diff --git a/hosts/bind/default.nix b/hosts/bind/default.nix index 162d3d78..04cb17e2 100644 --- a/hosts/bind/default.nix +++ b/hosts/bind/default.nix @@ -1,11 +1,9 @@ { zentralwerk, config, pkgs, ... }: let - systemctl = "${pkgs.systemd}/bin/systemctl"; - deployCommand = "${systemctl} start deploy-c3d2-dns"; # wrap reload in freeze/thaw so that zones are reloaded that had # been updated by dyndns - reloadCommand = with pkgs; writeScript "reload-bind" '' - #! ${runtimeShell} + reloadCommand = with pkgs; writeScriptBin "reload-bind" '' + #!${runtimeShell} rndc() { ${bind}/sbin/rndc -k /etc/bind/rndc.key $@ @@ -38,12 +36,6 @@ in }; }; - sops = { - defaultSopsFile = ./secrets.yaml; - secrets."c3d2-dns/gitea-token".owner = config.systemd.services.deploy-c3d2-dns.serviceConfig.User; - secrets."c3d2-dns/ssh-private-key".owner = config.systemd.services.deploy-c3d2-dns.serviceConfig.User; - }; - # DNS server services.bind = { enable = true; @@ -57,11 +49,9 @@ in }; ''; }; - systemd.services.bind = { - serviceConfig = { - Restart = "always"; - RestartSec = "1s"; - }; + systemd.services.bind.serviceConfig = { + Restart = "always"; + RestartSec = "5s"; }; # BIND statistics in Grafana @@ -82,6 +72,10 @@ in isSystemUser = true; group = "c3d2-dns"; home = "/var/lib/c3d2-dns"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHIkIN1gi5cX2wV2WuNph/QzVK7vvYkvqnR/P69s36mZ drone@c3d2" + ]; + packages = [ reloadCommand ]; }; systemd.tmpfiles.rules = [ @@ -89,120 +83,12 @@ in "d /var/lib/bind/slave 0755 named nogroup - -" ]; - # Build script - systemd.services.deploy-c3d2-dns = { - wantedBy = [ "multi-user.target" ]; - before = [ "bind.service" ]; - after = [ "network-online.target" ]; - path = with pkgs; [ git nix curl openssh ]; - script = '' - mkdir -p .ssh - cp ${config.sops.secrets."c3d2-dns/ssh-private-key".path} .ssh/id_ed25519 - chmod 0600 .ssh/id_ed25519 - - # Build at least once - touch deploy-pending - - status() { - curl -X POST \ - "https://gitea.c3d2.de/api/v1/repos/c3d2-admins/c3d2-dns/statuses/$REV?token=$(cat ${config.sops.secrets."c3d2-dns/gitea-token".path})" \ - -H "accept: application/json" \ - -H "Content-Type: application/json" \ - -d "$1" - } - - [ -d c3d2-dns ] || git clone --depth=1 gitea@gitea.c3d2.de:c3d2-admins/c3d2-dns.git - cd c3d2-dns - - # Loop in case the webhook was called while we were building - while [ -e ../deploy-pending ]; do - rm ../deploy-pending - git checkout . - git pull - REV=$(git rev-parse HEAD) - - set +e - status "{ \"context\": \"c3d2-dns\", \"description\": \"reloading...\", \"state\": \"pending\"}" - - # Fix legacy paths (TODO) - for f in *.conf ; do - sed -e 's#/home/git/#${config.users.users.c3d2-dns.home}/#g' -i $f - done - # Allow creation of .jnl files by BIND for DynDNS - chmod a+w zones - # Clean up .jnl files - rm -f zones/*.jnl - # Take action - if systemctl is-active -q bind; then - /run/wrappers/bin/sudo ${reloadCommand} - fi - - if [ $? = 0 ]; then - status "{ \"context\": \"c3d2-dns\", \"description\": \"reloaded\", \"state\": \"success\"}" - else - status "{ \"context\": \"c3d2-dns\", \"description\": \"reload failure\", \"state\": \"failure\"}" - fi - - set -e - done - ''; - serviceConfig = { - User = "c3d2-dns"; - Group = config.users.users.c3d2-dns.group; - PrivateTmp = true; - ProtectSystem = "full"; - ReadWritePaths = config.users.users.c3d2-dns.home; - WorkingDirectory = config.users.users.c3d2-dns.home; - }; - }; - - # Privileged commands triggered by webhook/deploy-c3d2-dns + # Privileged commands triggered by deploy-c3d2-dns security.sudo.extraRules = [ { users = [ "c3d2-dns" ]; commands = [ { - command = deployCommand; - options = [ "NOPASSWD" ]; - } { - command = toString reloadCommand; + command = "${reloadCommand}/bin/reload-bind"; options = [ "NOPASSWD" ]; } ]; } ]; - - # Web server just for the webhook - services.nginx = { - enable = true; - virtualHosts = { - # hooks, logs - "bind.serv.zentralwerk.org" = { - default = true; - enableACME = true; - forceSSL = true; - locations."/hooks/".proxyPass = "http://localhost:9000/hooks/"; - }; - }; - }; - - # Webhook service - systemd.services.webhook = - let - hooksJson = pkgs.writeText "hooks.json" (builtins.toJSON [ { - id = "deploy-c3d2-dns"; - execute-command = pkgs.writeShellScript "deploy-c3d2-dns" '' - # Request (re-)deployment - touch ${config.users.users.c3d2-dns.home}/deploy-pending - - # Start deploy-c3d2-dns.service if not already running - exec /run/wrappers/bin/sudo ${deployCommand} - ''; - } ]); - in { - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkgs.webhook}/bin/webhook -hooks ${hooksJson} -verbose -ip 127.0.0.1"; - User = "c3d2-dns"; - Group = config.users.users.c3d2-dns.group; - PrivateTmp = true; - ProtectSystem = "full"; - }; - }; } diff --git a/hosts/bind/secrets.yaml b/hosts/bind/secrets.yaml deleted file mode 100644 index 9fedeb4b..00000000 --- a/hosts/bind/secrets.yaml +++ /dev/null @@ -1,204 +0,0 @@ -c3d2-dns: - gitea-token: ENC[AES256_GCM,data:RXHCzJE8aW6ctSAGAF9XT0eQx1qw6qUZiWzn1J7MFRTui0/5b69Z3A==,iv:nFl5cK7hnedaJPc/z10hApVQnA0owu1HhTNhJekYDbs=,tag:oP7yhtI8Utqyx1mSL3v6dA==,type:str] - ssh-private-key: ENC[AES256_GCM,data:P/TaTrnCeE2sK8v2mA4BsI7zPHYYEu23biqd7MB4pKq4DjQitfZkMG2rTBc4B0mQmT0lAKd+IgplwcR3n51IM3PhD5rMHJxZDS9BkKHy2MCHgFD9IF8//DIi5s1vOdas6Ddj8EVFsbE6WHqyBcY8RHwMzkSIiNcUI/+8p0kUnRIPcA6mKTop1oi6Z4u8UJATUWuO/kKgIt9zlrottbyjnHgtFKyrtPexCrwmrJlFYjatHFzDzr/I/Y7mkZ/Lt5XNE/dEskzgHT5wRKinxplEnFz7g4a0Up0cwDc3qhSEYd0b4SQqYRyISiUkiuNgK3yOIjxATiMxRUq/zMUR8B1gG463xuSV8y0c94UH3ghFVV4VQtTVqri7FIHvrbQioW/Q/Pdkv2MiDqB3tX6NX38fqnCeccmtY0VH9QQ7QkmZFqhb9x23K0XufNZ80Pnt0c3bgLYrEHuatj3IhiaZu6u9SXY7DaFd7OCxLsuDthfuMrHgmMrrZaqKDi+NzEzDaKsZxCsPfEfhlRZ8POwX8Fuk,iv:zk8xQKNpdxgc+0wz9nF6T9nEOYNock3ieec+IITDxUA=,tag:lr/gaMyH5AHYUkLlGjUiCA==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1hfzpctkk5tz0ddc86ul9t0nf8c37jtngawepvgxk5rxlvv938vusx4kuc6 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsZ0E1ZmEzWmxyMlRQbmZn - U2E3M2JZZmduS3l6WUt2cVZxdXorSHZmdVV3CmRKNVpEalFxM2xEQ1Q3bjNmSUlX - MUtRQWkxL1lTTWpxQXJobnViLzhRek0KLS0tIERSdU16NUM5VGo4U3kzZEZQc3o2 - OGFiQ0JQamtrdmxXN1ZCOWdJanhMdDQKptgLpi9O+bf7byxo/3i64C1AGiSKugzG - 3TczyCeBJeRqqiC+E8dClQtl7jxn75iJM4ejIc2mJ+h0M6Fg77Qblw== - -----END AGE ENCRYPTED FILE----- - - recipient: age12aukzah0pt2rck52hwn08kezyxueqz2f49ld7hpyuzmu847vavdqkunn5c - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsRkY2SG45dE5ieHJDYmpU - elBydjlJWWRSVGgzNVNUWkdpMVM4VVl5dlRNCkFkZ1B4NGdNQmNPcnQ4ZlB3Nit4 - aUk3cHdROU9WRy92K1JsWU8xb0NPK1UKLS0tIG10L2J4VUNzY2pWNW0yL0xWYUR2 - VCtjTDZrMXhEemtSNTdDQ2d1UTRPQ1EKMcWrKrnlnSsAuo1W/ZEuMph8MaBYFlEM - lKGvxHPxM3jwrfZHS1HYoOqnZuQpjL/1yih9Q3EaloSAb52wpmlsHA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2022-12-27T04:14:45Z" - mac: ENC[AES256_GCM,data:MjReJqXyYFk5iPtXVrZJXl4pEFdV/BPTimNbF/nf7IN1jbFP9Q3AkMbUvgdAzKv/8GVVI1902iKikMtfpPG5+Z1ZGTxW+kW3E5524hRJQBIa7SBjFvhEEI1hG6f/aiVKr+1ExbZXlLWQD1JwdSRD6psqQNB1HB3ySa6HUcxPI+o=,iv:s3ipL7iMWffyWQIHhFXPzhBq0FJXPUnDMmLOo6cml30=,tag:acoEP73AS/AhZUlH2x3CHw==,type:str] - pgp: - - created_at: "2022-12-26T23:54:37Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMA6j84+xkv3y7ARAAkTXOCz20XYDtTC5Qee8a/BqiQZ8NHj+1a5AH30YI5zsb - amP40SpMHHlooQ3BHBt7a7Ai+4SxZz11kc05MGk+waMTFbETl5utun+LInnT12ND - 7jtxgavDwfTCQZqQevFs0S3DMBo0qQH2pX2HPWm87oiDMbQl2H6waJF2cW2RQ0N7 - iX4A6WbIOW6IWBU7mNW5l4uAoCBXOcZtKVGHdZ7+7ExjpcEO07r403JYkdgBSHrB - xw1MKGGqOhYYHRJ8SrSkNQrGHpjR+mnon3qK0Prjqbwu5NBNhXTC1Qia9PGgapCO - Y8eHwbteQ8hVZ1qX2UYs/K/MYfsZOwgj3+sCnYAuTPchFr7UCHGQP+8XEOz5JKme - S62MkNUY31TNEGX8q7O/Ppwi06c7xSwrCZDJpEfsJ9rEsl7WuPGohDarp2k1+XzQ - oaghY8Pj8qhmIF1G1tt6BXbqwpschOSUgZreX8qXjWF9P5IAu3c5gwG7IRfoQ8LG - Ed+xYAZl05EDxa6adTsZXu4osppKbIQnw/8s/g20Of9luaxEiekyz0togr1kCug2 - 9wYi1n381IKu+j/zzQrvmrCf9+fH0PHCT4Yw6CcYiFh1KtIXDLSenLoDThMeAZAh - qLcQSHNZAK8BYRYDCNBvrX0olbDuFApIb+5Be+RYe5qC8hP7/kg9c3qA2x61tZzS - XAEYiTX34lQUnTaTkeCa5htBh9o7n42S6cLCcbJugKqvwiTLQ1MQzKgdjcI9qw0D - UqjjMHZGvPVZEj63gfsREgkNF+y4fl4HtIe2GDbtnDc6d/HRfHq/sklnUf1F - =o5jS - -----END PGP MESSAGE----- - fp: A5EE826D645DBE35F9B0993358512AE87A69900F - - created_at: "2022-12-26T23:54:37Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMA8zMZ+ak7y/zARAAkOCYltg68fdOonrUUwx/oATvcd+MqMMAiTSIEQdrC7oS - yzTkUmV5e0CdgTMBajwWhmEzalmgXG+LRPqkVjBlCeYWzTnam8qyJav1N+MSZAKU - Tqt4aCXHP99nKUWHgKh1zwd9b/Z1Sn3Be1TSZPt3N2ZDuRI/fdbxXkz9uILkbGxm - ccObtNTvdHCFi7IlVygaQwRbtZFL1NL4ZMYGo12Jmwk2rpJ7TzXQcQmPCVs227KC - iaOSCIIZ1Hk6dzsSDGtg9/g5Oi9Z5nmkNhw7kg4kITevHREUNXceErJwdzKn+Pzt - md2/CnwzsMBNFmFu8kHsbuSJOAt0eoukE6RdBN9g1RLo5n+FklXL8JgQM1ySRbmC - QQ91UasUtDX1OhVvi+igLf9FFzDPiZERdW595k8w21WUC303dwsEACTfb1hhahMc - ER/FaVl0ix3fPCEZdYbBRC3NzC61nG/fJGudLKRy6c123AP6I18tEt043S41hPiA - wSM2G6oR46Ozvt0aC8nPK6/QBzlMGpIrzd9T/go7S3Lz8VSpTsZMawSlXtU8YeiO - W9GYwsCETfYPHTsVclyQOX5BNzEOiqnd2F0y2CJRfwTPSJ2PdfJT/In6rhO64xFS - 23WAIXvQWMW+VozuJOnsjwzIyzt18769y8xmF4wVjXDXHsnC7bvzuoy3yi55pJLS - XAFwDREiZomYNWGNSf4sLnv8co8q+CuRtfQ5gSQ2orROOWOhj6rmzf89+5oWew4X - tnEgV/KuFFvBfnLoXeoMYed9VzDMII5dMyU/qQrhWTTaZsqdNknhvbwnQ9Jc - =MckW - -----END PGP MESSAGE----- - fp: D4E89C6A0A58EE803EF708EFA9B23715F7AA3F1A - - created_at: "2022-12-26T23:54:37Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA45bZkLXmBFpAQf+Knrk/azuhzbIwM52J09TDIUEXlJWoko0PZnLIq9zvRtF - 00/cLGEorZ2nFGzTIMjgkgRUDyZuj/VnpqXppLxLaL0sfXEP6OAkadaVwepqDXV9 - QciJHWqoV6Mp14U4v4CqqNJkTR4Bv5sLTQfxy09MG14zSy0NS3kR5qPLXq0qV2/L - qp3OBb+a2vgos0lZ7677g3ry0bZYvnIxFSHlK/CuhtmDD3BoOg9EJ8s6F/7lRWjD - EaaPUL8WU12XxhPpjVEURRMLB6X4DQ+L5ZYwJe/askJmU3XoO8l+9v78BdUTPVdu - GcFFxN+1XrIUfDE60k3QzzKwV6p0i3DolbDdzcMUZ9JcAb8sj8XqBbtrHpBgYvXG - DHE/3f8r6Jz638dymU5anlE2Qk+J5KXyz5dD5ILQZdfDWN7nK8E61FVOxZkGBjU9 - J1yf4yJghK2DAw/0NUvzyj/br1fAp9Ov6+f35Lk= - =FSk8 - -----END PGP MESSAGE----- - fp: A4B0F5A80C2E2448A97BEC25BB829C4DECA6CCB9 - - created_at: "2022-12-26T23:54:37Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAwMCBBrc/JA6AQ//dxkQXte+0dsGJW2n8/lrrdw/f55UnPvaYJU2vM0giPq9 - fjysXEL676nrZ70OGLPPWELCtJfhv8OmoBm0ONUS/dLca4ljZTUccNMMzVU9BC1Q - QiULHsN5JN2SUjNT1TyboA479FjolNWFzqQ0zJon/jQ/qX7ByyPhXsSBr9/IQCvP - GO/ZdUue4zsvffLc07AWteZ4xtfCqS1dsCw6XN85R5wcaNxwRZyFS+vpoIJNBQHS - hHDy5PfwZhDAtcWqD4Ikpya7bX2IhCjoV6dmkzF92E3PusRg6s8z6d+7Yys6rGW+ - 9FmVNoAy8+h6zBYnOnH6JxCqwu5j1HvzO2+H+mQp8W9B85YktWNwxESHS3lae0t0 - y3VZ2JTVQTuolzPIxV+xnQb+4Pr0+JYTi/NUiHGjq4ZVQH2keUrFOwB82udebtHi - 0LvL7CMyzOC17N08MRY5rGrEjqgjPpz97IgMYshUt/uUoM0bUw+OGsDcTTTo8w7a - eiKFlgjFnOHPjs1nAHDQsQoJVBuA+GB0MHwEWx0gkaifM/2cNZD6JvuzB4JAcaAL - JrmgX4dWDx9ygaoaLq+N+JD8lYJiC+p6UlRPoxNnLdbecib2ecdRZjoSHfKhvIA8 - SUecMFZhPv0Erc+QnpZ7AtF4EN8/yPllNAnde58iJuzg2535z8xZgb8yFlNAZizS - kAEfPMzgVjPrLO2FF4vMP9ns6ZCKYDnMjOjuur9xjJ4/gD60ZjQvmw0Prh6MJgMF - k9Tc7EXFNIjRTTyFtpM009U9jNYqpv6vmBaTNmmqXvxlKOejznAA1npufL6Yoz1U - tXlMxQBaoyXL053tUbtVvYfOchM9zdbVzh/O5af9CTANaYOsx9YRziCsK8MM9VRg - 4Q== - =ULpF - -----END PGP MESSAGE----- - fp: 4F9F44A64CC2E438979329E1F122F05437696FCE - - created_at: "2022-12-26T23:54:37Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMA9XEenRNYVGHAQ/+KcqYyw8lXqXsEBowCJu3VX/p93bdAja1UpGc/VfdWmIb - NBHPfoyCW4s1iYAuhfaoAjSyNPNoUWBK2Mvk/TV+RiG3rD6rCf+man3U0Y2ndYeh - ZX8tK5rQfNIYlPfG9iGNCPQ9QjbmntaeOOpXOmLfpVfmJ2m1VSolZOSHEqa74DNq - RFtE1IAExPS9veQ9lLEUhaB9c0730jjFVsmJG/BbadHC/c7pGLD+MEK4TCPa5CDe - nQNp6XUEVnhGkv5YkZb4U+I+3cpvgsl3ATEuqmdp6JCN5GHt8hkXd6e+xJlVFpSY - krWJ+mdm4GAmtEzbRJezl81EpgJK/PKRmXo9oPqDGbFD7pNJMmJSGdm0VFCPlDOB - 5MhzcK6VVUPgDnJnR0dgyQoqcrsCl0vmDiEXv/tBJPOzh6NhlLOwAhM5LPcDwjvk - 1hcObTkFsr8892QB5M+GigdFcPebOZxSXEq1wAqx1e9im/Fa2AfHuTGQlvxJEOz/ - wlIuZG+p6x80SUnMXDKxJijQrTd8FV3krbgZetRivDxqmGX2CPfN2V9p6vTU9usE - jLJE9J+/4229tPoPWUPTknio0trKjXryScwgZOn/cvRuUDm6WD6/5cFoQx7UUXhI - +udNxU+ptKb4SAxB31lyvHIoCplZju8I3YflMMqUo5kuNqhuX7zPJJW1Cqw8aPLS - XAGcP7WByNElNFnt6Ir9k++X1gDpBcVBIZanAvYg7txCfulOvsTh21Yv88aZMry3 - oX4TzLFVwgZHkeK9FjHuywLmFY5PzhQ74BV5pVJgLA89YkJsDC3j+PYzrQW7 - =eGO9 - -----END PGP MESSAGE----- - fp: 4B12EFA69166CA8C23FC47E49CD3A46248B660CA - - created_at: "2022-12-26T23:54:37Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - wcBMA/Z87ylQaotQAQf/Vs7w7rpFGW/5TfVP3PYEpNOdpC2OF4gwqnn64a/tjFqC - ywuilusJwND64lsGQzx0U2V/oPRIpny7J2d0MbKkI8lRN2CmuLKjEW1agAzMAbDk - DGpgKgPM17wQotp7nSFElvYbUpLM8bCTLSDAVKR7q06OP+IPNFhn18TEUAKYFeLu - S0IqkmD+vyyBoYFWJlKe8VAFa+9nepqeYh/DujMAcJFVqxsDVHFrAQiW32ZA+yGX - QWVObtI3KIdtsguTRtX064kzMqpAwNP6nC7u4FMSpwzVgtiS5NiQJHAxufFtHseQ - oebWaevfVYOARJ3X3e03gKkQkwTdaIfyYRE7nLPkidJRAVGY5W+BC3KQo0Qunc9U - Msyy9QYCU3RTjGGX8GzJfWT9Hm3pXaDIq7IO4UrHsfIYngO8IHwKXIbx95cd0gsk - o3p9YwOmYDX6l0+iiNJKAnZS - =1seu - -----END PGP MESSAGE----- - fp: 9EA68B7F21204979645182E4287B083353C3241C - - created_at: "2022-12-26T23:54:37Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - wcFMA9qJIVK2WMV7AQ/+LwaUGyldQleNLfov1cZS7lCJaZgI70aP+s5eAIbmjooS - CbsTrY9BXd43cW+lwZfWJ+APToWdjA/hZ9laGFfO/1bxRrpl8wDhjuJkM9bTYa29 - Cabe3zupom2yA6qC5MftZ/cxShvgT8bE7KcTNi4GbMutjcz1PpKMkWs6at4gTJWn - wlRr570fEPK0NpkmAfn8DgZLVKs4djW7Byyzmqq0VxmW0txjvG998ghreTXojqOa - CHk2k8tHrZAR3qvBEuDBAGY13EWK25KvHkBKnl41z6xp58Xc/ZFa9o2/kOW41iSK - l+P9DI+v/qOBlqEoGsRewI30Nmkqm1z0TGLb6yO0qKrb15YwWWyit9Wf+RHpeVLa - AwWwL8sBNoDmBfozwNcWjT5dQ/ynipZ3E5TdKaBA8mjqoqu+1RDaP7JoLFv6/8d5 - 0fuN8vg8IbCpVw9NhXHQMmbqKcIeJ57xb0EQ4hdwQwTFs06yS9FHWUhUcT6165v8 - OyQN4mN6w4sZTvKrRLQ92bEHMSS7HKBWHwVPzotNHZqATYd2TPaAp2uhd4ptrpA1 - t8lwmPwSa3GYjklkVwR8HzrsQmNu4fiSQA8oVKqG2x5whg6g2ScqAJJHgfcfNG6P - 9we3zYRdLTeyLPdxKa6XPUbdx04KRExDywaX1aYW1UHGuZUYId9d2TU0dO8qzVjS - UQFl9rewNQu3VwtE1GLScvRkCVz1pwfTKIiY32lj7yrdSiEGtrRWXcHDfJaNgM8J - wfhRlioPpgQ/stbynk10xyhar2SDlt3VNcl5K04DR7sTMw== - =oIfU - -----END PGP MESSAGE----- - fp: 53B26AEDC08246715E15504B236B6291555E8401 - - created_at: "2022-12-26T23:54:37Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMA/YLzOYaRIJJAQ//QS6tZUjaRSJAj5nIK8Z5ZHsVoQ5OyqtvySAI7h4uTBHA - FSmBrixb3OhjaaF7xxkebx0Hq+H/03sHu38jJijdC55XT+l1gyu8Uuob282qU+Ii - Fdo0Naub1e46sWwwH/n7h3CvVqNhobjvcZcvEG88F1s/uNjXG8rJ1DubbpoKFIns - 6jtfElex31WDaUU178NaNC0gCTDGYK/caEg9GhkHpHHnupdYkX/Jqc+lx37yt+1p - uMLIS8CkHPHp8t+CwyTlPyeuDgTsAK+J/f5mP/KdD6z5FIOo76lz2n20qSzjFJDe - FDh46mbUi2OtUzpObRN/mcYDz5HByqO48j958cTljGF7t1oN48ELrVPc0nWJnxY/ - SbER2/aR8tuO0HsHq0UgsS4MoXCBwfH0GIs0199vPHSWQDq33E5f4cMJxV1bbTWu - kJVQYBPFGWEiaavcy0paUtHvbplbUtbbRfmpOqszUMRUztt4CjCAD98hdecUlWZd - 3cdMyldySiHNRG9nLh9ZIDfiXKijuVYRXA3aa7EcSo9/Di3wycwmJ+M4Mf2M5S97 - /LSVGX6IrGKCbbQoZFE5EVF7JkN887d/Czp8OEN+y3sPDnKwLBcYBc1j5ZDk9ZjT - 5DHC64vbyw8cq+DYB62V/jIuHxPqHH+s3mjsPHbR4N72/3LBoZtC62xtYCad1SfS - XAFriq1K8ZEqZ++w/B9afOc+8Qx/48PpRBv0xTOYxJPUKARdLa9XfDAtryOdivf7 - ckwm4BJiIQ1kXwxAWUwGkdZDjAMQgArrKhMK32jzTh/F1B5ZqbIqnbPuZmkn - =SGUJ - -----END PGP MESSAGE----- - fp: 91EBE87016391323642A6803B966009D57E69CC6 - - created_at: "2022-12-26T23:54:37Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - wcFMA7zUOKwzpAE7ARAAjDbi8Rq7obP+Cpwrfk4617JlZ38zu5n08ac8hRpm+QrM - lHiMx/4/ew4fMndKNTMJzchbgeBhkU3zjDkgSy4KOMjZ6I9WuhRYxHLaWBX7EtZP - I7+KnOinUtJEOlIVaoecsJrrBLCjta4vtu6KkXsEjZ7dYin+p2il2cDft7bgIoYu - WfDs3XKjjOTNEPNfxrUrDqy+E4P0evT1A+LE/uKgjkrjVTQrUAbjY6vNxU+BGN9q - 8VELiP3Xk70i4FBRFjwofi5JygSej+ycD/fNi7OD8d0ciarj+7p/KnkBRTJelJJA - LSjbX7FJBs539gLUhpn3uqRuyvBMGanjmdb3ZB+mMNAdXVO5pt7zbPHXqAitvaoF - HrQFVOg42jlV3TRmmGUrfP4FVEpogbcSAY7d2BV2MSDFktUlQlY1RwuCXqyuwp45 - ZzkfhL8coJN6TU836DbnC6wEwpcFXZvGqA+T9xbPaT6SUt5Wg2MTzaHe7siRsifQ - ZZ7vAHD+DdG5OHiR6loiyunDhyfWmUtOaOMGl982HjvKo5BOHR+93xJWAGwWZgA6 - Y2TEeh8yzDCMckhKNx23QoMLS4iI8WlwnU4xeJbBjFuGv+XZzoHUY7EiRK13lWlm - wKQiZlwI1wW4Lj3ae3lqZqv3oXTOEulY7/4BOCUvZk2Vzdl/m6QEBG4folHlkZfS - UQG3cLdWCzWHoJgIf180LHKH4ImQkQpIdSViZXE6dufi/TgbNuCLWaOJ8T0lB39Y - I5R0/fAyCoZPpbUHcyTmQXfN2KU+T0k1/xFRdcw4sP6q7A== - =/UDl - -----END PGP MESSAGE----- - fp: DD0998E6CDF294537FC604F991FA5E5BF9AA901C - unencrypted_suffix: _unencrypted - version: 3.7.3