newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: newedge:mob/vega-ups
Branches Tags
newedge:main newedge:mob/asterisk newedge:mob/fax-machine-relay newedge:asterisk newedge:fax-machine-relay newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/inventree-test newedge:inventree-test newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:b4l-vpn newedge:vega-ups newedge:mob/gitea newedge:gitea
..
compare: newedge:2ab9fc4ad89cfab197b88febed035351b3c713e5
Branches Tags
newedge:mob/asterisk newedge:mob/fax-machine-relay newedge:asterisk newedge:fax-machine-relay newedge:main newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/inventree-test newedge:inventree-test newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:b4l-vpn newedge:vega-ups newedge:mob/gitea newedge:gitea

15 Commits
mob/vega-u ... 2ab9fc4ad8

Author SHA1 Message Date
kurogeek
2ab9fc4ad8 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/default.nix
 2025-10-17 11:25:54 +07:00
kurogeek
16a2fa0526 Update vars via generator yggdrasil for machine b4l 2025-10-17 11:25:02 +07:00
kurogeek
b8dc4757ed mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/default.nix
 2025-10-16 19:07:45 +07:00
kurogeek
79fa8eef01 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/tests/vm/default.nix
 2025-10-16 18:01:00 +07:00
kurogeek
ac731c2f38 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/tests/vm/default.nix
 2025-10-16 17:22:45 +07:00
kurogeek
c9f23f4c0a mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/default.nix
 2025-10-16 17:19:09 +07:00
kurogeek
be25560858 WhiteHouse router configuration 2025-10-16 14:53:41 +07:00
kurogeek
e4bf326191 add Alex's laptop to networks 2025-10-10 15:38:28 +07:00
kurogeek
04fafa32d3 update kurogeek thinkpad zerotier id 2025-10-09 16:42:23 +07:00
kurogeek
ed4e045ffc rm unused args 2025-09-28 13:30:10 +07:00
kurogeek
fd6edd83c2 machines are accessed by zerotier ip 2025-09-28 13:21:46 +07:00
kurogeek
65faa70fa3 no nextcloud on vega 2025-09-28 12:45:29 +07:00
kurogeek
377b63437c no write permission on GLOM samba 2025-09-26 20:26:02 +07:00
kurogeek
43e8252459 samba for vega 2025-09-26 16:46:00 +07:00
kurogeek
800500f57e vega on new device 2025-09-26 12:04:02 +07:00
24 changed files with 597 additions and 391 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -2,4 +2,4 @@
# Ignore build outputs from performing a nix-build or `nix build` command
result
result-*
run-vm-*

19
flake.lock generated
View File

@@ -136,6 +136,24 @@
"type": "github"
}
},
"liminix": {
"flake": false,
"locked": {
"lastModified": 1760426231,
"narHash": "sha256-r8c5PKtsxAvtQ/k17GH+WNvP47Lr+AbExLMPdLtvAKE=",
"ref": "refs/heads/fix-gl-ar750",
"rev": "3f1f7c08d440130cce9262a93ce78ed7969d93cd",
"revCount": 1574,
"type": "git",
"url": "https://git.b4l.co.th/newedge/liminix"
},
"original": {
"ref": "refs/heads/fix-gl-ar750",
"rev": "3f1f7c08d440130cce9262a93ce78ed7969d93cd",
"type": "git",
"url": "https://git.b4l.co.th/newedge/liminix"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": [
@@ -207,6 +225,7 @@
"devshell": "devshell",
"flake-parts": "flake-parts",
"import-tree": "import-tree",
"liminix": "liminix",
"nixpkgs": "nixpkgs",
"treefmt-nix": "treefmt-nix"
}

5
flake.nix
View File

@@ -21,6 +21,10 @@
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
liminix = {
url = "git+https://git.b4l.co.th/newedge/liminix?ref=refs/heads/fix-gl-ar750&rev=3f1f7c08d440130cce9262a93ce78ed7969d93cd";
flake = false;
};
};
outputs =
{
@@ -38,6 +42,7 @@
./shell.nix
./machines
./routers
./inventories
./modules/clan/flake-module.nix
];

32
inventories/default.nix
View File

@@ -1,22 +1,12 @@
{
inputs,
self,
lib,
pkgs,
...
}:
{
clan = {
inventory = {
machines = {
rigel.deploy.targetHost = "root@rigel.local";
vega.deploy.targetHost = "root@vega.local";
};
tags = {
glom = [ "vega" ];
b4l = [ "rigel" ];
fax-bridge = [ "b4l" ];
};
instances = {
@@ -60,69 +50,67 @@
roles.peer.tags.b4l = { };
};
yggdrasil = {
module = {
name = "yggdrasil";
input = "self";
};
roles.default.tags."fax-bridge" = { };
};
pocket-id = {
module = {
name = "pocket-id";
input = "self";
};
roles.default.machines.b4l = { };
};
nextcloud = {
module = {
name = "nextcloud";
input = "self";
};
roles.default.machines.b4l = { };
roles.default.machines.vega = { };
};
stirling-pdf = {
module = {
name = "stirling-pdf";
input = "self";
};
roles.default.machines.b4l = { };
};
actual-budget = {
module = {
name = "actual-budget";
input = "self";
};
roles.default.machines.b4l = { };
};
victoriametrics = {
module = {
name = "victoriametrics";
input = "self";
};
roles.default.machines.b4l = { };
};
vikunja = {
module = {
name = "vikunja";
input = "self";
};
roles.default.machines.b4l = { };
};
grafana = {
module = {
name = "grafana";
input = "self";
};
roles.default.machines.b4l = { };
};
pingvin = {
module = {
name = "pingvin";
input = "self";
};
roles.default.machines.b4l = { };
};
paperless = {
module = {
name = "paperless";
input = "self";
};
roles.default.machines.b4l = { };
};
};
};

2
machines/b4l/configuration.nix
View File

@@ -1,7 +1,7 @@
{ inputs, config, ... }:
{
imports = [
(inputs.import-tree ./services)
# (inputs.import-tree ./services)
];
nixpkgs.hostPlatform = {
system = "x86_64-linux";

5
machines/rigel/configuration.nix
View File

@@ -1,13 +1,16 @@
{ config, ... }:
{
imports = [
(import ../../lib/auto-accept-zerotier-members.nix {
memberIds = [
"dbe44c0287" # Alex-gateway
"1b495eede9" # kurogeek-thinkpad
"b0e0b84fd3" # Alex
"2bd36db8cc" # kurogeek-thinkpad
];
})
];
system.stateVersion = "25.11";
clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
}

4
machines/vega/configuration.nix
View File

@@ -10,12 +10,14 @@
(import ../../lib/auto-accept-zerotier-members.nix {
memberIds = [
"dbe44c0287" # Alex-gateway
"1b495eede9" # kurogeek-thinkpad
"b0e0b84fd3" # Alex
"2bd36db8cc" # kurogeek-thinkpad
];
})
];
clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
nixpkgs.hostPlatform = {
system = "x86_64-linux";

2
machines/vega/disko.nix
View File

@@ -1,7 +1,7 @@
{ lib, ... }:
let
hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}";
os = "/dev/disk/by-id/mmc-CUTB42_0x9d59499c";
os = "/dev/disk/by-id/mmc-CUTB42_0x95d14f9e";
vdev = [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG"
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X"

400
machines/vega/facter.json
View File

@@ -23,8 +23,8 @@
},
"bluetooth": [
{
"index": 33,
"attached_to": 34,
"index": 31,
"attached_to": 33,
"class_list": ["usb", "bluetooth"],
"bus_type": {
"hex": "0086",
@@ -99,7 +99,7 @@
},
{
"index": 36,
"attached_to": 34,
"attached_to": 33,
"class_list": ["usb", "bluetooth"],
"bus_type": {
"hex": "0086",
@@ -597,7 +597,7 @@
"fpu_exception": true,
"cpuid_level": 32,
"write_protect": false,
"tlb_size": 32767,
"tlb_size": 32764,
"clflush_size": 64,
"cache_alignment": 64,
"address_sizes": {
@@ -636,7 +636,7 @@
},
"device": {
"hex": "0561",
"name": "0",
"name": "1",
"value": 1377
},
"revision": {
@@ -645,10 +645,10 @@
"value": 0
},
"serial": "000000004EBF",
"model": "0",
"model": "1",
"sysfs_id": "/class/block/sdb",
"sysfs_bus_id": "1:0:0:0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:0",
"sysfs_bus_id": "1:0:0:1",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:1",
"unix_device_name": "/dev/sdb",
"unix_device_number": {
"type": 98,
@@ -657,10 +657,10 @@
"range": 16
},
"unix_device_names": [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG",
"/dev/disk/by-id/usb-USB_3.0_Device_0_000000004EBF-0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:0",
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X",
"/dev/disk/by-id/usb-USB_3.0_Device_1_000000004EBF-0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:1",
"/dev/sdb"
],
"unix_device_name2": "/dev/sg1",
@@ -706,7 +706,7 @@
"name": "Disk",
"value": 0
},
"serial": "0x9d59499c",
"serial": "0x95d14f9e",
"model": "Disk",
"sysfs_id": "/class/block/mmcblk0",
"sysfs_bus_id": "mmc0:0001",
@@ -719,7 +719,7 @@
"range": 32
},
"unix_device_names": [
"/dev/disk/by-id/mmc-CUTB42_0x9d59499c",
"/dev/disk/by-id/mmc-CUTB42_0x95d14f9e",
"/dev/mmcblk0"
],
"resources": [
@@ -745,180 +745,6 @@
},
{
"index": 29,
"attached_to": 25,
"class_list": ["disk", "block_device"],
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"model": "Disk",
"sysfs_id": "/class/block/mmcblk0boot0",
"sysfs_bus_id": "mmcblk0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1a.0/mmc_host/mmc0/mmc0:0001/block/mmcblk0",
"unix_device_name": "/dev/mmcblk0boot0",
"unix_device_number": {
"type": 98,
"major": 179,
"minor": 32,
"range": 32
},
"unix_device_names": ["/dev/mmcblk0boot0"],
"resources": [
{
"type": "disk_geo",
"cylinders": 128,
"heads": 4,
"sectors": 16,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 8192,
"value_2": 512
}
],
"driver": "mmcblk",
"drivers": ["mmcblk"]
},
{
"index": 30,
"attached_to": 22,
"class_list": ["disk", "usb", "scsi", "block_device"],
"bus_type": {
"hex": "0084",
"name": "SCSI",
"value": 132
},
"slot": {
"bus": 1,
"number": 0
},
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"vendor": {
"hex": "152d",
"value": 5421
},
"device": {
"hex": "0561",
"name": "1",
"value": 1377
},
"revision": {
"hex": "0000",
"name": "~",
"value": 0
},
"serial": "000000004EBF",
"model": "1",
"sysfs_id": "/class/block/sdc",
"sysfs_bus_id": "1:0:0:1",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:1",
"unix_device_name": "/dev/sdc",
"unix_device_number": {
"type": 98,
"major": 8,
"minor": 32,
"range": 16
},
"unix_device_names": [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X",
"/dev/disk/by-id/usb-USB_3.0_Device_1_000000004EBF-0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:1",
"/dev/sdc"
],
"unix_device_name2": "/dev/sg2",
"unix_device_number2": {
"type": 99,
"major": 21,
"minor": 2,
"range": 1
},
"resources": [
{
"type": "disk_geo",
"cylinders": 19074048,
"heads": 64,
"sectors": 32,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 39063650304,
"value_2": 512
}
],
"driver": "uas",
"driver_module": "uas",
"drivers": ["sd", "uas"],
"driver_modules": ["sd_mod", "uas"]
},
{
"index": 31,
"attached_to": 25,
"class_list": ["disk", "block_device"],
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"model": "Disk",
"sysfs_id": "/class/block/mmcblk0boot1",
"sysfs_bus_id": "mmcblk0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1a.0/mmc_host/mmc0/mmc0:0001/block/mmcblk0",
"unix_device_name": "/dev/mmcblk0boot1",
"unix_device_number": {
"type": 98,
"major": 179,
"minor": 64,
"range": 32
},
"unix_device_names": ["/dev/mmcblk0boot1"],
"resources": [
{
"type": "disk_geo",
"cylinders": 128,
"heads": 4,
"sectors": 16,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 8192,
"value_2": 512
}
],
"driver": "mmcblk",
"drivers": ["mmcblk"]
},
{
"index": 32,
"attached_to": 22,
"class_list": ["disk", "usb", "scsi", "block_device"],
"bus_type": {
@@ -957,27 +783,27 @@
},
"serial": "000000001532",
"model": "Generic STORAGE DEVICE",
"sysfs_id": "/class/block/sda",
"sysfs_id": "/class/block/sdc",
"sysfs_bus_id": "0:0:0:0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.0/host0/target0:0:0/0:0:0:0",
"unix_device_name": "/dev/sda",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb3/3-1/3-1:1.0/host0/target0:0:0/0:0:0:0",
"unix_device_name": "/dev/sdc",
"unix_device_number": {
"type": 98,
"major": 8,
"minor": 0,
"minor": 32,
"range": 16
},
"unix_device_names": [
"/dev/disk/by-id/usb-Generic_STORAGE_DEVICE_000000001532-0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:2:1.0-scsi-0:0:0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usbv2-0:2:1.0-scsi-0:0:0:0",
"/dev/sda"
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:1:1.0-scsi-0:0:0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usbv2-0:1:1.0-scsi-0:0:0:0",
"/dev/sdc"
],
"unix_device_name2": "/dev/sg0",
"unix_device_name2": "/dev/sg2",
"unix_device_number2": {
"type": 99,
"major": 21,
"minor": 0,
"minor": 2,
"range": 1
},
"resources": [
@@ -1009,6 +835,90 @@
"drivers": ["sd", "usb-storage"],
"driver_modules": ["sd_mod", "usb_storage"],
"module_alias": "usb:v05E3p0749d1532dc00dsc00dp00ic08isc06ip50in00"
},
{
"index": 30,
"attached_to": 22,
"class_list": ["disk", "usb", "scsi", "block_device"],
"bus_type": {
"hex": "0084",
"name": "SCSI",
"value": 132
},
"slot": {
"bus": 1,
"number": 0
},
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"vendor": {
"hex": "152d",
"value": 5421
},
"device": {
"hex": "0561",
"name": "0",
"value": 1377
},
"revision": {
"hex": "0000",
"name": "~",
"value": 0
},
"serial": "000000004EBF",
"model": "0",
"sysfs_id": "/class/block/sda",
"sysfs_bus_id": "1:0:0:0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:0",
"unix_device_name": "/dev/sda",
"unix_device_number": {
"type": 98,
"major": 8,
"minor": 0,
"range": 16
},
"unix_device_names": [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG",
"/dev/disk/by-id/usb-USB_3.0_Device_0_000000004EBF-0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:0",
"/dev/sda"
],
"unix_device_name2": "/dev/sg0",
"unix_device_number2": {
"type": 99,
"major": 21,
"minor": 0,
"range": 1
},
"resources": [
{
"type": "disk_geo",
"cylinders": 19074048,
"heads": 64,
"sectors": 32,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 39063650304,
"value_2": 512
}
],
"driver": "uas",
"driver_module": "uas",
"drivers": ["sd", "uas"],
"driver_modules": ["sd_mod", "uas"]
}
],
"graphics_card": [
@@ -1118,7 +1028,7 @@
],
"hub": [
{
"index": 34,
"index": 33,
"attached_to": 22,
"class_list": ["usb", "hub"],
"bus_type": {
@@ -1268,7 +1178,7 @@
"module_alias": "usb:v1D6Bp0003d0615dc09dsc00dp03ic09isc00ip00in00"
},
{
"index": 39,
"index": 38,
"attached_to": 9,
"class_list": ["usb", "hub"],
"bus_type": {
@@ -1348,7 +1258,7 @@
"module_alias": "usb:v1D6Bp0002d0615dc09dsc00dp01ic09isc00ip00in00"
},
{
"index": 41,
"index": 40,
"attached_to": 9,
"class_list": ["usb", "hub"],
"bus_type": {
@@ -1420,8 +1330,8 @@
],
"keyboard": [
{
"index": 38,
"attached_to": 34,
"index": 39,
"attached_to": 33,
"class_list": ["keyboard", "usb"],
"bus_type": {
"hex": "0086",
@@ -1458,8 +1368,8 @@
"value": 0
},
"model": "Logitech USB Receiver",
"sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5:1.0",
"sysfs_bus_id": "3-5:1.0",
"sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.0",
"sysfs_bus_id": "3-2:1.0",
"resources": [
{
"type": "baud",
@@ -1529,7 +1439,7 @@
{
"type": "mem",
"base": 0,
"range": 8096096256,
"range": 8097124352,
"enabled": true,
"access": "read_write",
"prefetch": "unknown"
@@ -1718,8 +1628,8 @@
],
"mouse": [
{
"index": 42,
"attached_to": 34,
"index": 32,
"attached_to": 33,
"class_list": ["mouse", "usb"],
"bus_type": {
"hex": "0086",
@@ -1758,8 +1668,8 @@
"compat_vendor": "Unknown",
"compat_device": "Generic USB Mouse",
"model": "Logitech USB Receiver",
"sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5:1.1",
"sysfs_bus_id": "3-5:1.1",
"sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.1",
"sysfs_bus_id": "3-2:1.1",
"resources": [
{
"type": "baud",
@@ -1964,7 +1874,7 @@
"resources": [
{
"type": "hwaddr",
"address": 48
"address": 54
},
{
"type": "io",
@@ -1989,7 +1899,7 @@
},
{
"type": "phwaddr",
"address": 54
"address": 53
},
{
"type": "wlan",
@@ -2082,8 +1992,8 @@
],
"network_interface": [
{
"index": 43,
"attached_to": 13,
"index": 41,
"attached_to": 0,
"class_list": ["network_interface"],
"base_class": {
"hex": "0107",
@@ -2091,32 +2001,17 @@
"value": 263
},
"sub_class": {
"hex": "000a",
"name": "WLAN",
"value": 10
"hex": "0000",
"name": "Loopback",
"value": 0
},
"model": "WLAN network interface",
"sysfs_id": "/class/net/wlan0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1c.0/0000:01:00.0",
"unix_device_name": "wlan0",
"unix_device_names": ["wlan0"],
"resources": [
{
"type": "hwaddr",
"address": 48
},
{
"type": "phwaddr",
"address": 54
}
],
"driver": "rtw89_8852be",
"driver_module": "rtw89_8852be",
"drivers": ["rtw89_8852be"],
"driver_modules": ["rtw89_8852be"]
"model": "Loopback network interface",
"sysfs_id": "/class/net/lo",
"unix_device_name": "lo",
"unix_device_names": ["lo"]
},
{
"index": 44,
"index": 42,
"attached_to": 11,
"class_list": ["network_interface"],
"base_class": {
@@ -2150,8 +2045,8 @@
"driver_modules": ["igc"]
},
{
"index": 45,
"attached_to": 0,
"index": 43,
"attached_to": 13,
"class_list": ["network_interface"],
"base_class": {
"hex": "0107",
@@ -2159,14 +2054,29 @@
"value": 263
},
"sub_class": {
"hex": "0000",
"name": "Loopback",
"value": 0
"hex": "000a",
"name": "WLAN",
"value": 10
},
"model": "Loopback network interface",
"sysfs_id": "/class/net/lo",
"unix_device_name": "lo",
"unix_device_names": ["lo"]
"model": "WLAN network interface",
"sysfs_id": "/class/net/wlan0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1c.0/0000:01:00.0",
"unix_device_name": "wlan0",
"unix_device_names": ["wlan0"],
"resources": [
{
"type": "hwaddr",
"address": 54
},
{
"type": "phwaddr",
"address": 53
}
],
"driver": "rtw89_8852be",
"driver_module": "rtw89_8852be",
"drivers": ["rtw89_8852be"],
"driver_modules": ["rtw89_8852be"]
}
],
"pci": [

34
machines/vega/services/nextcloud.nix
View File

@@ -1,34 +0,0 @@
{ config, pkgs, ... }:
let
# ncDomain = "${config.clan.core.vars.generators.vega-nextcloud.files.subdomain.value}.${config.networking.fqdn}";
ncDomain = "${config.networking.fqdn}";
in
{
clan.core.vars.generators.vega-nextcloud = {
files.subdomain.secret = false;
prompts = {
subdomain = {
persist = true;
type = "line";
description = "Sub-domain for Nextcloud app. Default:(cloud)";
};
};
script = ''cat $prompts/subdomain || echo -n "cloud" > $out/subdomain'';
};
networking.firewall.allowedTCPPorts = [
80
443
];
services.nextcloud = {
hostName = ncDomain;
package = pkgs.nextcloud31;
};
# services.nginx.virtualHosts."${ncDomain}" = {
# # useACMEHost = "${config.networking.fqdn}";
# # forceSSL = true;
# };
}

93
machines/vega/services/samba.nix Normal file
View File

@@ -0,0 +1,93 @@
{
config,
lib,
...
}:
let
sambaUser = lib.filterAttrs (
name: user: user.isNormalUser && builtins.elem "samba" user.extraGroups
) config.users.users;
sharedFolders = {
GLOM.users = [
"w"
"kurogeek"
"berwn"
];
};
in
{
services.samba = {
enable = true;
openFirewall = true;
settings = {
global = {
security = "user";
workgroup = "WORKGROUP";
"server string" = "Glom Vega";
interfaces = "eth* en*";
"max log size" = "50";
"dns proxy" = false;
"syslog only" = true;
"map to guest" = "Bad User";
"guest account" = "nobody";
};
}
// lib.mapAttrs (share: opts: {
path = "/mnt/hdd/samba/${share}";
comment = share;
"force user" = share;
"force group" = share;
public = "yes";
"guest ok" = "yes";
"create mask" = "0640";
"directory mask" = "0750";
writable = "no";
browseable = "yes";
printable = "no";
# TODO
# "valid users" = toString opts.users;
}) sharedFolders;
};
users.users = lib.mapAttrs (share: opts: {
isSystemUser = true;
group = share;
}) sharedFolders;
users.groups = lib.mapAttrs (share: opts: { }) sharedFolders;
systemd.services.samba-smbd.postStart =
lib.concatMapStrings (
user:
let
password = config.clan.core.vars.generators."${user}-smb-password".files.password.path;
in
''
mkdir -p /mnt/hdd/samba/${user}
chown ${user}:users /mnt/hdd/samba/${user}
# if a password is unchanged, this will error
(echo $(<${password}); echo $(<${password})) | ${config.services.samba.package}/bin/smbpasswd -s -a ${user}
''
) (lib.attrNames sambaUser)
+ lib.concatMapStrings (share: ''
mkdir -p /mnt/hdd/samba/${share}
chown ${share}:${share} /mnt/hdd/samba/${share}
'') (lib.attrNames sharedFolders);
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
services.avahi = {
publish.enable = true;
publish.userServices = true;
# ^^ Needed to allow samba to automatically register mDNS records (without the need for an `extraServiceFile`
nssmdns4 = true;
# ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it
enable = true;
openFirewall = true;
};
}

33
machines/vega/services/ups.nix
View File

@@ -1,33 +0,0 @@
{ config, ... }:
{
clan.core.vars.generators.ups = {
dependencies = [ "root-password" ];
files.password = {
secret = true;
owner = "nutmon";
group = "nutmon";
};
script = ''
cat $in/root-password/password > $out/password
'';
};
power.ups = {
enable = true;
mode = "standalone";
ups."apc" = {
driver = "usbhid-ups";
port = "auto";
};
upsmon.monitor."test-monitor" = {
powerValue = 1;
user = "root";
type = "primary";
passwordFile = config.clan.core.vars.generators.ups.files.password.path;
};
upsmon.settings = {
RUN_AS_USER = "root";
};
};
}

51
modules/clan/yggdrasil/default.nix Normal file
View File

@@ -0,0 +1,51 @@
{ ... }:
{
_class = "clan.service";
manifest.name = "yggdrasil";
manifest.description = "An in scalable routing as an encrypted IPv6 overlay network";
manifest.categories = [ "System" ];
roles.default = {
perInstance.nixosModule =
{
lib,
config,
pkgs,
...
}:
let
user = "yggdrasil";
in
{
clan.core.vars.generators.yggdrasil = {
files.yggdrasil-secret = {
secret = true;
owner = user;
group = user;
};
files.yggdrasil-ip.secret = false;
runtimeInputs = with pkgs; [
yggdrasil
jq
];
script = ''
yggdrasil -genconf -json | jq {PrivateKey} > $out/yggdrasil-secret
'';
};
services.yggdrasil = {
enable = lib.mkDefault true;
configFile = config.clan.core.vars.generators.yggdrasil.files.yggdrasil-secret.path;
settings = {
Peers = [
# US Peers
"tls://ygg.jjolly.dev:3443"
"tls://[2602:fc24:18:7a42::1]:993"
"tcp://leo.node.3dt.net:9002"
"tcp://ygg-kcmo.incognet.io:8883"
];
};
};
};
};
}

18
modules/clan/yggdrasil/flake-module.nix Normal file
View File

@@ -0,0 +1,18 @@
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
yggdrasil = module;
};
perSystem =
{ ... }:
{
clan.nixosTests.yggdrasil = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/yggdrasil" = module;
};
};
}

39
modules/clan/yggdrasil/tests/vm/default.nix Normal file
View File

@@ -0,0 +1,39 @@
{
pkgs,
...
}:
{
name = "service-yggdrasil";
clan = {
directory = ./.;
inventory = {
machines.server = { };
instances = {
yggdrasil-test = {
module.name = "@clan/yggdrasil";
module.input = "self";
roles.default.machines."server".settings = { };
};
};
};
};
nodes = {
server = {
services.yggdrasil = {
};
};
};
testScript = ''
start_all()
server.wait_for_unit("yggdrasil")
# Check that garage is running
server.succeed("systemctl status yggdrasil")
'';
}

9
routers/default.nix Normal file
View File

@@ -0,0 +1,9 @@
{ inputs, ... }:
{
flake.legacyPackages = {
whitehouse-router = import "${inputs.liminix}/default.nix" {
device = (import "${inputs.liminix}/devices/gl-ar750");
liminix-config = import ./white-house/configuration.nix { inherit inputs; };
};
};
}

120
routers/white-house/configuration.nix Normal file
View File

@@ -0,0 +1,120 @@
{ inputs }:
{
config,
pkgs,
modulesPath,
lib,
...
}:
let
secrets = {
firewallRules = { };
}
// (import ./secrets.nix);
wirelessConfig = {
country_code = "TH";
inherit (secrets) wpa_passphrase;
wmm_enabled = 1;
};
svc = config.system.service;
in
{
imports = [
"${inputs.liminix}/modules/wlan.nix"
"${inputs.liminix}/modules/network"
"${inputs.liminix}/modules/vlan"
"${inputs.liminix}/modules/ssh"
"${inputs.liminix}/modules/bridge"
"${modulesPath}/profiles/gateway.nix"
];
hostname = "whitehouse";
boot = {
tftp = {
freeSpaceBytes = 3 * 1024 * 1024;
serverip = "${secrets.lan.prefix}.148";
ipaddr = "${secrets.lan.prefix}.251";
};
};
services.sshd = svc.ssh.build {
authorizedKeys.root = secrets.root.openssh.authorizedKeys.keys;
};
users.root = secrets.root;
services.resolvconf = lib.mkForce (
pkgs.liminix.services.oneshot rec {
name = "resolvconf";
up = ''
( in_outputs ${name}
echo "nameserver $(output ${config.services.wan} ns1)" > resolv.conf
echo "nameserver $(output ${config.services.wan} ns2)" >> resolv.conf
chmod 0444 resolv.conf
)
'';
}
);
profile.gateway = {
lan = {
interfaces = with config.hardware.networkInterfaces; [
wlan
wlan5
lan
];
inherit (secrets.lan) prefix;
address = {
family = "inet";
address = "${secrets.lan.prefix}.1";
prefixLength = 24;
};
dhcp = {
start = 10;
end = 240;
hosts = { };
localDomain = "lan";
};
};
wan = {
interface = svc.pppoe.build {
interface = config.hardware.networkInterfaces.wan;
username = secrets.l2tp.name;
password = secrets.l2tp.password;
};
dhcp6.enable = true;
};
firewall = {
enable = true;
rules = secrets.firewallRules;
};
wireless.networks = {
"${secrets.ssid}" = {
interface = config.hardware.networkInterfaces.wlan;
hw_mode = "g";
channel = "2";
ieee80211n = 1;
}
// wirelessConfig;
"${secrets.ssid}-5" = rec {
interface = config.hardware.networkInterfaces.wlan5;
hw_mode = "a";
channel = 36;
ht_capab = "[HT40+]";
vht_oper_chwidth = 1;
vht_oper_centr_freq_seg0_idx = channel + 6;
ieee80211n = 1;
ieee80211ac = 1;
}
// wirelessConfig;
};
};
defaultProfile.packages = with pkgs; [
busybox
iw
iptables
];
}

20
routers/white-house/secrets.nix Normal file
View File

@@ -0,0 +1,20 @@
{
wpa_passphrase = "";
ssid = "WhiteHouse";
l2tp = {
name = "";
password = "";
};
root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcZ/p1Ofa9liwIzPWzNtONhJ7+FUWd2lCz33r81t8+w kurogeek@kurogeek"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAB/raxJR8gASmquP63weHelbi+da2WBJR1DgzHPNz/f"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDuhpzDHBPvn8nv8RH1MRomDOaXyP4GziQm7r3MZ1Syk"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmgyEGuY/r7SDlJgrzYmQqpcWS5W+fCzRi3OS59ne4W openpgp:0xFF687387"
];
};
lan = {
prefix = "192.168.1";
};
}

0
vars/per-machine/vega/ups/password/groups/admins → vars/per-machine/b4l/yggdrasil/yggdrasil-secret/groups/admins
View File

1
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/machines/b4l Symbolic link
View File

@@ -0,0 +1 @@
../../../../../../sops/machines/b4l

47
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/secret Normal file
View File

@@ -0,0 +1,47 @@
{
"data": "ENC[AES256_GCM,data:lNmIq4wetGu/+3tEpICazLpORWOdhZ66Wa2qc9uThGNmlx9xjMH1Rzpeyl8O6y5aNQxFO4Dh3bncXygaHlWWG/Q4q0vmpvOYDmAbxLwYeXOg5CAfwRdfgl1yCedUW688JjYa5NXv9bmJA9t3ve9Y+2KYEZH71Cj6fFnVIE2En3DWpOfXITpCPiklTZsiVlwDfGW/BqZnnw==,iv:2NQ0SlvFXHaVxHYq0+ulhnDrPDJJ3bk64Ur9luwwyT0=,tag:dopEjRq4RaCdIpnnLLV5JQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpNU1uZDgvQnR0d2JDMk9r\nNDV4djEzeENaNGt0dDhGNW44R041SVRlWUFFClc2dUxuUytsTjM0ZkV5TVluV1NB\ncGhTVExIemUxc2Y5bDVCY2hsclFLLzQKLS0tIDIyL1NxbFM3T3A2VGk5R2RNR2ZZ\nTk1URnVGMzZ4UDhpbUxKeS9QODJlelUK6HXrJwE3fvhnY4B9ni4a6goHXA9PO56M\n386eA25lOP9ECmiXSGkdkajG1MzJPuiQoMm9wbBn8zStHBuVj33E6Q==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1d2FmZ1dIUlhGcG9iSS9H\nVDJVNUZXQi93SkFnUkRBYzArTEhuUEtzNHpBCmF2Z0N1M0xoaG5hN3kzK1NFdFBC\nR2lRZjhSeVFsSzd4ZlliNjZzNHV4UlEKLS0tIEpYL21wd1BLeG1NQU0vMWYzNXlJ\nOVlqYUVQYmhqaXdzK3N6eUtOcHNXVlUKW/0GpseQBMG7js6nZ0YKy50nuBvAANIn\nt19TssKDEVIjGGK5hKo9JBUCvugFTZNf4IogMVMQ+9j4kW3LZ0+O6g==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEdJSTQ5Y3Uv\nTFRIZmoycHVNT3NIcElWeDByVGNpc1dKTE95RWFoelZEd0kgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpENkdzTk1NRFI2cUlXZDByL2gweVJI\neUdWQVE4eUNFOGJybFFjZlEzUTJNCi0tLSBVMzgwOWU0SC9tUUREMG5nWG1QV1cx\nUS80ekhlVlF6V2piVHJ3aDFSZkZJCqtA9FsZG/HZbxgeJ2pagFjjj3kXOtIxH2oN\nWl8ivKfL1lFxbdT3xHTgKdFSSVOKxmAuMi503Gk6AdIS/sBbhfQ=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHBCL25JTFJW\nQzR3UE5McDdmSkszL3NNWk9JVVpESjMvOENBTzl4OWllRXMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpZQVNvU0l2dVl3TldTV2xBeTNnbTgv\ndWw3NFdOcm1WR0l5aWtUNWVyaWVvCi0tLSAwSGhOSGFtTVg2Rjg1QXF6NGNwRks2\nSDIrUVVkOTNrTGpkTG55L3Y1bnc0CjjUlP8WqX/t4EhzHxLwCTJs9qkso9SrBstI\nb9A4A9M1w5t+eHuIZA0Q5FjRLKswMOlOIl4fPnaprsJmTDut92s=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDZycWk5aGVq\neEdMZThBOENGV0l5cHpwYXJrc09HejNvUFBiOWFLY04ra2MgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwoyY25JcDR2eHZsZFZkSmhEcHVvN1d0\nakRqK3pEQ3NHT0U5RWpvSzcvOU9nCi0tLSBkSWQ4TGdRYTJQTTVpSzZmbERkMUps\nN0ZaM3FuaFZSd05xcHpDZkx3Zkh3Co7ug59h8ucvgspX27IbPQdX1gJXzutFpMGI\niK7Y7s/30iWTvulBRBAJKbzbDJnOq0UTLGAKU0sSEFKtz1pwprs=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0bzBCejZTRzVjWUhtQ0hu\nTGduK293SmV4ZXBkbWEyV2V4Sk53ayswakRVCjBQK3BjSGhjWUxvaHlacGhiZ3NK\nVXplLzhoc1h4a1ZxR3hxL3VibVhwRFkKLS0tIERDbVliT0FOTEhoekthaGlDaVBx\nWDZkcVFtSitINHFGdXRsRTlkU29zZ3cKAjl9obQBJcRIeG4P6jsQ7aJNwf6ltun9\nxxYpDAGuBbRm5FmrC+PeCqfZVaFmd+TTbz0Wr3vjDcez7AuBrHNfbA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuNTF3RUpKb3dIbzFyaSs2\nMm01UC9YWEVZZTFNckx5djlrR3ZiVHczQnhzCldzR3ljenFId3ZkOEFXcDA2RTdU\nZW1jajJrWUNBcFVvZ29Ka1czYUJKSG8KLS0tIDVTWnUrMUxkYjJrZDdQMmo1Y25i\nMmQ3aWVia2xpdHE4TkdkVzNBUitmSUEKrgE6rls8IwjYT90tADTDqq2w8dIc4kK2\nd+HWPidIVXtdo5vlqNXMf/lKkCcj70QI9gPMkdxT/m+f2ri3lsH5Kw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYU056ZHE3L2c4TytvRmw2\nT2h6cHNyQktKckxEN0lFNmtnVGtjcFJsR0hFClEyd011WExPTnNnN2drZzVicldx\naWsybGx0OXQrWm5pcUZOTS9RSkxpT1EKLS0tIHhkSmJPS3VDbnhaYmtnWjJvcDVZ\nTVMvbE8rcCt2YW83SktZb1V5MzdsQk0KSYbhDQ1VCu1OiwHTkQ+vs1KEe/Pd5mb4\n7w7zwql0baW2qTXSjS4ksFPV3ZXOz8KYnua2+l4LewqKldd4R0Bo6Q==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtQTV1aThTdlVReG1yZ2d5\nMHJFdmo5cjN3SDhRNUM4dXFaVnVIb2FxQmo4CjNEU0UwRWJqM1RseFhjdUxjTUdM\ncTBDNHE2UkFBL1lxUlA0bUg4WDNodVEKLS0tIHB5Z2hxRTZ2OUJ4NmhpMjI3RXFC\nZ2o2Tjc4RCtRRHAyUURZMzdyazBaeVEKekfBZ6h7vlVDyNKEXXWpSdX2xuD+ZY0p\n7vc77AZJFVkNTIZ3vQI34bpuXyt9LZpFpTUJ7Lp7lJmyAiGjmBRotg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-10-17T04:25:02Z",
"mac": "ENC[AES256_GCM,data:KIeqZsHRJDxEFnquBpnjNvoCYCpYvd6gFhk6jyjEdemhhhySHXXXWy9ShcLe3ckUV8/baHfUZgU6ptKqVhgq/76PU/cOdpNBaHMoOzmGut0+EfNCTaAy2PQTzMOdSgjsXY428KrApWaqePpQoYOFEcRPYHnwpAMfTj/sy7xrZno=,iv:nKkDejBrJHv/E9XSnfW99OqBJDi5Q6/hdIdCaYJyXHU=,tag:tcUKsUWNo8/9GOydbbB6Vg==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

0
vars/per-machine/vega/ups/password/users/kurogeek → vars/per-machine/b4l/yggdrasil/yggdrasil-secret/users/kurogeek
View File

1
vars/per-machine/vega/ups/password/machines/vega
View File

@@ -1 +0,0 @@
../../../../../../sops/machines/vega

51
vars/per-machine/vega/ups/password/secret
View File

@@ -1,51 +0,0 @@
{
"data": "ENC[AES256_GCM,data:9KQPJ1ANkdVaJ5tDbjm47S9o4xs5xg0UDsKQ/tMd662Xs2Tz,iv:/1uH1iYKpBHVQUF19KIscCzTeZhCTGZnYNacOA9NRJA=,tag:neYS9VibwpVn86kDIEmELQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXUUxtS0pDdnBLTmpoS0p3\ndE5KVDE5bHhWZU5VQmpiM04rTU8vK0k1UGw0CnB6TjRiaEhjSjJvSE1ZQmwyUkVJ\nNHlheVB5U2FyQU5odXRrZGlNa0lhR0EKLS0tIERpUDJuSFQxVXY3WlhRR2Z5M2lO\nL0JYVEVTWWdRM3pWRDNzVTM3eVJCa00KVOJgJ+syOOaCYqjLfhPwAVGyI7GrluyU\n04C9BwmAwSuvBA4MhnIT6a3JAHGj0LqvGTDAeeUHzxGO6dKfu6BCWg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhQ1QxWUlTdHV1dGFoWVlj\nVkxDWHhIaWM0bGZtYnYwUit6eXB5bWMxcUVvCmFtVlZDYVEvamZrK0xZVFQwZTJU\nWkQ1aXpVWDN1NWRWTVdNZGJneU5qeDAKLS0tIGNQTTZrdXZPaENiVFhnSXNBSFZ3\nc0h1RkxZejNrU2xuczhZbjlaZ28wcDAK50drPDlvgOhW7NLEfuMcJmibsBPY6XdO\n9JJR8S+LmpwiPmDd4PPSg5lXlGXk41MeODz0HaGy8Ty1Ra83oppGiA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDJwQitrbWtW\nbzJ2WkpmWlBKbXkyVnJZR0xNOVlRanBNZFFEaHJBSFJ3ejggQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpVZFpXWXJoTk00TWpTcmhWZlorVjZl\nT1gxekhMZG5VYjVHZlZBS29xTTl3Ci0tLSB2UlpzUDE3bWR6Mm4yZGVTUFRIKzlE\nZWpvVnZVYzZXRmttUGJzeTdRd2F3CjgcUpQOAdEiu8XtZypEmCAmq7MUhKCqOh5x\nYOttmHxe6wcpt8uVhzKJzWh0N3az+Q83GqfqRtbqpYaUVUk0xJ4=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHpwTUYrWWR4\neTEwQW5ZZjZhRjlYQ0dFSEJaTFR3STdWaHZSMWszYmZBbXMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpjTnNQcWhDbnJOZzR2QTYvOGIyRGlC\ncG1SSTlZOW9lUzVuNGl5VnF2aWVzCi0tLSAxZkYybWxBUERGU1VsaXFrcmVzK0Vh\nbFJCQ2tOa2oyOHQ4SGdGT05MME4wCnkCUJJZMZoYnKxRcp4NQC3LG92wdoM+8fGw\nHnZ4HxteJ3aeINgG4PLSudmvWD/tltHH8c556guZKTGmKytHHrw=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIE1nalBxWXFm\nUnVLSVNsTFRFUlV3ZG1NUDhEL2FESTZhQStQaFdWenlxRm8gQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpxa3N4Nlk2VmQyb2drWEM3UTN3bW9a\nL3g2SERINUg2c2lmN0FxaXdBb2t3Ci0tLSA3L0RTdmp0c3NHT1NYWWdGKzhvLzNO\nRU9VSCs2QUNOdDEweWtCWm9aVWpzCpI+ZP5DwtUteBE9kniwss3SVTxqCBFajP4J\n3QXDxCBYk1j5c1kBlzL+aMpCQTJyKatlYTvQisvbOIZVBiYbT4Q=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArK3JKcTVOUjZmb08xYmpj\nSkcvSXZhS2t6RGRjelFLeFFCUFJJVHlpaEJNCkxUUVRxaDhNMFNGcUdramt0OVhH\nVFFjSmVzS3lHeUNrM3NDckF3Rlp2VmsKLS0tIFNvNzlmUkNFRk5zYzhyS29QVEZF\nZ3oxYUJYS2lPVkNzbmFRS1U4NUhUNkkKtl//bn218lQeG5mU32GzdfF5pB+bai2h\neI0cGoNtjU+/ppvx4gT9aH6QSYuYethxkoDjBuysSrQFh/KukOqrJA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1pl3nej4ayvuk75cydwyz5ttzelqqdkun8hweu40vypvspzh9j4vqp9rl0j",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoa1luRDhDdDBoV1d6cm94\nZnZRallGUHJSaHhuQ2FKYmIxMWpqUzRSTEU0Ck5wM2ZSMVNPTmxWdm1OK1JTY09H\nWmdrUEpIQlFkbmREK3hySm5vb3ZmUkEKLS0tIFNWVEdITUZZeE55TG1XaFZ5Z3ZU\nZ2E5MmNtNFdhMmdWRktVdHFRNDUxek0Kfcxpxd4HOoz/c+bRJ9VXyoTIX8yutTSp\ng4jsXwAipq8r0kh94U6QBbzffIqdwUMPYyy1sr3oEXiIxabdMtJ8fg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOMEhpekVyRUpQOW9pWkw5\nOUZiSTROdXJrS3gzUUlnYUZ2TU5kMUFMdVdBClJod2loQU91bFRhVGdDMjhvSkdU\nL3dNdHM2anAybWN4eENqUis1M2ZSTTAKLS0tIFhHRGk5VzJjTSt3UGxpOTU4OXB1\nWWViTzAvaWlKVWZPR3J3eno3cGwzRWMKiHIJ7jBtf6uTRLyhh7IoLHvIWtHhHGOt\nLMqDloJN18hCveOdW4f4sksi2GEMlpfxRnx4DATWthiD0M403tDZkw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3U3dCcWEzd3o5dFBFbnZS\ncDNwQmIzUDNoSTFiMTZGeW1LUlJSbUFaOUdBCjZEL2dOVXBoU3BLa0tOaVlCSzNt\nNDhsTms2QmhmRS80WmhWaFM0NlkzRkEKLS0tIFZNRk5vVnhqN2diMS9kRjZ3Nkw5\nbVlyOGFqY3VHZ0pQRGpUUUQ4OWdXT1EKRIHVf9M32BG13P2x7eWof0Cz56NKJI/h\nFESmEFBxbF0BpnRxOM70GWTzsoS3+PzsM2I4GG9ArbkFRfZfkkR9AA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxL3VoMzVPM3FKQU55clYz\nRjB1aTFQRmhtT0h4KzN2T0xKRmJyQ3NLejJnCmdTU1VVODEyb2E5ak40ZmxKcjlS\nbG5oc3Z4ZUVVNzRiaEEvNW91T1RGY0UKLS0tIGx4MkVJblRKendyNlROYlJwaFBX\nZ1lmWDJyVE83SWdqV3o0K2pmYUNuMXMKwZa+GFWR5HvE4W2s3ovNbCZgXFtaus7p\n5wvIqsfQ30jFzIkWRMBq/uHDYKJggHZ3wwI3oU31wP5QlxvNlvPnFg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-09-25T10:18:52Z",
"mac": "ENC[AES256_GCM,data:9/cdNmwYO7byDJGgiC1FdvHlkFW28zQ4ax0jgKuJBIOh41vY2h6WseedmsS4AAjl+3qBEAd2whYNzB2FdCba6d2IGqEx9z9jew4rS8TpigH3lPEz4SrkEn7KgxsjYB8xVhM2OkjFuc0T2b3F9UAyg2Bh8Ushuexnlk39e9OiTRc=,iv:dHbmzHniZZ/aKOJvj4RSP4lEmeG0uPo5oB7qKS6EaiI=,tag:sRJ+OILqs6L2gXwwepNH/Q==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}