From e1114189f2fcc95391ca744be6b67d772598c686 Mon Sep 17 00:00:00 2001
From: kurogeek <kurogeek@lmvhaus.com>
Date: Fri, 17 Oct 2025 12:42:02 +0700
Subject: [PATCH] mob next [ci-skip] [ci skip] [skip ci]

lastFile:modules/clan/yggdrasil/default.nix
---
 modules/clan/yggdrasil/default.nix            | 12 +++++++-----
 modules/clan/yggdrasil/tests/vm/default.nix   |  2 ++
 .../tests/vm/sops/machines/server/key.json    |  6 ++++++
 .../vm/sops/secrets/server-age.key/secret     | 15 +++++++++++++++
 .../sops/secrets/server-age.key/users/admin   |  1 +
 .../tests/vm/sops/users/admin/key.json        |  4 ++++
 .../server/yggdrasil/yggdrasil-ip/value       |  1 +
 .../yggdrasil-secret/machines/server          |  1 +
 .../server/yggdrasil/yggdrasil-secret/secret  | 19 +++++++++++++++++++
 .../yggdrasil/yggdrasil-secret/users/admin    |  1 +
 10 files changed, 57 insertions(+), 5 deletions(-)
 create mode 100755 modules/clan/yggdrasil/tests/vm/sops/machines/server/key.json
 create mode 100644 modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/secret
 create mode 120000 modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/users/admin
 create mode 100644 modules/clan/yggdrasil/tests/vm/sops/users/admin/key.json
 create mode 100644 modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-ip/value
 create mode 120000 modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/machines/server
 create mode 100644 modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/secret
 create mode 120000 modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/users/admin

diff --git a/modules/clan/yggdrasil/default.nix b/modules/clan/yggdrasil/default.nix
index 99685e9..6877553 100644
--- a/modules/clan/yggdrasil/default.nix
+++ b/modules/clan/yggdrasil/default.nix
@@ -18,12 +18,14 @@
       in
       {
         clan.core.vars.generators.yggdrasil = {
-          files.yggdrasil-secret = {
-            secret = true;
-            owner = user;
-            group = user;
+          files = {
+            yggdrasil-secret = {
+              secret = true;
+              owner = user;
+              group = user;
+            };
+            yggdrasil-ip.secret = false;
           };
-          files.yggdrasil-ip.secret = false;
           runtimeInputs = with pkgs; [
             yggdrasil
             jq
diff --git a/modules/clan/yggdrasil/tests/vm/default.nix b/modules/clan/yggdrasil/tests/vm/default.nix
index 79c61a6..a1aa530 100644
--- a/modules/clan/yggdrasil/tests/vm/default.nix
+++ b/modules/clan/yggdrasil/tests/vm/default.nix
@@ -35,5 +35,7 @@
     # Check that garage is running
     server.succeed("systemctl status yggdrasil")
 
+
+
   '';
 }
diff --git a/modules/clan/yggdrasil/tests/vm/sops/machines/server/key.json b/modules/clan/yggdrasil/tests/vm/sops/machines/server/key.json
new file mode 100755
index 0000000..6b974fb
--- /dev/null
+++ b/modules/clan/yggdrasil/tests/vm/sops/machines/server/key.json
@@ -0,0 +1,6 @@
+[
+  {
+    "publickey": "age12ldrhhffl0jeteh8f0rzhezs0ulggg5jyqph6xzrgjw2dv40pqwq49lej9",
+    "type": "age"
+  }
+]
\ No newline at end of file
diff --git a/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/secret b/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/secret
new file mode 100644
index 0000000..99a7a21
--- /dev/null
+++ b/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/secret
@@ -0,0 +1,15 @@
+{
+	"data": "ENC[AES256_GCM,data:pGMobS67sLp2GN2Xw7A/trcLYnQdVZCUbjtlwS/AShXxyXgHXzkqRee6R765GZyCpDwM8A1IuMZYctrqWxVXrpIAiJpwvwy7vDM=,iv:ysRf5xAXN+dFSx+sFHNDt1GcVQx7RLej4c12v60iSI0=,tag:yXYpWhWLdsz9BOOoKpZU4g==,type:str]",
+	"sops": {
+		"age": [
+			{
+				"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2UmhPdzcrSnFhVUxRNDBL\ncXlGRzdMdWxCWmFlUkE4RnJRQ3psMlBqV0Q0CkRjTXFoQitQbjRhMlVjaDc3UDN1\nR1hBeXlCeWxvdnZoVWI1ZkcweHF5VncKLS0tIHE4YVFhYTZTNko1MnJINjFPYXh4\ndlJJZThGZ0JIaDJWRTNXbXk3alNZTnMKgd+0535zoTu6xW2778uNReu4Z7LStN6d\n1O9SXAB+s1iOZ3xGEICiQTVF/6p8RE6lheV2oXgoMiXXrFNH6INLsw==\n-----END AGE ENCRYPTED FILE-----\n"
+			}
+		],
+		"lastmodified": "2025-10-17T05:34:34Z",
+		"mac": "ENC[AES256_GCM,data:YIpKJlOI6ASgOYqv9ipu+T3c+PlM5HwvdFVH8gh8hVeSbmxD1baPPmVSWlLv+u61Q1/C9PK4mczaASopaGiLoswep+Hc1Gn7sSeP9wO6Djx6fEIEyE1VUhUbTqi/nHYiB21yB/wegfpqzNYIn1nO0oFCmDmSS5qIowcT1fhYIjM=,iv:lzxll5oC7poLvC/hZPexUGAcAdf67xZGRXUpj6O3p6Y=,tag:9xu17Y5MtW5XNzGBsWwA3g==,type:str]",
+		"unencrypted_suffix": "_unencrypted",
+		"version": "3.10.2"
+	}
+}
diff --git a/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/users/admin b/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/users/admin
new file mode 120000
index 0000000..9e21a99
--- /dev/null
+++ b/modules/clan/yggdrasil/tests/vm/sops/secrets/server-age.key/users/admin
@@ -0,0 +1 @@
+../../../users/admin
\ No newline at end of file
diff --git a/modules/clan/yggdrasil/tests/vm/sops/users/admin/key.json b/modules/clan/yggdrasil/tests/vm/sops/users/admin/key.json
new file mode 100644
index 0000000..e408aa9
--- /dev/null
+++ b/modules/clan/yggdrasil/tests/vm/sops/users/admin/key.json
@@ -0,0 +1,4 @@
+{
+  "publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
+  "type": "age"
+}
diff --git a/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-ip/value b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-ip/value
new file mode 100644
index 0000000..3de6a90
--- /dev/null
+++ b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-ip/value
@@ -0,0 +1 @@
+204:5ce7:aa27:579b:ec90:6907:4ddc:177
diff --git a/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/machines/server b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/machines/server
new file mode 120000
index 0000000..2bd819e
--- /dev/null
+++ b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/machines/server
@@ -0,0 +1 @@
+../../../../../../sops/machines/server
\ No newline at end of file
diff --git a/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/secret b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/secret
new file mode 100644
index 0000000..72d9d19
--- /dev/null
+++ b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/secret
@@ -0,0 +1,19 @@
+{
+	"data": "ENC[AES256_GCM,data:I6yalWQ2u5hI84lJTUmh07JxUBp4EZukJrSGSN7wsGiUGlFa1v/RT1XkTiXuRjDtUVYCLmQmfSCAp/OqFscxF8KL+s24iTDrG4e3S6AeKLa3oZrNJIt1EJ06gWrPNoh1ttmwXSd4Y4Bsk4Lg8vIjH4qw3Bx+KrufxYTqe+anfMdoXKnW8wOWud5O7HMvCh+sf4dNcf6PIQ==,iv:SF5qExXNPyif+LIcNhHP0PKELUBXaFsPj9B3wvUkEp0=,tag:QEkZXDrIdcpNiZ6l2ljOPw==,type:str]",
+	"sops": {
+		"age": [
+			{
+				"recipient": "age12ldrhhffl0jeteh8f0rzhezs0ulggg5jyqph6xzrgjw2dv40pqwq49lej9",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBENDhrWVRuYjRnZktROU4v\nSHNtODFGMWl0NDRHazIwcWl0WGtNY2dYMXhnCmZQQ0doS3BTaU5hRHVsVTB5THl1\nWUNDQUNiMVJFeFZnQ1ptYmFQdTJQc28KLS0tIEtJdUQ5Y1VqSThkSVVNcVNVNEFr\nMzBCRjM1L1V5TngrZG5rR0VHY3Z6TDAKPQ6P96upDeh8xwQDrX4Zcf71Dah5zkOJ\n/F5eODEBadzQSRmJuyp3+uRMFf47eR6Q5bVah3NsVxFquXOL3CtNlw==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHb0EwT2tuMVE5SE5XaWdQ\ncGR0bFFhOUQvM2dGUzdlUEFFbzRnTHBWWUVnCjFGTXcrWW1vR0x5dXBUamtkS0dF\neG9weUVwQzhhNHhPRUdqV1VnWXJyNFEKLS0tIC80b1ZqRGFOenpENDN1Vk5vRUhY\nVnJzZ1Q5VzZ6ZEZtZE13YjQ0VVhrTTAK5y0BjKBRg2AXuO416JWLMLyM/pCQChKn\nVKZMXcT6cc5hHDuqbp9qUofknF68XnzlH6nOyLB1ZtnELyeZuf29fw==\n-----END AGE ENCRYPTED FILE-----\n"
+			}
+		],
+		"lastmodified": "2025-10-17T05:34:35Z",
+		"mac": "ENC[AES256_GCM,data:Y3k83RaeX64LA3rsIkQxyKw+LLUgXVsqr3F2UHkv9h73gkyChc6k1oE/FLR4CsZZWsfLNjCkPMuenqToA2mKqQK0aADwPDYo0aVm0hr1PGX5j3Py6EmP56NFvxlAQsExRWo32eqdkeCkY23hfcmUYlaB+bo/fsrRVj67zag9GYA=,iv:p18i8cV6jKXpuZ1Xd7KYCl8BMe1/8CW9YnCuVrTAqy0=,tag:IJnLzdZOn8Clu+lCKT6zvA==,type:str]",
+		"unencrypted_suffix": "_unencrypted",
+		"version": "3.10.2"
+	}
+}
diff --git a/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/users/admin b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/users/admin
new file mode 120000
index 0000000..ca714e1
--- /dev/null
+++ b/modules/clan/yggdrasil/tests/vm/vars/per-machine/server/yggdrasil/yggdrasil-secret/users/admin
@@ -0,0 +1 @@
+../../../../../../sops/users/admin
\ No newline at end of file