL9In4=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEJZdGpUaWhW\nV3RVT0V0WFdZR1VSWjF5Z2JlWncwdnVEbUlkRC9JdnNJWFkgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpROFBSdnJDQ3pTYk9sei82OXZGYnBK\nZnhTTVEvOXBVVWMyWUIyNHgyNHBRCi0tLSBWS2owY1ZYblBUdWl1Y1EvT3NGUE9h\nOXllSVFocEliemZkZk8xZEd6YzZ3Cjy6nkJ6Lq5o1SuTW0YK9cA7o0018YmXsQG5\ndrwXwlhVYsGDkrnwMw33QVTYmSuOA1e6R0ex3au5uxuOOdV6yMY=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEpQUExZY2d4\nQzBVUjY4WnRwUzlnUThNeXdPOXZ5SHA3NnAzcENjUityeG8gQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpNMC8zR2lOb2pCRUNEdDgxZHNVT0I3\nNlhjM3VjemJPb29YbEVwaVRlaDBjCi0tLSBLSVpTc2owRWZHSm5Wb21OL1FONXB2\nRWRYRXpvTDFxT21HQmdJR3p2dldjCuuO3on83Q+lrMLfVlE6W6YFqaunXSKUed/f\nWLIPDyVwj0SfB4h3IT0R209VEMvCepXtVB0LgfIokLYRrT11TCw=\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvYTNzekttVzRnZ3ZkQk8v\nOE9nWSs0aUVRTVIxMGdyeTVRQVVsOHM2TDJrCnBMUFNJcUQ4NEpiclZyeG5NdEg1\nT0VKaE5OL0ZYSnh6ODIrdjZ1L3Q1VmcKLS0tIEV5RHJweWRWNyttL1Z1N1ZDaWdR\nWkxwRFNaQjA1ZEd5WURER1V4NmlFSGcKUd8DcgCAjQK9I1N/pH5/RK0Kx9bUnR/d\nEXv601uTUy0mI8qzXHeqbEtUDWs/cExbx274GUaOl3mahkdAAhkuLQ==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGYXFyQ1pRVVlQL2EwVGJ5\nSDVEQmVFWlZmNmtweitEUU1YSTF1U2luTDBVCkd0V1FpUFNtanlKL05DSGZnV1lT\nMzRuWHQ5c0ZEN0JzOGt3NmxBZUFzQjAKLS0tIHFVcG5xSDBremNCUmwrUThMYXhC\nZ2dWZzM3QmRMWXFDS3JLK1hBbk9ob3cKcLFJjngMm1rX3A6h+/auBukR+8wH3AVo\ncP9I059t0VPIUzaazrWdJIx8GbSEsz4PaDtQMKw6FsXAB3rOe1kbNA==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhS1ZCZC9Udk84emI5TnBj\nSktWTFlrVUVOc1ZPakRrWUEzL241eXdIUUFNCmcwZ1V4SDRsV0p4NnFvNGtuNUx1\nMHp3bWE4NFU3VGdsUWo5V3J3V1N1UlEKLS0tIE5leTRhc2lva2RVeGQ5SDY3TW1h\nMC9RQlNvcnJITmNTY2cvSVFuNGU0MmcKLSyC+WfvIE23B7N8HV5iU3ZQbMyOao9N\nD7AZWHhd+3puFaCJWGhhuD+qEky1a+J2JpwmrBb60OYmBoWcfh51nw==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8" + }, + { + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5TEE0QTRLVVNkNXQwejRu\nTFFvai9UbXpramhLVElleU10YUdNWnZ6dEc0CkxvdG5GOXNvSHZ0OUhNbUJPbVFt\nNDZweTlYemFHV1Z3YjFDSGpEeWo1NncKLS0tIDlpcldGbGozcUZsRmVsTjZ6ZUd5\nclZwZVBNM2p4TTRBMWJ1dTlKNzRzUU0KM8CvwdMeIQJlnBueMd8kQhZLIu6n5ldC\nwiYQJQW6LsqMyv0pMmy63GzikwHFllS9NTL0CFMX9Imm2s9N28j38g==\n-----END AGE ENCRYPTED FILE-----\n", + "recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl" + } + ], + "lastmodified": "2026-05-28T06:49:25Z", + "mac": "ENC[AES256_GCM,data:bNy+d6VtwoR4PDKTvi4sTqQzDv5K6bluimckc5xYZagdLBgSCJ0Slm2I1W3w5v2A/KnQUyysypjGO2yfIfU/IFd46kXWplwRHqqQiXrhd9bp8jPDvpmx7j+iA4Is3ros0+I+iuh4PijL/POlpcpT2xDo77xjSznUktZ1HU6jWi8=,iv:TuoYc1HFtmjwSIUXrWV32VEFHpPBOs9WtcogCPJ1/Bc=,tag:u/oQkT+AzX5r2OyYJpWquA==,type:str]", + "version": "3.13.0" + } +} diff --git a/vars/per-machine/tangra/user-password-root/user-password/users/kurogeek b/vars/per-machine/tangra/user-password-root/user-password/users/kurogeek new file mode 120000 index 0000000..970aefa --- /dev/null +++ b/vars/per-machine/tangra/user-password-root/user-password/users/kurogeek @@ -0,0 +1 @@ +../../../../../../sops/users/kurogeek \ No newline at end of file