newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: newedge:vega-ups
Branches Tags
newedge:main newedge:mob/asterisk newedge:mob/fax-machine-relay newedge:asterisk newedge:fax-machine-relay newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/inventree-test newedge:inventree-test newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:b4l-vpn newedge:vega-ups newedge:mob/gitea newedge:gitea
...
compare: newedge:da33b3935e6d6fc96a65a855f71e89c84bff67a2
Branches Tags
newedge:mob/asterisk newedge:mob/fax-machine-relay newedge:asterisk newedge:fax-machine-relay newedge:main newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/inventree-test newedge:inventree-test newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:b4l-vpn newedge:vega-ups newedge:mob/gitea newedge:gitea

17 Commits
vega-ups ... da33b3935e

Author SHA1 Message Date
kurogeek
da33b3935e mob next [ci-skip] [ci skip] [skip ci] 
lastFile:inventories/default.nix
 2025-10-17 12:08:01 +07:00
kurogeek
a02f64a615 Update vars via generator yggdrasil for machine b4l 2025-10-17 11:29:35 +07:00
kurogeek
2ab9fc4ad8 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/default.nix
 2025-10-17 11:25:54 +07:00
kurogeek
16a2fa0526 Update vars via generator yggdrasil for machine b4l 2025-10-17 11:25:02 +07:00
kurogeek
b8dc4757ed mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/default.nix
 2025-10-16 19:07:45 +07:00
kurogeek
79fa8eef01 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/tests/vm/default.nix
 2025-10-16 18:01:00 +07:00
kurogeek
ac731c2f38 mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/tests/vm/default.nix
 2025-10-16 17:22:45 +07:00
kurogeek
c9f23f4c0a mob next [ci-skip] [ci skip] [skip ci] 
lastFile:modules/clan/yggdrasil/default.nix
 2025-10-16 17:19:09 +07:00
kurogeek
be25560858 WhiteHouse router configuration 2025-10-16 14:53:41 +07:00
kurogeek
e4bf326191 add Alex's laptop to networks 2025-10-10 15:38:28 +07:00
kurogeek
04fafa32d3 update kurogeek thinkpad zerotier id 2025-10-09 16:42:23 +07:00
kurogeek
ed4e045ffc rm unused args 2025-09-28 13:30:10 +07:00
kurogeek
fd6edd83c2 machines are accessed by zerotier ip 2025-09-28 13:21:46 +07:00
kurogeek
65faa70fa3 no nextcloud on vega 2025-09-28 12:45:29 +07:00
kurogeek
377b63437c no write permission on GLOM samba 2025-09-26 20:26:02 +07:00
kurogeek
43e8252459 samba for vega 2025-09-26 16:46:00 +07:00
kurogeek
800500f57e vega on new device 2025-09-26 12:04:02 +07:00
22 changed files with 602 additions and 306 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -2,4 +2,4 @@
# Ignore build outputs from performing a nix-build or `nix build` command # Ignore build outputs from performing a nix-build or `nix build` command
result result
result-* result-*
run-vm-*

19
flake.lock generated
View File

@@ -136,6 +136,24 @@
"type": "github" "type": "github"
} }
}, },
"liminix": {
"flake": false,
"locked": {
"lastModified": 1760426231,
"narHash": "sha256-r8c5PKtsxAvtQ/k17GH+WNvP47Lr+AbExLMPdLtvAKE=",
"ref": "refs/heads/fix-gl-ar750",
"rev": "3f1f7c08d440130cce9262a93ce78ed7969d93cd",
"revCount": 1574,
"type": "git",
"url": "https://git.b4l.co.th/newedge/liminix"
},
"original": {
"ref": "refs/heads/fix-gl-ar750",
"rev": "3f1f7c08d440130cce9262a93ce78ed7969d93cd",
"type": "git",
"url": "https://git.b4l.co.th/newedge/liminix"
}
},
"nix-darwin": { "nix-darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -207,6 +225,7 @@
"devshell": "devshell", "devshell": "devshell",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"import-tree": "import-tree", "import-tree": "import-tree",
"liminix": "liminix",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
} }

5
flake.nix
View File

@@ -21,6 +21,10 @@
url = "github:numtide/treefmt-nix"; url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
liminix = {
url = "git+https://git.b4l.co.th/newedge/liminix?ref=refs/heads/fix-gl-ar750&rev=3f1f7c08d440130cce9262a93ce78ed7969d93cd";
flake = false;
};
}; };
outputs = outputs =
{ {
@@ -38,6 +42,7 @@
./shell.nix ./shell.nix
./machines ./machines
./routers
./inventories ./inventories
./modules/clan/flake-module.nix ./modules/clan/flake-module.nix
]; ];

33
inventories/default.nix
View File

@@ -1,22 +1,12 @@
{
inputs,
self,
lib,
pkgs,
...
}:
{ {
clan = { clan = {
inventory = { inventory = {
machines = {
rigel.deploy.targetHost = "root@rigel.local";
vega.deploy.targetHost = "root@vega.local";
};
tags = { tags = {
glom = [ "vega" ]; glom = [ "vega" ];
b4l = [ "rigel" ]; b4l = [ "rigel" ];
fax-bridge = [];
}; };
instances = { instances = {
@@ -60,69 +50,68 @@
roles.peer.tags.b4l = { }; roles.peer.tags.b4l = { };
}; };
yggdrasil = {
module = {
name = "yggdrasil";
input = "self";
};
roles.default.tags."fax-bridge" = { };
roles.default.machines."b4l" = {};
};
pocket-id = { pocket-id = {
module = { module = {
name = "pocket-id"; name = "pocket-id";
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { };
}; };
nextcloud = { nextcloud = {
module = { module = {
name = "nextcloud"; name = "nextcloud";
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { };
roles.default.machines.vega = { };
}; };
stirling-pdf = { stirling-pdf = {
module = { module = {
name = "stirling-pdf"; name = "stirling-pdf";
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { };
}; };
actual-budget = { actual-budget = {
module = { module = {
name = "actual-budget"; name = "actual-budget";
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { };
}; };
victoriametrics = { victoriametrics = {
module = { module = {
name = "victoriametrics"; name = "victoriametrics";
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { };
}; };
vikunja = { vikunja = {
module = { module = {
name = "vikunja"; name = "vikunja";
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { };
}; };
grafana = { grafana = {
module = { module = {
name = "grafana"; name = "grafana";
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { };
}; };
pingvin = { pingvin = {
module = { module = {
name = "pingvin"; name = "pingvin";
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { };
}; };
paperless = { paperless = {
module = { module = {
name = "paperless"; name = "paperless";
input = "self"; input = "self";
}; };
roles.default.machines.b4l = { };
}; };
}; };
}; };

2
machines/b4l/configuration.nix
View File

@@ -1,7 +1,7 @@
{ inputs, config, ... }: { inputs, config, ... }:
{ {
imports = [ imports = [
(inputs.import-tree ./services) # (inputs.import-tree ./services)
]; ];
nixpkgs.hostPlatform = { nixpkgs.hostPlatform = {
system = "x86_64-linux"; system = "x86_64-linux";

5
machines/rigel/configuration.nix
View File

@@ -1,13 +1,16 @@
{ config, ... }:
{ {
imports = [ imports = [
(import ../../lib/auto-accept-zerotier-members.nix { (import ../../lib/auto-accept-zerotier-members.nix {
memberIds = [ memberIds = [
"dbe44c0287" # Alex-gateway "dbe44c0287" # Alex-gateway
"1b495eede9" # kurogeek-thinkpad "b0e0b84fd3" # Alex
"2bd36db8cc" # kurogeek-thinkpad
]; ];
}) })
]; ];
system.stateVersion = "25.11"; system.stateVersion = "25.11";
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
} }

4
machines/vega/configuration.nix
View File

@@ -10,12 +10,14 @@
(import ../../lib/auto-accept-zerotier-members.nix { (import ../../lib/auto-accept-zerotier-members.nix {
memberIds = [ memberIds = [
"dbe44c0287" # Alex-gateway "dbe44c0287" # Alex-gateway
"1b495eede9" # kurogeek-thinkpad "b0e0b84fd3" # Alex
"2bd36db8cc" # kurogeek-thinkpad
]; ];
}) })
]; ];
clan.core.sops.defaultGroups = [ "admins" ]; clan.core.sops.defaultGroups = [ "admins" ];
clan.core.networking.targetHost = "root@[${config.clan.core.vars.generators.zerotier.files.zerotier-ip.value}]";
nixpkgs.hostPlatform = { nixpkgs.hostPlatform = {
system = "x86_64-linux"; system = "x86_64-linux";

2
machines/vega/disko.nix
View File

@@ -1,7 +1,7 @@
{ lib, ... }: { lib, ... }:
let let
hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}"; hashDisk = disk: "os-${builtins.substring 0 5 (builtins.hashString "sha256" disk)}";
os = "/dev/disk/by-id/mmc-CUTB42_0x9d59499c"; os = "/dev/disk/by-id/mmc-CUTB42_0x95d14f9e";
vdev = [ vdev = [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG" "/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG"
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X" "/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X"

400
machines/vega/facter.json
View File

@@ -23,8 +23,8 @@
}, },
"bluetooth": [ "bluetooth": [
{ {
"index": 33, "index": 31,
"attached_to": 34, "attached_to": 33,
"class_list": ["usb", "bluetooth"], "class_list": ["usb", "bluetooth"],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
@@ -99,7 +99,7 @@
}, },
{ {
"index": 36, "index": 36,
"attached_to": 34, "attached_to": 33,
"class_list": ["usb", "bluetooth"], "class_list": ["usb", "bluetooth"],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
@@ -597,7 +597,7 @@
"fpu_exception": true, "fpu_exception": true,
"cpuid_level": 32, "cpuid_level": 32,
"write_protect": false, "write_protect": false,
"tlb_size": 32767, "tlb_size": 32764,
"clflush_size": 64, "clflush_size": 64,
"cache_alignment": 64, "cache_alignment": 64,
"address_sizes": { "address_sizes": {
@@ -636,7 +636,7 @@
}, },
"device": { "device": {
"hex": "0561", "hex": "0561",
"name": "0", "name": "1",
"value": 1377 "value": 1377
}, },
"revision": { "revision": {
@@ -645,10 +645,10 @@
"value": 0 "value": 0
}, },
"serial": "000000004EBF", "serial": "000000004EBF",
"model": "0", "model": "1",
"sysfs_id": "/class/block/sdb", "sysfs_id": "/class/block/sdb",
"sysfs_bus_id": "1:0:0:0", "sysfs_bus_id": "1:0:0:1",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:0", "sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:1",
"unix_device_name": "/dev/sdb", "unix_device_name": "/dev/sdb",
"unix_device_number": { "unix_device_number": {
"type": 98, "type": 98,
@@ -657,10 +657,10 @@
"range": 16 "range": 16
}, },
"unix_device_names": [ "unix_device_names": [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG", "/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X",
"/dev/disk/by-id/usb-USB_3.0_Device_0_000000004EBF-0:0", "/dev/disk/by-id/usb-USB_3.0_Device_1_000000004EBF-0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:0", "/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:0", "/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:1",
"/dev/sdb" "/dev/sdb"
], ],
"unix_device_name2": "/dev/sg1", "unix_device_name2": "/dev/sg1",
@@ -706,7 +706,7 @@
"name": "Disk", "name": "Disk",
"value": 0 "value": 0
}, },
"serial": "0x9d59499c", "serial": "0x95d14f9e",
"model": "Disk", "model": "Disk",
"sysfs_id": "/class/block/mmcblk0", "sysfs_id": "/class/block/mmcblk0",
"sysfs_bus_id": "mmc0:0001", "sysfs_bus_id": "mmc0:0001",
@@ -719,7 +719,7 @@
"range": 32 "range": 32
}, },
"unix_device_names": [ "unix_device_names": [
"/dev/disk/by-id/mmc-CUTB42_0x9d59499c", "/dev/disk/by-id/mmc-CUTB42_0x95d14f9e",
"/dev/mmcblk0" "/dev/mmcblk0"
], ],
"resources": [ "resources": [
@@ -745,180 +745,6 @@
}, },
{ {
"index": 29, "index": 29,
"attached_to": 25,
"class_list": ["disk", "block_device"],
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"model": "Disk",
"sysfs_id": "/class/block/mmcblk0boot0",
"sysfs_bus_id": "mmcblk0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1a.0/mmc_host/mmc0/mmc0:0001/block/mmcblk0",
"unix_device_name": "/dev/mmcblk0boot0",
"unix_device_number": {
"type": 98,
"major": 179,
"minor": 32,
"range": 32
},
"unix_device_names": ["/dev/mmcblk0boot0"],
"resources": [
{
"type": "disk_geo",
"cylinders": 128,
"heads": 4,
"sectors": 16,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 8192,
"value_2": 512
}
],
"driver": "mmcblk",
"drivers": ["mmcblk"]
},
{
"index": 30,
"attached_to": 22,
"class_list": ["disk", "usb", "scsi", "block_device"],
"bus_type": {
"hex": "0084",
"name": "SCSI",
"value": 132
},
"slot": {
"bus": 1,
"number": 0
},
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"vendor": {
"hex": "152d",
"value": 5421
},
"device": {
"hex": "0561",
"name": "1",
"value": 1377
},
"revision": {
"hex": "0000",
"name": "~",
"value": 0
},
"serial": "000000004EBF",
"model": "1",
"sysfs_id": "/class/block/sdc",
"sysfs_bus_id": "1:0:0:1",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:1",
"unix_device_name": "/dev/sdc",
"unix_device_number": {
"type": 98,
"major": 8,
"minor": 32,
"range": 16
},
"unix_device_names": [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5S02X",
"/dev/disk/by-id/usb-USB_3.0_Device_1_000000004EBF-0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:1",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:1",
"/dev/sdc"
],
"unix_device_name2": "/dev/sg2",
"unix_device_number2": {
"type": 99,
"major": 21,
"minor": 2,
"range": 1
},
"resources": [
{
"type": "disk_geo",
"cylinders": 19074048,
"heads": 64,
"sectors": 32,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 39063650304,
"value_2": 512
}
],
"driver": "uas",
"driver_module": "uas",
"drivers": ["sd", "uas"],
"driver_modules": ["sd_mod", "uas"]
},
{
"index": 31,
"attached_to": 25,
"class_list": ["disk", "block_device"],
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"model": "Disk",
"sysfs_id": "/class/block/mmcblk0boot1",
"sysfs_bus_id": "mmcblk0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1a.0/mmc_host/mmc0/mmc0:0001/block/mmcblk0",
"unix_device_name": "/dev/mmcblk0boot1",
"unix_device_number": {
"type": 98,
"major": 179,
"minor": 64,
"range": 32
},
"unix_device_names": ["/dev/mmcblk0boot1"],
"resources": [
{
"type": "disk_geo",
"cylinders": 128,
"heads": 4,
"sectors": 16,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 8192,
"value_2": 512
}
],
"driver": "mmcblk",
"drivers": ["mmcblk"]
},
{
"index": 32,
"attached_to": 22, "attached_to": 22,
"class_list": ["disk", "usb", "scsi", "block_device"], "class_list": ["disk", "usb", "scsi", "block_device"],
"bus_type": { "bus_type": {
@@ -957,27 +783,27 @@
}, },
"serial": "000000001532", "serial": "000000001532",
"model": "Generic STORAGE DEVICE", "model": "Generic STORAGE DEVICE",
"sysfs_id": "/class/block/sda", "sysfs_id": "/class/block/sdc",
"sysfs_bus_id": "0:0:0:0", "sysfs_bus_id": "0:0:0:0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.0/host0/target0:0:0/0:0:0:0", "sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb3/3-1/3-1:1.0/host0/target0:0:0/0:0:0:0",
"unix_device_name": "/dev/sda", "unix_device_name": "/dev/sdc",
"unix_device_number": { "unix_device_number": {
"type": 98, "type": 98,
"major": 8, "major": 8,
"minor": 0, "minor": 32,
"range": 16 "range": 16
}, },
"unix_device_names": [ "unix_device_names": [
"/dev/disk/by-id/usb-Generic_STORAGE_DEVICE_000000001532-0:0", "/dev/disk/by-id/usb-Generic_STORAGE_DEVICE_000000001532-0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:2:1.0-scsi-0:0:0:0", "/dev/disk/by-path/pci-0000:00:14.0-usb-0:1:1.0-scsi-0:0:0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usbv2-0:2:1.0-scsi-0:0:0:0", "/dev/disk/by-path/pci-0000:00:14.0-usbv2-0:1:1.0-scsi-0:0:0:0",
"/dev/sda" "/dev/sdc"
], ],
"unix_device_name2": "/dev/sg0", "unix_device_name2": "/dev/sg2",
"unix_device_number2": { "unix_device_number2": {
"type": 99, "type": 99,
"major": 21, "major": 21,
"minor": 0, "minor": 2,
"range": 1 "range": 1
}, },
"resources": [ "resources": [
@@ -1009,6 +835,90 @@
"drivers": ["sd", "usb-storage"], "drivers": ["sd", "usb-storage"],
"driver_modules": ["sd_mod", "usb_storage"], "driver_modules": ["sd_mod", "usb_storage"],
"module_alias": "usb:v05E3p0749d1532dc00dsc00dp00ic08isc06ip50in00" "module_alias": "usb:v05E3p0749d1532dc00dsc00dp00ic08isc06ip50in00"
},
{
"index": 30,
"attached_to": 22,
"class_list": ["disk", "usb", "scsi", "block_device"],
"bus_type": {
"hex": "0084",
"name": "SCSI",
"value": 132
},
"slot": {
"bus": 1,
"number": 0
},
"base_class": {
"hex": "0106",
"name": "Mass Storage Device",
"value": 262
},
"sub_class": {
"hex": "0000",
"name": "Disk",
"value": 0
},
"vendor": {
"hex": "152d",
"value": 5421
},
"device": {
"hex": "0561",
"name": "0",
"value": 1377
},
"revision": {
"hex": "0000",
"name": "~",
"value": 0
},
"serial": "000000004EBF",
"model": "0",
"sysfs_id": "/class/block/sda",
"sysfs_bus_id": "1:0:0:0",
"sysfs_device_link": "/devices/pci0000:00/0000:00:14.0/usb4/4-3/4-3:1.0/host1/target1:0:0/1:0:0:0",
"unix_device_name": "/dev/sda",
"unix_device_number": {
"type": 98,
"major": 8,
"minor": 0,
"range": 16
},
"unix_device_names": [
"/dev/disk/by-id/ata-ST20000NM002H-3KV133_ZYD5RYRG",
"/dev/disk/by-id/usb-USB_3.0_Device_0_000000004EBF-0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usb-0:3:1.0-scsi-0:0:0:0",
"/dev/disk/by-path/pci-0000:00:14.0-usbv3-0:3:1.0-scsi-0:0:0:0",
"/dev/sda"
],
"unix_device_name2": "/dev/sg0",
"unix_device_number2": {
"type": 99,
"major": 21,
"minor": 0,
"range": 1
},
"resources": [
{
"type": "disk_geo",
"cylinders": 19074048,
"heads": 64,
"sectors": 32,
"size": "0x0",
"geo_type": "logical"
},
{
"type": "size",
"unit": "sectors",
"value_1": 39063650304,
"value_2": 512
}
],
"driver": "uas",
"driver_module": "uas",
"drivers": ["sd", "uas"],
"driver_modules": ["sd_mod", "uas"]
} }
], ],
"graphics_card": [ "graphics_card": [
@@ -1118,7 +1028,7 @@
], ],
"hub": [ "hub": [
{ {
"index": 34, "index": 33,
"attached_to": 22, "attached_to": 22,
"class_list": ["usb", "hub"], "class_list": ["usb", "hub"],
"bus_type": { "bus_type": {
@@ -1268,7 +1178,7 @@
"module_alias": "usb:v1D6Bp0003d0615dc09dsc00dp03ic09isc00ip00in00" "module_alias": "usb:v1D6Bp0003d0615dc09dsc00dp03ic09isc00ip00in00"
}, },
{ {
"index": 39, "index": 38,
"attached_to": 9, "attached_to": 9,
"class_list": ["usb", "hub"], "class_list": ["usb", "hub"],
"bus_type": { "bus_type": {
@@ -1348,7 +1258,7 @@
"module_alias": "usb:v1D6Bp0002d0615dc09dsc00dp01ic09isc00ip00in00" "module_alias": "usb:v1D6Bp0002d0615dc09dsc00dp01ic09isc00ip00in00"
}, },
{ {
"index": 41, "index": 40,
"attached_to": 9, "attached_to": 9,
"class_list": ["usb", "hub"], "class_list": ["usb", "hub"],
"bus_type": { "bus_type": {
@@ -1420,8 +1330,8 @@
], ],
"keyboard": [ "keyboard": [
{ {
"index": 38, "index": 39,
"attached_to": 34, "attached_to": 33,
"class_list": ["keyboard", "usb"], "class_list": ["keyboard", "usb"],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
@@ -1458,8 +1368,8 @@
"value": 0 "value": 0
}, },
"model": "Logitech USB Receiver", "model": "Logitech USB Receiver",
"sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5:1.0", "sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.0",
"sysfs_bus_id": "3-5:1.0", "sysfs_bus_id": "3-2:1.0",
"resources": [ "resources": [
{ {
"type": "baud", "type": "baud",
@@ -1529,7 +1439,7 @@
{ {
"type": "mem", "type": "mem",
"base": 0, "base": 0,
"range": 8096096256, "range": 8097124352,
"enabled": true, "enabled": true,
"access": "read_write", "access": "read_write",
"prefetch": "unknown" "prefetch": "unknown"
@@ -1718,8 +1628,8 @@
], ],
"mouse": [ "mouse": [
{ {
"index": 42, "index": 32,
"attached_to": 34, "attached_to": 33,
"class_list": ["mouse", "usb"], "class_list": ["mouse", "usb"],
"bus_type": { "bus_type": {
"hex": "0086", "hex": "0086",
@@ -1758,8 +1668,8 @@
"compat_vendor": "Unknown", "compat_vendor": "Unknown",
"compat_device": "Generic USB Mouse", "compat_device": "Generic USB Mouse",
"model": "Logitech USB Receiver", "model": "Logitech USB Receiver",
"sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5:1.1", "sysfs_id": "/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.1",
"sysfs_bus_id": "3-5:1.1", "sysfs_bus_id": "3-2:1.1",
"resources": [ "resources": [
{ {
"type": "baud", "type": "baud",
@@ -1964,7 +1874,7 @@
"resources": [ "resources": [
{ {
"type": "hwaddr", "type": "hwaddr",
"address": 48 "address": 54
}, },
{ {
"type": "io", "type": "io",
@@ -1989,7 +1899,7 @@
}, },
{ {
"type": "phwaddr", "type": "phwaddr",
"address": 54 "address": 53
}, },
{ {
"type": "wlan", "type": "wlan",
@@ -2082,8 +1992,8 @@
], ],
"network_interface": [ "network_interface": [
{ {
"index": 43, "index": 41,
"attached_to": 13, "attached_to": 0,
"class_list": ["network_interface"], "class_list": ["network_interface"],
"base_class": { "base_class": {
"hex": "0107", "hex": "0107",
@@ -2091,32 +2001,17 @@
"value": 263 "value": 263
}, },
"sub_class": { "sub_class": {
"hex": "000a", "hex": "0000",
"name": "WLAN", "name": "Loopback",
"value": 10 "value": 0
}, },
"model": "WLAN network interface", "model": "Loopback network interface",
"sysfs_id": "/class/net/wlan0", "sysfs_id": "/class/net/lo",
"sysfs_device_link": "/devices/pci0000:00/0000:00:1c.0/0000:01:00.0", "unix_device_name": "lo",
"unix_device_name": "wlan0", "unix_device_names": ["lo"]
"unix_device_names": ["wlan0"],
"resources": [
{
"type": "hwaddr",
"address": 48
},
{
"type": "phwaddr",
"address": 54
}
],
"driver": "rtw89_8852be",
"driver_module": "rtw89_8852be",
"drivers": ["rtw89_8852be"],
"driver_modules": ["rtw89_8852be"]
}, },
{ {
"index": 44, "index": 42,
"attached_to": 11, "attached_to": 11,
"class_list": ["network_interface"], "class_list": ["network_interface"],
"base_class": { "base_class": {
@@ -2150,8 +2045,8 @@
"driver_modules": ["igc"] "driver_modules": ["igc"]
}, },
{ {
"index": 45, "index": 43,
"attached_to": 0, "attached_to": 13,
"class_list": ["network_interface"], "class_list": ["network_interface"],
"base_class": { "base_class": {
"hex": "0107", "hex": "0107",
@@ -2159,14 +2054,29 @@
"value": 263 "value": 263
}, },
"sub_class": { "sub_class": {
"hex": "0000", "hex": "000a",
"name": "Loopback", "name": "WLAN",
"value": 0 "value": 10
}, },
"model": "Loopback network interface", "model": "WLAN network interface",
"sysfs_id": "/class/net/lo", "sysfs_id": "/class/net/wlan0",
"unix_device_name": "lo", "sysfs_device_link": "/devices/pci0000:00/0000:00:1c.0/0000:01:00.0",
"unix_device_names": ["lo"] "unix_device_name": "wlan0",
"unix_device_names": ["wlan0"],
"resources": [
{
"type": "hwaddr",
"address": 54
},
{
"type": "phwaddr",
"address": 53
}
],
"driver": "rtw89_8852be",
"driver_module": "rtw89_8852be",
"drivers": ["rtw89_8852be"],
"driver_modules": ["rtw89_8852be"]
} }
], ],
"pci": [ "pci": [

34
machines/vega/services/nextcloud.nix
View File

@@ -1,34 +0,0 @@
{ config, pkgs, ... }:
let
# ncDomain = "${config.clan.core.vars.generators.vega-nextcloud.files.subdomain.value}.${config.networking.fqdn}";
ncDomain = "${config.networking.fqdn}";
in
{
clan.core.vars.generators.vega-nextcloud = {
files.subdomain.secret = false;
prompts = {
subdomain = {
persist = true;
type = "line";
description = "Sub-domain for Nextcloud app. Default:(cloud)";
};
};
script = ''cat $prompts/subdomain || echo -n "cloud" > $out/subdomain'';
};
networking.firewall.allowedTCPPorts = [
80
443
];
services.nextcloud = {
hostName = ncDomain;
package = pkgs.nextcloud31;
};
# services.nginx.virtualHosts."${ncDomain}" = {
# # useACMEHost = "${config.networking.fqdn}";
# # forceSSL = true;
# };
}

93
machines/vega/services/samba.nix Normal file
View File

@@ -0,0 +1,93 @@
{
config,
lib,
...
}:
let
sambaUser = lib.filterAttrs (
name: user: user.isNormalUser && builtins.elem "samba" user.extraGroups
) config.users.users;
sharedFolders = {
GLOM.users = [
"w"
"kurogeek"
"berwn"
];
};
in
{
services.samba = {
enable = true;
openFirewall = true;
settings = {
global = {
security = "user";
workgroup = "WORKGROUP";
"server string" = "Glom Vega";
interfaces = "eth* en*";
"max log size" = "50";
"dns proxy" = false;
"syslog only" = true;
"map to guest" = "Bad User";
"guest account" = "nobody";
};
}
// lib.mapAttrs (share: opts: {
path = "/mnt/hdd/samba/${share}";
comment = share;
"force user" = share;
"force group" = share;
public = "yes";
"guest ok" = "yes";
"create mask" = "0640";
"directory mask" = "0750";
writable = "no";
browseable = "yes";
printable = "no";
# TODO
# "valid users" = toString opts.users;
}) sharedFolders;
};
users.users = lib.mapAttrs (share: opts: {
isSystemUser = true;
group = share;
}) sharedFolders;
users.groups = lib.mapAttrs (share: opts: { }) sharedFolders;
systemd.services.samba-smbd.postStart =
lib.concatMapStrings (
user:
let
password = config.clan.core.vars.generators."${user}-smb-password".files.password.path;
in
''
mkdir -p /mnt/hdd/samba/${user}
chown ${user}:users /mnt/hdd/samba/${user}
# if a password is unchanged, this will error
(echo $(<${password}); echo $(<${password})) | ${config.services.samba.package}/bin/smbpasswd -s -a ${user}
''
) (lib.attrNames sambaUser)
+ lib.concatMapStrings (share: ''
mkdir -p /mnt/hdd/samba/${share}
chown ${share}:${share} /mnt/hdd/samba/${share}
'') (lib.attrNames sharedFolders);
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
services.avahi = {
publish.enable = true;
publish.userServices = true;
# ^^ Needed to allow samba to automatically register mDNS records (without the need for an `extraServiceFile`
nssmdns4 = true;
# ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it
enable = true;
openFirewall = true;
};
}

52
modules/clan/yggdrasil/default.nix Normal file
View File

@@ -0,0 +1,52 @@
{ ... }:
{
_class = "clan.service";
manifest.name = "yggdrasil";
manifest.description = "An in scalable routing as an encrypted IPv6 overlay network";
manifest.categories = [ "System" ];
roles.default = {
perInstance.nixosModule =
{
lib,
config,
pkgs,
...
}:
let
user = "yggdrasil";
in
{
clan.core.vars.generators.yggdrasil = {
files.yggdrasil-secret = {
secret = true;
owner = user;
group = user;
};
files.yggdrasil-ip.secret = false;
runtimeInputs = with pkgs; [
yggdrasil
jq
];
script = ''
yggdrasil -genconf -json | jq {PrivateKey} > $out/yggdrasil-secret
cat $out/yggdrasil-secret | yggdrasil -useconf -address > $out/yggdrasil-ip
'';
};
services.yggdrasil = {
enable = lib.mkDefault true;
configFile = config.clan.core.vars.generators.yggdrasil.files.yggdrasil-secret.path;
settings = {
Peers = [
# US Peers
"tls://ygg.jjolly.dev:3443"
"tls://[2602:fc24:18:7a42::1]:993"
"tcp://leo.node.3dt.net:9002"
"tcp://ygg-kcmo.incognet.io:8883"
];
};
};
};
};
}

18
modules/clan/yggdrasil/flake-module.nix Normal file
View File

@@ -0,0 +1,18 @@
{ lib, ... }:
let
module = lib.modules.importApply ./default.nix { };
in
{
clan.modules = {
yggdrasil = module;
};
perSystem =
{ ... }:
{
clan.nixosTests.yggdrasil = {
imports = [ ./tests/vm/default.nix ];
clan.modules."@clan/yggdrasil" = module;
};
};
}

39
modules/clan/yggdrasil/tests/vm/default.nix Normal file
View File

@@ -0,0 +1,39 @@
{
pkgs,
...
}:
{
name = "service-yggdrasil";
clan = {
directory = ./.;
inventory = {
machines.server = { };
instances = {
yggdrasil-test = {
module.name = "@clan/yggdrasil";
module.input = "self";
roles.default.machines."server".settings = { };
};
};
};
};
nodes = {
server = {
services.yggdrasil = {
};
};
};
testScript = ''
start_all()
server.wait_for_unit("yggdrasil")
# Check that garage is running
server.succeed("systemctl status yggdrasil")
'';
}

9
routers/default.nix Normal file
View File

@@ -0,0 +1,9 @@
{ inputs, ... }:
{
flake.legacyPackages = {
whitehouse-router = import "${inputs.liminix}/default.nix" {
device = (import "${inputs.liminix}/devices/gl-ar750");
liminix-config = import ./white-house/configuration.nix { inherit inputs; };
};
};
}

120
routers/white-house/configuration.nix Normal file
View File

@@ -0,0 +1,120 @@
{ inputs }:
{
config,
pkgs,
modulesPath,
lib,
...
}:
let
secrets = {
firewallRules = { };
}
// (import ./secrets.nix);
wirelessConfig = {
country_code = "TH";
inherit (secrets) wpa_passphrase;
wmm_enabled = 1;
};
svc = config.system.service;
in
{
imports = [
"${inputs.liminix}/modules/wlan.nix"
"${inputs.liminix}/modules/network"
"${inputs.liminix}/modules/vlan"
"${inputs.liminix}/modules/ssh"
"${inputs.liminix}/modules/bridge"
"${modulesPath}/profiles/gateway.nix"
];
hostname = "whitehouse";
boot = {
tftp = {
freeSpaceBytes = 3 * 1024 * 1024;
serverip = "${secrets.lan.prefix}.148";
ipaddr = "${secrets.lan.prefix}.251";
};
};
services.sshd = svc.ssh.build {
authorizedKeys.root = secrets.root.openssh.authorizedKeys.keys;
};
users.root = secrets.root;
services.resolvconf = lib.mkForce (
pkgs.liminix.services.oneshot rec {
name = "resolvconf";
up = ''
( in_outputs ${name}
echo "nameserver $(output ${config.services.wan} ns1)" > resolv.conf
echo "nameserver $(output ${config.services.wan} ns2)" >> resolv.conf
chmod 0444 resolv.conf
)
'';
}
);
profile.gateway = {
lan = {
interfaces = with config.hardware.networkInterfaces; [
wlan
wlan5
lan
];
inherit (secrets.lan) prefix;
address = {
family = "inet";
address = "${secrets.lan.prefix}.1";
prefixLength = 24;
};
dhcp = {
start = 10;
end = 240;
hosts = { };
localDomain = "lan";
};
};
wan = {
interface = svc.pppoe.build {
interface = config.hardware.networkInterfaces.wan;
username = secrets.l2tp.name;
password = secrets.l2tp.password;
};
dhcp6.enable = true;
};
firewall = {
enable = true;
rules = secrets.firewallRules;
};
wireless.networks = {
"${secrets.ssid}" = {
interface = config.hardware.networkInterfaces.wlan;
hw_mode = "g";
channel = "2";
ieee80211n = 1;
}
// wirelessConfig;
"${secrets.ssid}-5" = rec {
interface = config.hardware.networkInterfaces.wlan5;
hw_mode = "a";
channel = 36;
ht_capab = "[HT40+]";
vht_oper_chwidth = 1;
vht_oper_centr_freq_seg0_idx = channel + 6;
ieee80211n = 1;
ieee80211ac = 1;
}
// wirelessConfig;
};
};
defaultProfile.packages = with pkgs; [
busybox
iw
iptables
];
}

20
routers/white-house/secrets.nix Normal file
View File

@@ -0,0 +1,20 @@
{
wpa_passphrase = "";
ssid = "WhiteHouse";
l2tp = {
name = "";
password = "";
};
root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcZ/p1Ofa9liwIzPWzNtONhJ7+FUWd2lCz33r81t8+w kurogeek@kurogeek"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAB/raxJR8gASmquP63weHelbi+da2WBJR1DgzHPNz/f"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDuhpzDHBPvn8nv8RH1MRomDOaXyP4GziQm7r3MZ1Syk"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmgyEGuY/r7SDlJgrzYmQqpcWS5W+fCzRi3OS59ne4W openpgp:0xFF687387"
];
};
lan = {
prefix = "192.168.1";
};
}

1
vars/per-machine/b4l/yggdrasil/yggdrasil-ip/value Normal file
View File

@@ -0,0 +1 @@
203:fd53:b905:ea17:519c:e415:709f:9ad8

1
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/groups/admins Symbolic link
View File

@@ -0,0 +1 @@
../../../../../../sops/groups/admins

1
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/machines/b4l Symbolic link
View File

@@ -0,0 +1 @@
../../../../../../sops/machines/b4l

47
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/secret Normal file
View File

@@ -0,0 +1,47 @@
{
"data": "ENC[AES256_GCM,data:MeSmw+LrbtuxGVQ33hgEwG3wUVa/AahAfPb/E2Qh3xxEkeSy5nUwgGLE2MxqiR37zViuin/CUqEH5fO5j7d7wOidn5k+mtKChAWIO65BUjcAWzhy9LyC9p90NT11xStkJQl+DJghl/f0hLuxPX5XQMvQzj3BjzKz03IKqMnZak25pWdKw+uoiuEItl5pz3srIPmofQr5VA==,iv:FNoJl/oIsBgbieB+B0ChmHszoj893B9fVypoJoWSEsk=,tag:CnhWE25rxT9qJIv6EtD0lQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age134vt63pjqpd0m7702fyn8vhdlzyj2deqc2q78sp9uw9052kxsgwq6d25ez",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4UlJNcU5ueklqaXEwQmFJ\nNU5SQ1J3M1ViZWF2VWU0OFFNekN1UDF4T2xrCmtsR05uNzZUMmZZVUhNa2grZC9J\nWTZrZnJmdG5GQytTR0RxQktuVERwK28KLS0tIHM3YXV6SVhhbnYvM3YvbDl2WjVh\nRVp2VVFPbmllWWdNYkwvdWlyVE5FancKYNu7sW02LXN3QSb1QiJy54TNgG1ePGzl\nXxvo3fEkXN+NtfK+m5dBVza1ZeGeqa2y4nfv4+UeYhUF2tW0YVP2pg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age17d4qt0n9edq57tgcqyk8eu5mrendl59yt6z2y3a4vkq7el8krqtq6lq28g",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuZi95WFV4NXhxakZwT1Zw\nU2x3N0Y4VU9EK1NzYkkzQmhqZmYvaFVtT3dRCjdjN0FNV1p0bkdmWUY0WVY0VjN3\nYisyT095Z09RWW1GUkJuUEpFUFNSSkkKLS0tIDFKc1pTY2FacXQydnlKWENBTFJ1\nYWh3c1Z4c3Rha1l1Znh6Y0J2cmhvckkK6JtSrCRKEZozbeyyIIgvRfOo83eaQZSk\nXUmaiy3GxHD9hGOnxm5uIYK+Jdugl+OtQsvW+Kn0HXWSFIRK49IlFg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpf43tgcfjm048lsqskvq34w2t4uvrm5qy6m2eg6zjj82ctca8wctgpczxvj0q4y6337uhvsxdh5j86k9h9ymautpvv2759ucwnef75ez7pa7fpkddklp40mxk2tedsp74359g0kefn5rsq0x0yss6cu4yd0h06up0rp08t6yc4l0hfa9y8jn5fkx6nk0hjhz06ykwv0fyxe7z42q683jy0",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIGNncFVvQmQ0\nVWlSdjRPTjlvdU12WElPdG8zU3BnaEovQ0JpQXYralpaQ1UgQVEgd0l6SlBCVW1v\neDl5N0lHYmVrajZzVzVTYjd4WVdNVjZoZVlkUEtmVXlMdyBIdmtoczF0dmhxL1py\nS1hsc0ErckdoVVB0bE02RGdCNW5raERXT1ZJMTkzNjRGNHd2T3ZSTVYrKzZlbEll\nVTZKc2JVN1B2SzRuNkpaekhwSWJQaFZVQQp6Y21FdXdGV0dFR2d1WXBkdmxQaDZ6\nVm12bnQwUUlOYmlhOFJnaEk3Y2NVCi0tLSBWVlJiQ1lJcFlWR2tvemRQQUdwNlhM\nWlZEekhVdnVkSklIc1JYT1FUWlljCjku0ljp7akJdfVmY3t9KQ8VRnG4H4AINPKf\nN3C2NB7Y1gVuhaD8BRZX9chTVOlntpYcQxf0apDEvEG+CWfTa3o=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqprw0vfpc8wzsu78quc777kmee54ln6nnsjrnrhl7nr33eh4kvkksqp05qqxj4kgfzrmrugrsvg7skx6ghh3q9xc0x0agthtkvy25d9eq7eklta5wf7s30hexkuyl5546rdz9ffa5tawlp5yweqkgccntw0ny540n2am3cqw3luhxkfmrp63kwr6mwplhr9u26wll48x0n3k5f60c7hg9a3",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIEw4d1Z2T0Fn\nOWlDOE45b1pURTJHK1hiOHU4djlYdlQxbUpQR3BYbXFEWGcgQVEgZlFBRFNyWkNS\nRDJQaUJ3WWowTEcwaTk0Z0tiRHpQNmhkMTJZUlZHbHlEMCBtMzE5bzVQb1JmZkpy\nY0orbEs2RzBSVXA3UmZYZkRRanNnc2pHSnJjK1pLVmZOWGR4d0IwZjh1YXlkakRx\nTm5EMXR3ZjNHWGl0Ty8rcHpQbkcxRTZmZwpJcnN0UlRnVUphYmIwNjB0WU1XM09Z\nWHJLSWM5TGpJK2swMW5xcGMvRjRzCi0tLSB5eVZudDlOSGZabW1SZm1HRk9aUXV1\nYXJWVCtwWUVmN2JLRXRLd1I2OWs4Cp8xVbJ7VFbXbWyRzt3Lhw/gZ6pAbN2lpwlX\nfbE0BTYYTYD+w9LZfJsTLdUv2DP+9zugcePyJGxL0FJu40UkcPA=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1fido2-hmac1qqpyewum3q8dfcumfgec8nn958aec9f4q9aqy0k06kw5kq27d6fdqdgp0p7y4ru3n5xk90u747xevxa2af3v37e85j9g3axrmw5hdwdfh0wz22hut5vrafxsx26a7vh8fjwkymz3ramfgvvu4detztu075kmpr8l9ydqda0rnjwatdwmfgswg849p37astvld98s3nleeq575azlwc2hhpuh",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IGZpZG8yLWhtYWMgQUFJIElMZWhxa3o4\nR20yR0RaQTlxTzE1d3ZMOXgvUjhXbEYzS0JiYUV2RDJ2aEEgQVEgZUh4S2o1R2RE\nV0svbnErTmxodXE2bUxJK3lla2lvajB3OXVwZHJtcHU5dyBKU3I4WFJnK3BOQXl0\nZDh5NTB5ZFlteFJIM2FVTVp5cmNyRXZqL1V0c0l6L0tSb0c5ZU9jbmRXMTIwb2c1\nQjZsREgzWUxaOXBUd2pQK2NncDZuUmZkZwpUVVB4YnNRT1RpOWVMMGZmQkt6TnpR\nc1ZQRWFNTDVVN01xUlVTWUllVHRJCi0tLSBBVWNZa3NEbFRwVnhvbEdsbEVYRGRI\nd1RlTm9UbkJnODlkVGdhYmVPREc4CjI3dqGOKfw7Fr/f0dup0ZyJ4+IGKI2BUmIe\n4jj9+nGbzgRh+2KYlZh/UlOTbrEWrWsrXjZsLcFeYRadJc3Qmbg=\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCcFozN1ZpaXh3Q05UWnR6\ndk9NMDhyd0M5YS9OeE1KSTNRa0JOOHBWaDMwCmlieENKcFBCelJjR0lNWnpycHpu\ndy9lT3dmRzIyR1gvVDN2VThVQk1TNDgKLS0tIENtWnVVUHJ4K01tVHpVZWcrWFpP\nS0NXdVFLeVI1dTVTTk5kS21aMno1bHMKinIeyyUs9QL92/Egx5VUlXq0w3cEDCJk\nFh09GKnj3kNlFOKCP3grVBAX36TKAHLLKGHr+sz30G/VPkGUMNHKeg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMMnJZTFFYUEtvWjRkVFg2\nVW1RWVlOa01xbnhGVlFJSmVyKzhWYjF3THc0CmpXK0NuZ21BR0p5OWt0TVBrREc3\nckRqdmVxU1JLMUlqaFViTnNBSEwwcFEKLS0tIFVJSlNFK1Ayd2dTTlZncEViR2JC\nNm0yM0JZMWpKYXc2RS9QMGtKWXJXOG8K1UrprHHWw4SsWG9/8sD5aDKGmAIrorPL\nZPzhlV3WLDw2YvZPVahPDgNEsWVitL3QVzEnxbQDQeLe9Dp0lTFc6Q==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1swlyyk2rzvevqawyeekv75nx2dz34zpe3xqhkqme26gcgeavy4dqrfpcd8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKRWJjdytWNkYwNUh2UlZN\nTnVod0N2SXBZbGZKa2pwejZneW9FdFliOTJ3ClNoa05JMTdOSXBNWjc4OUsvWUlM\nbCswa3RkWmZ1MU0xRVpjQy9sNkpqNmsKLS0tIFNhTjRDV3B3S2d3ZmhhNnNmZkdJ\nMGw3TzBaMzc2ekpuaTFzZGQzaTRlc3cKWfPSUoBVO4+stvpHPuXOcbg5mY+JWycc\npbxEAnDep9KiI5aqWao7fQ74SHzVQrMFUPITo9ARgbIhUqKrdrA+yA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1vphy2sr6uw4ptsua3gh9khrm2cqyt65t46tusmt44z98qa7q6ymq6prrdl",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUMVkwak1tenhnRmZzd3pD\nMmxzdytMMmhnZzdZQko4Z3JVTVhqVVhpY1RBCjVzam9RM0U1TXNzZlhVcXovQ3My\nM2lDRm1CMmxxOGtvUWQ5M0dVVERsK3MKLS0tIDFUYndidDM4WS9DNXJhZVdtOGRw\nQ2R4TERROE01TUhRb2ZkUnRUV0lrdGsKP/BVd0OoB6zU/Pcyk3eI9877EmlPaqPJ\nd5LK9zbu9TX8QJP78ZrC90y1SZW3p4YqgHaLYBDq6oXPnqjk9DnLNQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-10-17T04:29:35Z",
"mac": "ENC[AES256_GCM,data:c8+A/HjyGgxm6wGQXCKG3LDY4ELs44Ct7TEm69YHXgloU3D2hz2PTBXHguLqr0NHW5o0HhrFodH5+3+W0WWssIrsMp8w3IW9r2u1+c3Xn2tGkkZ/TS93KNT1wPfiBlF5MVREm1MsZC2kKGR4QHqxcH+1hcRto6dHTAcEz9uSNWQ=,iv:sq6BLJ4eXTbtprhet+XwbZwohRcRMRUe14IiyR+2+tw=,tag:NxkOC9CT7zWtWJDbheldSg==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

1
vars/per-machine/b4l/yggdrasil/yggdrasil-secret/users/kurogeek Symbolic link
View File

@@ -0,0 +1 @@
../../../../../../sops/users/kurogeek