newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: newedge:vega-backup
Branches Tags
newedge:main newedge:mob/asterisk newedge:mob/fax-machine-relay newedge:asterisk newedge:fax-machine-relay newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/inventree-test newedge:inventree-test newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:b4l-vpn newedge:vega-ups newedge:mob/gitea newedge:gitea
...
compare: newedge:2ab9fc4ad89cfab197b88febed035351b3c713e5
Branches Tags
newedge:mob/asterisk newedge:mob/fax-machine-relay newedge:asterisk newedge:fax-machine-relay newedge:main newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/inventree-test newedge:inventree-test newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:b4l-vpn newedge:vega-ups newedge:mob/gitea newedge:gitea

7 Commits
vega-backu ... 2ab9fc4ad8

Author SHA1 Message Date
kurogeek
2ab9fc4ad8 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/default.nix
 2025-10-17 11:25:54 +07:00
kurogeek
16a2fa0526 Update vars via generator yggdrasil for machine b4l 2025-10-17 11:25:02 +07:00
kurogeek
b8dc4757ed mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/default.nix
 2025-10-16 19:07:45 +07:00
kurogeek
79fa8eef01 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/tests/vm/default.nix
 2025-10-16 18:01:00 +07:00
kurogeek
ac731c2f38 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/tests/vm/default.nix
 2025-10-16 17:22:45 +07:00
kurogeek
c9f23f4c0a mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/default.nix
 2025-10-16 17:19:09 +07:00
kurogeek
be25560858 WhiteHouse router configuration 2025-10-16 14:53:41 +07:00
15 changed files with 343 additions and 11 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -2,4 +2,4 @@
# Ignore build outputs from performing a nix-build or `nix build` command
result
result-*
run-vm-*

19
flake.lock generated
View File

@@ -136,6 +136,24 @@
"type": "github"
}
},
"liminix": {
"flake": false,
"locked": {
"lastModified": 1760426231,
"narHash": "sha256-r8c5PKtsxAvtQ/k17GH+WNvP47Lr+AbExLMPdLtvAKE=",
"ref": "refs/heads/fix-gl-ar750",
"rev": "3f1f7c08d440130cce9262a93ce78ed7969d93cd",
"revCount": 1574,
"type": "git",
"url": "https://git.b4l.co.th/newedge/liminix"
},
"original": {
"ref": "refs/heads/fix-gl-ar750",
"rev": "3f1f7c08d440130cce9262a93ce78ed7969d93cd",
"type": "git",
"url": "https://git.b4l.co.th/newedge/liminix"
}
},
"nix-darwin": {
"inputs": {
"nixpkgs": [
@@ -207,6 +225,7 @@
"devshell": "devshell",
"flake-parts": "flake-parts",
"import-tree": "import-tree",
"liminix": "liminix",
"nixpkgs": "nixpkgs",
"treefmt-nix": "treefmt-nix"
}

5
flake.nix
View File

@@ -21,6 +21,10 @@
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
liminix = {
url = "git+https://git.b4l.co.th/newedge/liminix?ref=refs/heads/fix-gl-ar750&rev=3f1f7c08d440130cce9262a93ce78ed7969d93cd";
flake = false;
};
};
outputs =
{
@@ -38,6 +42,7 @@
./shell.nix
./machines
./routers
./inventories
./modules/clan/flake-module.nix
];

19
inventories/default.nix
View File

@@ -5,6 +5,8 @@
tags = {
glom = [ "vega" ];
b4l = [ "rigel" ];
fax-bridge = [ "b4l" ];
};
instances = {
@@ -48,68 +50,67 @@
roles.peer.tags.b4l = { };
};
yggdrasil = {
module = {
name = "yggdrasil";
input = "self";
};
roles.default.tags."fax-bridge" = { };
};
pocket-id = {
module = {
name = "pocket-id";
input = "self";
};
roles.default.machines.b4l = { };
};
nextcloud = {
module = {
name = "nextcloud";
input = "self";
};
roles.default.machines.b4l = { };
};
stirling-pdf = {
module = {
name = "stirling-pdf";
input = "self";
};
roles.default.machines.b4l = { };
};
actual-budget = {
module = {
name = "actual-budget";
input = "self";
};
roles.default.machines.b4l = { };
};
victoriametrics = {
module = {
name = "victoriametrics";
input = "self";
};
roles.default.machines.b4l = { };
};
vikunja = {
module = {
name = "vikunja";
input = "self";
};
roles.default.machines.b4l = { };
};
grafana = {
module = {
name = "grafana";
input = "self";
};
roles.default.machines.b4l = { };
};
pingvin = {
module = {
name = "pingvin";
input = "self";
};
roles.default.machines.b4l = { };
};
paperless = {
module = {
name = "paperless";
input = "self";
};
roles.default.machines.b4l = { };
};
};
};

2
machines/b4l/configuration.nix
View File

@@ -1,7 +1,7 @@
{ inputs, config, ... }:
{
imports = [
(inputs.import-tree ./services)
# (inputs.import-tree ./services)
];
nixpkgs.hostPlatform = {
system = "x86_64-linux";

51
modules/clan/yggdrasil/default.nix Normal file
View File

@@ -0,0 +1,51 @@
{ ... }:
{
_class = "clan.service";
manifest.name = "yggdrasil";
manifest.description = "An in scalable routing as an encrypted IPv6 overlay network";
manifest.categories = [ "System" ];
roles.default = {
perInstance.nixosModule =
{
lib,
config,
pkgs,
...
}:
let
user = "yggdrasil";
in
{
clan.core.vars.generators.yggdrasil = {
files.yggdrasil-secret = {
secret = true;
owner = user;
group = user;
};
files.yggdrasil-ip.secret = false;
runtimeInputs = with pkgs; [
yggdrasil
jq
];
script = ''
yggdrasil -genconf -json | jq {PrivateKey} > $out/yggdrasil-secret
'';
};
services.yggdrasil = {
enable = lib.mkDefault true;
configFile = config.clan.core.vars.generators.yggdrasil.files.yggdrasil-secret.path;
settings = {
Peers = [
# US Peers
"tls://ygg.jjolly.dev:3443"
"tls://[2602:fc24:18:7a42::1]:993"
"tcp://leo.node.3dt.net:9002"
"tcp://ygg-kcmo.incognet.io:8883"
];
};
};
};
};
}

18
modules/clan/yggdrasil/flake-module.nix Normal file
View File

@@ -0,0 +1,18 @@
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
yggdrasil = module;
};
perSystem =
{ ... }:
{
clan.nixosTests.yggdrasil = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/yggdrasil" = module;
};
};
}

39
modules/clan/yggdrasil/tests/vm/default.nix Normal file
View File

@@ -0,0 +1,39 @@
{
pkgs,
...
}:
{
name = "service-yggdrasil";
clan = {
directory = ./.;
inventory = {
machines.server = { };
instances = {
yggdrasil-test = {
module.name = "@clan/yggdrasil";
module.input = "self";
roles.default.machines."server".settings = { };
};
};
};
};
nodes = {
server = {
services.yggdrasil = {
};
};
};
testScript = ''
start_all()
server.wait_for_unit("yggdrasil")
# Check that garage is running
server.succeed("systemctl status yggdrasil")
'';
}

9
routers/default.nix Normal file
View File

@@ -0,0 +1,9 @@
{ inputs, ... }:
{
flake.legacyPackages = {
whitehouse-router = import "${inputs.liminix}/default.nix" {
device = (import "${inputs.liminix}/devices/gl-ar750");
liminix-config = import ./white-house/configuration.nix { inherit inputs; };
};
};
}

120
routers/white-house/configuration.nix Normal file
View File

@@ -0,0 +1,120 @@
{ inputs }:
{
config,
pkgs,
modulesPath,
lib,
...
}:
let
secrets = {
firewallRules = { };
}
// (import ./secrets.nix);
wirelessConfig = {
country_code = "TH";
inherit (secrets) wpa_passphrase;
wmm_enabled = 1;
};
svc = config.system.service;
in
{
imports = [
"${inputs.liminix}/modules/wlan.nix"
"${inputs.liminix}/modules/network"
"${inputs.liminix}/modules/vlan"
"${inputs.liminix}/modules/ssh"
"${inputs.liminix}/modules/bridge"
"${modulesPath}/profiles/gateway.nix"
];
hostname = "whitehouse";
boot = {
tftp = {
freeSpaceBytes = 3 * 1024 * 1024;
serverip = "${secrets.lan.prefix}.148";
ipaddr = "${secrets.lan.prefix}.251";
};
};
services.sshd = svc.ssh.build {
authorizedKeys.root = secrets.root.openssh.authorizedKeys.keys;
};
users.root = secrets.root;
services.resolvconf = lib.mkForce (
pkgs.liminix.services.oneshot rec {
name = "resolvconf";
up = ''
( in_outputs ${name}
echo "nameserver $(output ${config.services.wan} ns1)" > resolv.conf
echo "nameserver $(output ${config.services.wan} ns2)" >> resolv.conf
chmod 0444 resolv.conf
)
'';
}
);
profile.gateway = {
lan = {
interfaces = with config.hardware.networkInterfaces; [
wlan
wlan5
lan
];
inherit (secrets.lan) prefix;
address = {
family = "inet";
address = "${secrets.lan.prefix}.1";
prefixLength = 24;
};
dhcp = {
start = 10;
end = 240;
hosts = { };
localDomain = "lan";
};
};
wan = {
interface = svc.pppoe.build {
interface = config.hardware.networkInterfaces.wan;
username = secrets.l2tp.name;
password = secrets.l2tp.password;
};
dhcp6.enable = true;
};
firewall = {
enable = true;
rules = secrets.firewallRules;
};
wireless.networks = {
"${secrets.ssid}" = {
interface = config.hardware.networkInterfaces.wlan;
hw_mode = "g";
channel = "2";
ieee80211n = 1;
}
// wirelessConfig;
"${secrets.ssid}-5" = rec {
interface = config.hardware.networkInterfaces.wlan5;
hw_mode = "a";
channel = 36;
ht_capab = "[HT40+]";
vht_oper_chwidth = 1;
vht_oper_centr_freq_seg0_idx = channel + 6;
ieee80211n = 1;
ieee80211ac = 1;
}
// wirelessConfig;
};
};
defaultProfile.packages = with pkgs; [
busybox
iw
iptables
];
}

20
routers/white-house/secrets.nix Normal file
View File

@@ -0,0 +1,20 @@
{
wpa_passphrase = "";
ssid = "WhiteHouse";
l2tp = {
name = "";
password = "";
};
root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcZ/p1Ofa9liwIzPWzNtONhJ7+FUWd2lCz33r81t8+w kurogeek@kurogeek"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAB/raxJR8gASmquP63weHelbi+da2WBJR1DgzHPNz/f"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDuhpzDHBPvn8nv8RH1MRomDOaXyP4GziQm7r3MZ1Syk"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmgyEGuY/r7SDlJgrzYmQqpcWS5W+fCzRi3OS59ne4W openpgp:0xFF687387"
];
};
lan = {
prefix = "192.168.1";
};
}

1
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/groups/admins Symbolic link
View File

@@ -0,0 +1 @@
../../../../../../sops/groups/admins

1
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/machines/b4l Symbolic link
View File

@@ -0,0 +1 @@
../../../../../../sops/machines/b4l

47
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/secret Normal file
View File

@@ -0,0 +1,47 @@
{
"data": "ENC[AES256_GCM,data:lNmIq4wetGu/+3tEpICazLpORWOdhZ66Wa2qc9uThGNmlx9xjMH1Rzpeyl8O6y5aNQxFO4Dh3bncXygaHlWWG/Q4q0vmpvOYDmAbxLwYeXOg5CAfwRdfgl1yCedUW688JjYa5NXv9bmJA9t3ve9Y+2KYEZH71Cj6fFnVIE2En3DWpOfXITpCPiklTZsiVlwDfGW/BqZnnw==,iv:2NQ0SlvFXHaVxHYq0+ulhnDrPDJJ3bk64Ur9luwwyT0=,tag:dopEjRq4RaCdIpnnLLV5JQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpNU1uZDgvQnR0d2JDMk9r\nNDV4djEzeENaNGt0dDhGNW44R041SVRlWUFFClc2dUxuUytsTjM0ZkV5TVluV1NB\ncGhTVExIemUxc2Y5bDVCY2hsclFLLzQKLS0tIDIyL1NxbFM3T3A2VGk5R2RNR2ZZ\nTk1URnVGMzZ4UDhpbUxKeS9QODJlelUK6HXrJwE3fvhnY4B9ni4a6goHXA9PO56M\n386eA25lOP9ECmiXSGkdkajG1MzJPuiQoMm9wbBn8zStHBuVj33E6Q==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1d2FmZ1dIUlhGcG9iSS9H\nVDJVNUZXQi93SkFnUkRBYzArTEhuUEtzNHpBCmF2Z0N1M0xoaG5hN3kzK1NFdFBC\nR2lRZjhSeVFsSzd4ZlliNjZzNHV4UlEKLS0tIEpYL21wd1BLeG1NQU0vMWYzNXlJ\nOVlqYUVQYmhqaXdzK3N6eUtOcHNXVlUKW/0GpseQBMG7js6nZ0YKy50nuBvAANIn\nt19TssKDEVIjGGK5hKo9JBUCvugFTZNf4IogMVMQ+9j4kW3LZ0+O6g==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEdJSTQ5Y3Uv\nTFRIZmoycHVNT3NIcElWeDByVGNpc1dKTE95RWFoelZEd0kgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQpENkdzTk1NRFI2cUlXZDByL2gweVJI\neUdWQVE4eUNFOGJybFFjZlEzUTJNCi0tLSBVMzgwOWU0SC9tUUREMG5nWG1QV1cx\nUS80ekhlVlF6V2piVHJ3aDFSZkZJCqtA9FsZG/HZbxgeJ2pagFjjj3kXOtIxH2oN\nWl8ivKfL1lFxbdT3xHTgKdFSSVOKxmAuMi503Gk6AdIS/sBbhfQ=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIHBCL25JTFJW\nQzR3UE5McDdmSkszL3NNWk9JVVpESjMvOENBTzl4OWllRXMgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpZQVNvU0l2dVl3TldTV2xBeTNnbTgv\ndWw3NFdOcm1WR0l5aWtUNWVyaWVvCi0tLSAwSGhOSGFtTVg2Rjg1QXF6NGNwRks2\nSDIrUVVkOTNrTGpkTG55L3Y1bnc0CjjUlP8WqX/t4EhzHxLwCTJs9qkso9SrBstI\nb9A4A9M1w5t+eHuIZA0Q5FjRLKswMOlOIl4fPnaprsJmTDut92s=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIDZycWk5aGVq\neEdMZThBOENGV0l5cHpwYXJrc09HejNvUFBiOWFLY04ra2MgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwoyY25JcDR2eHZsZFZkSmhEcHVvN1d0\nakRqK3pEQ3NHT0U5RWpvSzcvOU9nCi0tLSBkSWQ4TGdRYTJQTTVpSzZmbERkMUps\nN0ZaM3FuaFZSd05xcHpDZkx3Zkh3Co7ug59h8ucvgspX27IbPQdX1gJXzutFpMGI\niK7Y7s/30iWTvulBRBAJKbzbDJnOq0UTLGAKU0sSEFKtz1pwprs=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0bzBCejZTRzVjWUhtQ0hu\nTGduK293SmV4ZXBkbWEyV2V4Sk53ayswakRVCjBQK3BjSGhjWUxvaHlacGhiZ3NK\nVXplLzhoc1h4a1ZxR3hxL3VibVhwRFkKLS0tIERDbVliT0FOTEhoekthaGlDaVBx\nWDZkcVFtSitINHFGdXRsRTlkU29zZ3cKAjl9obQBJcRIeG4P6jsQ7aJNwf6ltun9\nxxYpDAGuBbRm5FmrC+PeCqfZVaFmd+TTbz0Wr3vjDcez7AuBrHNfbA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuNTF3RUpKb3dIbzFyaSs2\nMm01UC9YWEVZZTFNckx5djlrR3ZiVHczQnhzCldzR3ljenFId3ZkOEFXcDA2RTdU\nZW1jajJrWUNBcFVvZ29Ka1czYUJKSG8KLS0tIDVTWnUrMUxkYjJrZDdQMmo1Y25i\nMmQ3aWVia2xpdHE4TkdkVzNBUitmSUEKrgE6rls8IwjYT90tADTDqq2w8dIc4kK2\nd+HWPidIVXtdo5vlqNXMf/lKkCcj70QI9gPMkdxT/m+f2ri3lsH5Kw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYU056ZHE3L2c4TytvRmw2\nT2h6cHNyQktKckxEN0lFNmtnVGtjcFJsR0hFClEyd011WExPTnNnN2drZzVicldx\naWsybGx0OXQrWm5pcUZOTS9RSkxpT1EKLS0tIHhkSmJPS3VDbnhaYmtnWjJvcDVZ\nTVMvbE8rcCt2YW83SktZb1V5MzdsQk0KSYbhDQ1VCu1OiwHTkQ+vs1KEe/Pd5mb4\n7w7zwql0baW2qTXSjS4ksFPV3ZXOz8KYnua2+l4LewqKldd4R0Bo6Q==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtQTV1aThTdlVReG1yZ2d5\nMHJFdmo5cjN3SDhRNUM4dXFaVnVIb2FxQmo4CjNEU0UwRWJqM1RseFhjdUxjTUdM\ncTBDNHE2UkFBL1lxUlA0bUg4WDNodVEKLS0tIHB5Z2hxRTZ2OUJ4NmhpMjI3RXFC\nZ2o2Tjc4RCtRRHAyUURZMzdyazBaeVEKekfBZ6h7vlVDyNKEXXWpSdX2xuD+ZY0p\n7vc77AZJFVkNTIZ3vQI34bpuXyt9LZpFpTUJ7Lp7lJmyAiGjmBRotg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-10-17T04:25:02Z",
"mac": "ENC[AES256_GCM,data:KIeqZsHRJDxEFnquBpnjNvoCYCpYvd6gFhk6jyjEdemhhhySHXXXWy9ShcLe3ckUV8/baHfUZgU6ptKqVhgq/76PU/cOdpNBaHMoOzmGut0+EfNCTaAy2PQTzMOdSgjsXY428KrApWaqePpQoYOFEcRPYHnwpAMfTj/sy7xrZno=,iv:nKkDejBrJHv/E9XSnfW99OqBJDi5Q6/hdIdCaYJyXHU=,tag:tcUKsUWNo8/9GOydbbB6Vg==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

1
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/users/kurogeek Symbolic link
View File

@@ -0,0 +1 @@
../../../../../../sops/users/kurogeek