diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 00000000..50f27013 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,107 @@ +keys: + # The PGP keys in keys/ + - &admins + - A5EE826D645DBE35F9B0993358512AE87A69900F # astro + #- 270DAEB0EC5A129CE1F38E2FCB5009A2DB4C5190 # blastmaster + - D4E89C6A0A58EE803EF708EFA9B23715F7AA3F1A # deployer + #- 844267BA729E32B3329B9DBF59E238FC65F349F2 # eri + - A4B0F5A80C2E2448A97BEC25BB829C4DECA6CCB9 # winzlieb + #- 9580391316684474BFBD41EC3E8C55248C19AF2A # xyrill + - 4F9F44A64CC2E438979329E1F122F05437696FCE # poelzi + #- B2918084D9BA194C66AE78769E5D7AAA5B6B2D79 # schmittlauch? + - 4B12EFA69166CA8C23FC47E49CD3A46248B660CA # vv01f + - 9EA68B7F21204979645182E4287B083353C3241C # j03 + - 53B26AEDC08246715E15504B236B6291555E8401 # sandro + - 91EBE87016391323642A6803B966009D57E69CC6 # revol-xut + + - &polygon-snowflake age12aukzah0pt2rck52hwn08kezyxueqz2f49ld7hpyuzmu847vavdqkunn5c # polygon + + # Generate AGE keys from SSH keys with: + # nix shell nixpkgs#ssh-to-age + # ssh-to-age < /etc/ssh/ssh_host_ed25519_key.pub + - &glotzbert age1zqpep2vgfqeyvtj2jpxczfgrpjffwda429rnuztfp0vpqsrqdq8s8f4yua + - &radiobert age1lga6hjmxa95fmtdn3frlmy64ej3hyswxrcuz25qvw0kfsxkqeugs8gjw8q + - &blogs age1lccjvj9z8de4hfrdeumm9eu7awef4d9jygv3w7zdash3fhv6e53quy53wz + - &dn42 age1726t33dl7pv3xrxxlafj2sexh7c0jm8pza84yu6l3wpz3fw5dauqxlass3 + - &storage-ng age1qjvds58pedjdk9rj0yqfvad4xhpteapr9chvfucwcgwrsr8n7axqyhg2vu + - &hedgedoc age1jt5pj0c0fvmzg7quaucq4n2rzcx9ajzstp8ruwc8ewjpay5vqfqsdjaal8 + - &hydra age1px8sjpcmnz27ayczzu883n0p5ad34vnzj6rl9y2eyye546v0m3dqfqx459 + - &mailtngbert age1lgjvtszpds9flpwsstxdht00c7zlk3mz7nlc5qftyt8rhfdm330qqmhl72 + - &freifunk age172fqj4agvdnh379n2ysarxy2pq9lupu5d7d0g2v5fw33fkqkte3spae2hu + - &oparl age14aq8fscrwkgmu5yv86vj7p7kmxclzs6dp7fpvdhvrnmce83ztphqc4mr9q + - &mediawiki age1xjvep7hsnfefgxvuwall8nq0486qu8yknhzwhf0cskw5xlpm8qws9txc56 + - &broker age1dj0d0339f4law7qvuzcv2fs6sf8why63s3l8tja0f8vsj7wefcds9drvte + +creation_rules: + - path_regex: hosts/glotzbert/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *glotzbert + - *polygon-snowflake + - path_regex: hosts/radiobert/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *radiobert + - *polygon-snowflake + - path_regex: hosts/blogs/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *blogs + - *polygon-snowflake + - path_regex: hosts/dn42/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *dn42 + - *polygon-snowflake + - path_regex: hosts/storage-ng/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *storage-ng + - *polygon-snowflake + - path_regex: hosts/hedgedoc/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *hedgedoc + - *polygon-snowflake + - path_regex: hosts/mediawiki/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *mediawiki + - *polygon-snowflake + - path_regex: hosts/hydra/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *hydra + - *polygon-snowflake + - path_regex: hosts/mailtngbert/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *mailtngbert + - *polygon-snowflake + - path_regex: hosts/freifunk/[^/]+\.yaml$ + key_groups: + - pgp: *admins + age: + - *freifunk + - *polygon-snowflake + - path_regex: hosts/oparl/secrets\.yaml$ + key_groups: + - pgp: *admins + age: + - *oparl + - *polygon-snowflake + - path_regex: hosts/broker/secrets\.yaml$ + key_groups: + - pgp: *admins + age: + - *broker + - *polygon-snowflake diff --git a/flake.nix b/flake.nix index b5d7984a..061a980b 100644 --- a/flake.nix +++ b/flake.nix @@ -53,7 +53,6 @@ url = "git+ssh://gitea@gitea.c3d2.de/c3d2-admins/secrets.git"; inputs = { nixpkgs.follows = "nixos"; - sops-nix.follows = "sops-nix"; }; }; sops-nix = { @@ -432,7 +431,7 @@ auth = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/auth + ./hosts/auth ]; nixpkgs = inputs.nixos-unstable-sandro; }; @@ -440,9 +439,9 @@ broker = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/broker + ./hosts/broker { - sops.defaultSopsFile = "${secrets}/hosts/broker/secrets.yaml"; + sops.defaultSopsFile = ./hosts/broker/secrets.yaml; } ]; }; @@ -450,12 +449,12 @@ freifunk = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/freifunk + ./hosts/freifunk { nixpkgs.overlays = with secrets.overlays; [ freifunk ospf ]; - sops.defaultSopsFile = "${secrets}/hosts/freifunk/secrets.yaml"; + sops.defaultSopsFile = ./hosts/freifunk/secrets.yaml; } ]; }; @@ -463,14 +462,14 @@ ftp = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/ftp + ./hosts/ftp ]; }; gitea = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/gitea + ./hosts/gitea ]; }; @@ -481,7 +480,7 @@ nixos-hardware.nixosModules.common-pc-ssd secrets.nixosModules.admins { - sops.defaultSopsFile = "${secrets}/hosts/glotzbert/secrets.yaml"; + sops.defaultSopsFile = ./hosts/glotzbert/secrets.yaml; } ]; }; @@ -490,9 +489,9 @@ modules = [ self.nixosModules.microvm { - sops.defaultSopsFile = "${secrets}/hosts/hedgedoc/secrets.yaml"; + sops.defaultSopsFile = ./hosts/hedgedoc/secrets.yaml; } - ./hosts/containers/hedgedoc + ./hosts/hedgedoc ]; nixpkgs = inputs.nixos-unstable-sandro; }; @@ -510,7 +509,7 @@ ({ modulesPath, ... }: { nixpkgs.overlays = [ heliwatch.overlay ]; - sops.defaultSopsFile = "${secrets}/hosts/radiobert/secrets.yaml"; + sops.defaultSopsFile = ./hosts/radiobert/secrets.yaml; }) ./hosts/radiobert ]; @@ -521,7 +520,7 @@ modules = [ self.nixosModules.microvm self.nixosModules.nncp - ./hosts/containers/nncp + ./hosts/nncp ]; }; @@ -547,7 +546,7 @@ matemat = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/matemat + ./hosts/matemat yammat.nixosModule secrets.nixosModules.admins { nixpkgs.overlays = [ secrets.overlays.matemat ]; } @@ -557,7 +556,7 @@ scrape = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/scrape + ./hosts/scrape { nixpkgs.overlays = [ secrets.overlays.scrape ]; _module.args = { inherit scrapers; }; @@ -568,10 +567,10 @@ dn42 = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/dn42 + ./hosts/dn42 { nixpkgs.overlays = [ secrets.overlays.dn42 ]; - sops.defaultSopsFile = "${secrets}/hosts/dn42/secrets.yaml"; + sops.defaultSopsFile = ./hosts/dn42/secrets.yaml; } ]; }; @@ -579,7 +578,7 @@ grafana = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/grafana + ./hosts/grafana ]; }; @@ -592,7 +591,7 @@ inherit self; inherit (inputs) hydra-ca; }; - sops.defaultSopsFile = "${secrets}/hosts/hydra/secrets.yaml"; + sops.defaultSopsFile = ./hosts/hydra/secrets.yaml; } ]; }; @@ -603,14 +602,14 @@ self.nixosModules.microvm "${tigger}/module.nix" { nixpkgs.overlays = [ secrets.overlays.mucbot ]; } - ./hosts/containers/mucbot + ./hosts/mucbot ]; }; public-access-proxy = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/public-access-proxy + ./hosts/public-access-proxy ]; }; @@ -618,7 +617,7 @@ modules = [ self.nixosModules.microvm ticker.nixosModules.ticker - ./hosts/containers/ticker + ./hosts/ticker ]; }; @@ -626,14 +625,14 @@ modules = [ self.nixosModules.microvm "${spacemsg}/spaceapi/module.nix" - ./hosts/containers/spaceapi + ./hosts/spaceapi ]; }; stream = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/stream + ./hosts/stream ]; }; @@ -642,7 +641,7 @@ nixpkgs = inputs.nixpkgs-mobilizon; modules = [ self.nixosModules.microvm - ./hosts/containers/mobilizon + ./hosts/mobilizon ]; }; @@ -650,7 +649,7 @@ modules = [ { _module.args = { inherit nixos; }; } self.nixosModules.microvm - ./hosts/containers/c3d2-web + ./hosts/c3d2-web { nixpkgs.overlays = [ secrets.overlays.c3d2-web ]; } ]; }; @@ -660,7 +659,7 @@ self.nixosModules.microvm { nixpkgs.overlays = [ secrets.overlays.mucbot ]; } heliwatch.nixosModules.heliwatch - ./hosts/containers/sdrweb + ./hosts/sdrweb ]; nixpkgs = nixos-unstable; }; @@ -669,7 +668,7 @@ modules = [ { nixpkgs.overlays = with secrets.overlays; [ bind ]; } self.nixosModules.microvm - ./hosts/containers/bind + ./hosts/bind ]; }; @@ -677,7 +676,7 @@ modules = [ { nixpkgs.overlays = with secrets.overlays; [ jabber ]; } self.nixosModules.microvm - ./hosts/containers/jabber + ./hosts/jabber ]; }; @@ -685,8 +684,10 @@ modules = [ self.nixosModules.plume self.nixosModules.microvm - ./hosts/containers/blogs - { sops.defaultSopsFile = "${secrets}/hosts/blogs/secrets.yaml"; } + ./hosts/blogs + { + sops.defaultSopsFile = ./hosts/blogs/secrets.yaml; + } ]; }; @@ -713,10 +714,10 @@ oparl = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/oparl + ./hosts/oparl { _module.args = { inherit oparl-scraper; }; - sops.defaultSopsFile = "${secrets}/hosts/oparl/secrets.yaml"; + sops.defaultSopsFile = ./hosts/oparl/secrets.yaml; } ]; }; @@ -724,14 +725,14 @@ leon = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/leon + ./hosts/leon ]; }; nfsroot = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/nfsroot + ./hosts/nfsroot { _module.args.tftproots = nixos.lib.filterAttrs (name: _: builtins.match ".+-tftproot" name != null @@ -750,16 +751,16 @@ direkthilfe = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/direkthilfe + ./hosts/direkthilfe ]; }; mediawiki = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/mediawiki + ./hosts/mediawiki { - sops.defaultSopsFile = "${secrets}/hosts/mediawiki/secrets.yaml"; + sops.defaultSopsFile = ./hosts/mediawiki/secrets.yaml; } ]; nixpkgs = nixos-unstable; @@ -768,7 +769,7 @@ gnunet = nixosSystem' { modules = [ self.nixosModules.microvm - ./hosts/containers/gnunet + ./hosts/gnunet ]; nixpkgs = nixos-unstable; }; @@ -801,6 +802,17 @@ rpi-netboot = ./modules/rpi-netboot.nix; }; + # `nix develop` + devShell = lib.mapAttrs (system: sopsPkgs: + with nixpkgs.legacyPackages.${system}; + mkShell { + sopsPGPKeyDirs = [ "./keys" ]; + nativeBuildInputs = [ + sopsPkgs.sops-import-keys-hook + ]; + } + ) sops-nix.packages; + hydraJobs = builtins.mapAttrs (_: nixos.lib.hydraJob) ( builtins.mapAttrs (_: nixosSystem: diff --git a/hosts/containers/auth/default.nix b/hosts/auth/default.nix similarity index 100% rename from hosts/containers/auth/default.nix rename to hosts/auth/default.nix diff --git a/hosts/containers/bind/default.nix b/hosts/bind/default.nix similarity index 100% rename from hosts/containers/bind/default.nix rename to hosts/bind/default.nix diff --git a/hosts/containers/blogs/default.nix b/hosts/blogs/default.nix similarity index 100% rename from hosts/containers/blogs/default.nix rename to hosts/blogs/default.nix diff --git a/hosts/blogs/secrets.yaml b/hosts/blogs/secrets.yaml new file mode 100644 index 00000000..4a5b2100 --- /dev/null +++ b/hosts/blogs/secrets.yaml @@ -0,0 +1,183 @@ +plume: + env: ENC[AES256_GCM,data:V7pEExE5jGT7JSCejzo1m0QlMgpKuaF5CnHvR7LCvTJSgoCeeNW9ImtVk8MtqtoRngH45jgseuC5wZNzXSMG/ltQ4c3ThDcxKP5ngLmEZ3tOqSlIdV/A3S4ww4f/UAx8YpNY4c/LlL9NuCcfpHyC4zwRFrD6odCSk7BUT0BU+zxOBDpQDAHscBz+YYTbb3cJ7iGYg1fXS6wLJHutf0eXYF5VNcc80SISEfbR+bs9t2f7Dg==,iv:3n+EDT9TO5VxCS6rXZiNKpxtCWeCDi6YT3dQsrECNmU=,tag:ysWwxhR1JNJ7WUM28TIQig==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1lccjvj9z8de4hfrdeumm9eu7awef4d9jygv3w7zdash3fhv6e53quy53wz + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5cHMybGEzSkNJbHMrM3dU + Z1JNZktKTDhYRWp2UG42RHRSVWk4ZHd5a1VNCk1YLzBEdkZJcVd4SU8yRzFYcnZz + N0JWRFlaNDlmYTRodzl6YzlYSWFvZ2MKLS0tIGIraHBBM3B1Q3pSTHh1NjB1UlVo + eFhuZGtmN3doRnJtaEtBQVVXZFF6dDgKbdF6mYi9L5jFRWoQ2gI9cf+gqcHzlTXY + tLgbNyHPNgxDdhgZwfEWO2R5RBA6dDQ38FnkoNe7/UHRlkCO/PinGg== + -----END AGE ENCRYPTED FILE----- + - recipient: age12aukzah0pt2rck52hwn08kezyxueqz2f49ld7hpyuzmu847vavdqkunn5c + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYeE55VzhsUjRHYStMN3l6 + OEtOQXFOVnBGcTBlK1djSlNSemJidTBzNlhnCnBOMnZjSjJFeUI5cytBUFM5aUds + TWpnK094Wno0aGttVkhxdmJ4blJMcG8KLS0tIGgrUzRWcjIyS3BpRXcwOU9QOS8r + KzVaYjdxMDBzemVhYnVzckZyUnp4NXMKCBgjoBgjhC5s8dvBlo5auBymEXnSXRWk + g/dMA2ibHaR90DcAC//Tau9dZU64rxbKqmUXgBuT83yPM0J4FAR3NA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-12-25T00:52:22Z" + mac: ENC[AES256_GCM,data:g6rMFoNx35MN495v1jKB13isssJ3GbKqyI7PdA796leFuRVgAlj6aUBI99vX+SpA1LpBYkUOu6OeV1EOHtpKlchbS4/FnO5oM0AOpoNux9yjQbeC3CM6soUzHn2+cJrnGMlgPC0sX0kcHVTFKF1aJsa+uLlkKD+F1SSJboz+P7c=,iv:i5I8FDU+j7l5UxgurA3Me2b/4zE7W1Ck3ckmQPqKWrM=,tag:gZCL8bo1YVoLZlxjyTupzw==,type:str] + pgp: + - created_at: "2022-07-15T23:31:00Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA6j84+xkv3y7AQ//fXotd1bN7Mu6+/bEq4mSKH83dnLG83iYknGQeoNA/R03 + O0y+QMlbOlmxdsot7gV6f9Ajnt7FTJmXBuIzo7Ji6lFWSu9ZUKk0JgXNTpap3kvz + IQdBv3YTeYuJTJjPZ+xAfftlCbWhDL5kvvEK64QCLi5iLsAdW0wiAwONhgAflsWu + UsiAqkla7JDmFRLu7AbybL0WPPIGbBj6eLws0b0VFSe2kxzs0ccgWUXuRQ3044qv + jIg+HMsBiyYy8c2U7XeiJkFDBU5FYs69ipq0TukMfds21ow5/gH62PyNX0Yaqcy2 + T5tdW1N+/bRZYUgpQNusbHI5XO0dw+BXQlwOE3JsmgA2jYKomk/cPPxijrvnRtZC + SuViKAtsrjZC4cOWNVtE1Qvt1rSIbvnV5agACypLp/RJv2bQ9zWFmRnhEkO+/j6+ + +Fe43/Fwc0GPastLWGGUXxWX6/fgXI1vOKWOunKrKyEabatjyyofXtEK27WRaygm + wcVPilOkpk3ROmB3OLgrmWt812a2gP5pMIPvVcB8TiVibP6Ope/JpGdvGuQ2pOXE + 2vst1t8ScEW/NOfwVGVhbhZC21sozv2M7hCKnH00YE8uIFQnlC4GATazYWIx5LGx + aNJZ+5BdSeuQC/8/jlbVVjKNZeZ6vvHeEJIq2+zD+s+moun+a70V0BaBwT5zCcTS + XgGLutojrUDSR32vBJsIlBZutlb/VDKmEhJ46FbZqmgyEbROs4XXmE1Uarb6KVsc + 0MwpZc5YEhBqiBxX5WmWpSnnzRyBomqVIk/EiGjUiiUCRsqt33zgNxdyDJMG7LU= + =n/8W + -----END PGP MESSAGE----- + fp: A5EE826D645DBE35F9B0993358512AE87A69900F + - created_at: "2022-07-15T23:31:00Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA8zMZ+ak7y/zAQ//WSYieHrh+Ec9cVG+bMikwbfb2hmyxeR80QskX9iWTx2o + DwonZfA3gD1Unwixeo7bghFSULGd319+Ojcptr7dV6xHszq/1ex844O4j02JU39J + f5hG3flWw+K71b2hdT7kVvMs+FPuXnbMIVrVtUSM5H8KOy29Vu1CDUEzPU0HzeEz + KKfGsZKp4sID7KqLMV1wO/yZEL2v4QMcGwPuZYP/iq1FX9/bTp8cQShTm99k5d6i + 5BO5IcfrFbY4TgtJg9yjz0aGTfnDZ5915Y5hRfc8vevrsvOeEfRzDEHy7C0/qZtk + xF70PG29GuULqpYiIzY1HpeDWk52ZuIVrPTtqkrjf7ECxT9LckysLiuJi24nM22w + UMilXQVdWVu73OdOukK3uEdHw0skR81x5cgHH/KDmbToIFE+ujA1di+RKBZup4vj + dZkb7evi9oBRjFtrvi7Dg7Nz1DB3ihAWBRMp/jwlOnXbpJQc45snRqzsrF5I01zi + 2xalS7NukeykavqFK3QHCPJmmq7ByiuuVhX9BBroA37oit5f5guM8ohrer8fR62H + b/eQEMhr4VRX7OziNO+Uo06rytwirSsdOfEarEN9qd0xqfTibXv95miAraKC0Q7d + kDoJE1Vi0gCOHAkmLqP7KlWwD1bNZD3oT6zIPoPxPviay8vh/BHjo/dZ/VUA9R3S + XgESoUbaDMYy57oWZ99XJk1vH9WgjSGASLb8LTnlnVXQRKk+jUFO0idKmZI0kEJR + veujut++plGF+K2AFDVi7Xc0z8qneVgVbCpCIQ/0f3AIVaqATPbPq+bs+UJfqnE= + =i5Td + -----END PGP MESSAGE----- + fp: D4E89C6A0A58EE803EF708EFA9B23715F7AA3F1A + - created_at: "2022-07-15T23:31:00Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA45bZkLXmBFpAQgAietGjKoVeI7dRI+RnN2RIrRYaKcar7hjEp5OFXsICHGR + FIZWtaXJQr0/Ds/Vk6n6Ynwj9vXEgIi6VKKfil/OKuwKcAj0Lh0B+xSyIywyWaEU + ghZnf8HXlG4NQ424PEZnM3FbgWP8VkE95kvz7JpG4tAnZsdw2BNLrruW7WLqmfnT + TKNf2K2Uja4fEKKymOOsF5m8Ch+W7ZBwZdkwfa+yj510ytDBfxuioKBR+5pmWLBT + U5gNp32WwvEK2vmHmKh1HAg2I0DzdelIMWewIs5+RbNMQYqBG1UFEU6Gc1PJLOe0 + 1zc7BTBRPsMDmlxWssxGnYIkidCWkKWVGYNAZP57F9JeAbnF8rBXAzEHiFaXtGxI + wdd+6Z61Y9s5r8xlwac8cBw8XbOgQF1rkq1MbaTg52bn2K7Tt9qCvVNASb983l3M + yn3AkV6uxcDODX1Fp3DBDY5+xQOq8rRr/VYTLJTC7A== + =gHTB + -----END PGP MESSAGE----- + fp: A4B0F5A80C2E2448A97BEC25BB829C4DECA6CCB9 + - created_at: "2022-07-15T23:31:00Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMAwMCBBrc/JA6ARAAoq0Xv9kV5puxY9AYzzSNClxaDoTrADq//TpfSanpZFoQ + ji8h6sVWuU5mlXe8Mlw9B2Tra0fJoRJII78YVhn2h+/FEPtEQBZ1H6WxrQj50Ydh + EHz8HtDKIZWBBiMaqYnEwhgdHWtbY8sAZXOSmjNON25gp/MAbpjlAlInwkG4AW4+ + gOq4UZ4WMkziWzIdUiq4y8+4pmZz2AxMj1VGB5jNIp2ljJGKmYPjRtcg2bIz8Ifo + I7/7PEac/UChjEqgKeBPVOQo80+1cxNhZMeV8yGtW7izF/Y7E3AqjxH9HYwcN4N+ + w3lL7Pqsb/EJHjtdPj0EroxCbkXCRHjjYvk0FKX16TIeQ/W7GD1XPit+ACNM9UX0 + DNZek5GP7QFen7bxIppHjiUvY8BMW4dwXghXzwNgyvt22uYVnPCLFUXBTR1yyNZd + 8V5QYUvcYdnqCtoBc1P0MBlPDeLsjgeNPE4RMIVE5x5Y7ViMNvzMMsbUDaCZ6u+N + abJVsQiTKrgFYMH3anc2S1a0uHsneGeVQ98lCSQOpkAZQQTazAhIBDDPfSRYacL2 + X3Nj6foYbwkx/Xq3viLYTPOUgOZdbeBS5PHED9Hp0xBngym9+hKuzkkBjKnnzib1 + ogXVBAY+z6gsVh7/vPMK8MEPUlKyOtBmw32P8whlWUIv5s73JeU7Iszm/07nKCDS + mQHUQU2AfTlexyNNnoRrUtCF/X0lFYdpw/6RwZc4ZfwZ5jA2I30IgSLLrFbsRCCa + oF8cp4Ayp1NMQF6fb6HeG0vZCO0Bc3O70J35BjEL3G2SE0xzSB2qDS7X0nIHoM/6 + w2DrDp42jW9+ptoAX3BdF/sBYMULgMUjWkr5KkwDhT3s8vJxwIPJbiMmWTNyKMpW + Zi7P5ipGQ24JBw== + =Itwc + -----END PGP MESSAGE----- + fp: 4F9F44A64CC2E438979329E1F122F05437696FCE + - created_at: "2022-07-15T23:31:00Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA9XEenRNYVGHAQ//QrGHh4qNuj4UnHdyqY9U4cr7nfTrlcpS7DxjfxSuBzIM + GyONP3igncH3iPChogLsRRntzP1vkUpgxTXSsY6vRO+ptyncHN5NnAhf//dagh9R + cCyGC2FIFwaee2zIoQroIdo5NWsp5ZS8qfQTjwVZjy3REwm4AGdG95ucU3tpXgc2 + pYZi1vcP22MdzTbmvtm7Zh4GJ2JXdFjj6G0UJa6V8NOL7RQYzCtgZI/46UzTgtOl + PVwAzeRX0l0G3yTEhn7XE2tjCP6kKOz/7ORzMLF60Vdq6cBOLGKN8NiERxHuy4Af + 7fqLyE2sO7dCaCdRRlYd/on5tPdSDhu9eU2ff55M2xjEKWZ0Yztxivd/5/DCUo95 + 3HrhAR0yLnbLftvd2ZL8ahXrZrInFKHbGhreHkSKu9/74j47Xy+tl75vrJboUG4g + adzx8hrPX+1a1I+tJXSVKtpnFciKKzvHLK62dMetPcJvtldkRcfpY12TPcOvUsam + cKAp3hGckf9l5Z3b5q4KLRrQ73VCmxNZ+lF8EuGpFZ5vqLFfG+Y6DyqDS0FNXGyR + wBXx+Zfsx5pfBHhVxiXyzHhA3l5YgYkcuqgHYOIZXp8D9P7UE7R88Tm4f/knu7iB + 9yY1nV4w307QSm4xBDdFcPP0e+39sSrzZrpER5bhwB/D4VAMJVF+J+BbFilwgorS + XgG3TJG835a9GbCZX1203DnjeKw59jw4WAhRpuyL2WN/3/y8M7fRWvQFsgQg8WTM + pen8p+QyRhpjTNFlgHjFHAeyDaqsZRPjepuC5eMIWtNOYoswnL89eZDJ2rLb990= + =GzQi + -----END PGP MESSAGE----- + fp: 4B12EFA69166CA8C23FC47E49CD3A46248B660CA + - created_at: "2022-07-15T23:31:00Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMA/Z87ylQaotQAQf9Gu0JS7KLgGm0Gv83OAw5PqEIrTfqELE9e84WCGJVvoLb + UKZwzzPwJNHA0EgH5phKOWtN4WvqJtUXZBFbYlky4FyDyCYBolniG2Bt3dlapYje + gB8Oc1+OoMcK04o/jTmrN6XBk/Fsm52+zXS91VN6zmyBiUQRzwEaEjq7c80fXLLZ + 13nQwKlYvfRcKB0uuWXfIweHjJOuErAtCuDJ1mZGjnXjJBZdOrWJHk9T+yFLxIRv + 6QkJ2focYDDwPleaAmLasnTgXwGaPg3mMDA+TLbz5G4/pdAiFmeEdysQM986uVJp + RpZW2HqOTYxpt66VsSfSuRPg9VhQucGmS/MurG93GNJRAROdyA+ngHCvJcfTnkjv + M0AEhOOlX4eIiWPZR5SqVc4RQ8lRiDn90IW7Xx+DUvWadMct2iC99TT7VU45Atgg + 86TZYUxHzvAEmDrxRB3jQ+kH + =shWD + -----END PGP MESSAGE----- + fp: 9EA68B7F21204979645182E4287B083353C3241C + - created_at: "2022-07-15T23:31:00Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA9qJIVK2WMV7ARAAt25Epo+mAOtN81sTWco0wJe7ug5ttw4amOMjgZOYEpIa + u5pPv4PBMKsJTMXSht6jWhSVUbNwFcHNdRVhGSz2BI7HfltwsKyd/IwazKC8ZNIf + OX1tlQBIRtDFt3uJCxYyTW+PCaFrVQ9hRD/BkohOUBwhr+o2O1to+syhCXObr021 + GgJwYh4R5yMI8Xg8uOA+pJ0Nfrs2xPcmc1XEWfIoMGWHF6/qTXyM4WtZP0Z2R4R+ + fbjBYLvecPxtrt/q3hTQAQqspyDgiZv6EYJ0LwIlC/mB9sDYsVn4B32LrVh/VWiE + u/8QByU/msAoXdih+1yLaW4CZuQcKjTS5MlkfBph8ThLYUIOtMFYGYRR6g7wp9jF + NLR125hMxvSumU9INHF0Fx8M5Rwl0ThcKAxjaNno6G80TcZl91d9M0vbqA5To2bI + r84nvDhUpHf1r3XDeq9TKF7uSHGe3XbYJoNV/oqY0s6urdLjfkeyADEMasY3U15Z + RNbPzfWtZ0Cc+xspclB3KME1vMf0jdTsZ/NDENZIjDmfkEm9WjsJ00UhiBlCW9CL + BfkQr+cY3yl9PR4IuWGtIHhbkf39xfHpPXKvH986eF823bLXwNZMX45Z4qO/vdqf + zUxQf7igRXWIrNG0ajlJjc0laDwjF0kj9XliQWaGqXJqRIb13g1KiITejqX1UDfS + UQFdCm8iMc+sUHo0xr1H/KsKl5PHMGAPCi7j7QL7ryvZIeBBOiKM6th+Zv5utKHp + EM3PoOk60/t5cRT5CvndlJRBvKQc/34bw7WwRZGy+9oYyQ== + =qJr9 + -----END PGP MESSAGE----- + fp: 53B26AEDC08246715E15504B236B6291555E8401 + - created_at: "2022-07-15T23:31:00Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA/YLzOYaRIJJAQ/+MXAF0XruiPUMRxkok5VKbGQ8CEGbMWioZDg3RLAux4uO + hJfrlA/BeKmCJvVNB884arkyZo8xIQPdl6dEWMyPvvcwANZivTFaHHZ8vetiEMjs + UYb+pM485dogn40stdbfcLXUqXnWq7nGyJ09e4CdEnvcOGnnOpozg11ko/44rPkA + Fqly2joKJZJXbeAlJFc1vnmnQxBWZzITK13IfJan0W1IyDHWrLn9q5+O6JgXpq5z + 8Y73px9ubl2IRU8+3IIJB3Nkp/NywdG6T0uhpFqLXuAkQ193cBA9l8Yrz9h+f8VJ + l03Y89lEzAXKW0nsQMm9K1sXR7rRROoEMYelnqhGvCNxlQslIlDSZyxqDlD0yRsy + uwKIjRb/w4dIaxF9KxI21xAadNF/pTI2Kz5LQ2xCaStH1QervjQjbYlFBquXr9KK + NmHSv/3QD/jyKHQEWLBRfx7fYYyF+SFCp9LGDkkb4Dw27kwPHzJM52f0lKwY0dLY + y5/gjFzjUqxTKlOPkPxrDbR7pXkA7IR2oq/6iik8otlUMg32EOG1+Mj5UBg4ggrd + lesteD+x/3Op1AYB3NrDEK23+l0Vx06B5MMG4x/iHhgSI3ZdJguKHyXa0YMkkgL+ + 7WI+Nsb2dFlcnVGzCxS5M4QwTPdpfNXihmpo/PpCe3Sjw98+csnDmlGoQMXOyZrS + XgGsAxlIUusGvCusw+As/+Gstw7zN17XItmayjgtaNm+x0cuYAqhNe8n8ItP+J4r + Pzsm5iqs2mrO68WKNaakzwEvLCreFJComBoifaUHeHd51gT4AMllDwPKmO9CHlw= + =UmVj + -----END PGP MESSAGE----- + fp: 91EBE87016391323642A6803B966009D57E69CC6 + unencrypted_suffix: _unencrypted + version: 3.7.1 diff --git a/hosts/containers/broker/default.nix b/hosts/broker/default.nix similarity index 100% rename from hosts/containers/broker/default.nix rename to hosts/broker/default.nix diff --git a/hosts/broker/secrets.yaml b/hosts/broker/secrets.yaml new file mode 100644 index 00000000..06133831 --- /dev/null +++ b/hosts/broker/secrets.yaml @@ -0,0 +1,184 @@ +mosquitto: + users: + zentralwerk-network: ENC[AES256_GCM,data:VeIDGMe0+YF6eLkTrBsQLg==,iv:h7KcZusBsP3QOWZWhOLOQM5ID1fWdvPkoEYLQn3XruQ=,tag:rcd6CiCauV/FQ8Y6+8FEwA==,type:str] + services: ENC[AES256_GCM,data:IJlgEkiND/QjMqBbyXmBTw==,iv:sATxB+Tfr9pLqOCY/jwAjcxaKCcgGhd/vga4e3M9N3Q=,tag:TodfF26KquW3F1KY9R9Wvg==,type:str] + consumer: ENC[AES256_GCM,data:m1ae+G/ZsDShSEWnHx4ShA==,iv:GBTRpJbSpnRYjWBttVZq1Qm8YFvhKZfmMwhCZqqBLJ4=,tag:/6uDJ6yRBuQwgPMVyXRQfg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1dj0d0339f4law7qvuzcv2fs6sf8why63s3l8tja0f8vsj7wefcds9drvte + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjMTM5QjVHYjhUR3BoRWQr + dFp0ckQwamJibjhSSUt6d0tyYUR0QVQzNUZBCmJaQ2ZmUGtNTi91a214cjJOQXBh + S1U4bkI1QVNJNFhUK3dQdVRuVEhDVUkKLS0tIDZsSFo5MTBoQjY3N2xIVThUczd2 + SXZGVDdrOEhoTVVFM0FNd0c4N2M2OEEK1iySJYxNPQWUmTz0HGyaQR+QpE8QBRz3 + cX1805lK2KsOvlxs109B4VA2kK0zGRdLBKyZO2zD7/2RUIPaLyssvg== + -----END AGE ENCRYPTED FILE----- + - recipient: age12aukzah0pt2rck52hwn08kezyxueqz2f49ld7hpyuzmu847vavdqkunn5c + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLOVhvOUtQdzJwbmtwL29G + NWl4Q0EwVXFGUUdZMTFOZFZ5RG53MkpINGtBCnlvWWhWeU85Q0h6UUFIME1FanMz + VGh3M2hGeXB0dzVFUTFjV2ZaRUUyUHcKLS0tIFpCdWo4WWRhdUYvcndjUGttWldh + RFpaTGlGaEZrb0YxQzlWeENaTWE1QzQKR0a2MYJJKM1lYv7BJOzzb4ppS+BPnoWZ + mVmiPq3CEzzzmus61dUd+i9m1uRn5cf1jmaYxV2desDsU8l08ZOnhA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2022-07-15T23:47:48Z" + mac: ENC[AES256_GCM,data:bf9ppcliQSLegGRvBaG7iQA9dczdJT7jgM05T6JI3gtgba/hHwbIXWHBfXC3qdN/btuDrpokZXRSma4mAWTnDIbooyP5quUBMC0TS7lUqn6yR+HmcSohhCJ1TXloTR8B986AqfzgWR7Z3g/JdlAJsq+KKn7y0whWsuMboS7BPL0=,iv:vbGoy6AzqVgr2tr+aJOZBITCDOZpF9PolweuyT+3018=,tag:6t/CYNM3i8oTUB2S2Q+U5Q==,type:str] + pgp: + - created_at: "2022-07-15T23:45:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA6j84+xkv3y7ARAAqja72tbrlSZ0dvbXjQoHSThkoZw4fD9r/qGoHh0WgWij + EC8TvA/EQgT0PM0LmeM5sbp1gDNmA4g3GuLWCuHryi5U2GibNDNjmx1eTPR5Ak6Y + WgMkP8jIy/X0FxHX1d2Ee7RAYOxc7tkXhTjqCtiesGLzzzRna5Hl1huHbBYGxdsB + rmieaRitx7jQFlTaox/Rpk5iNvZwxo+C7XJmtfY9gNn/lYn2lYQW8OATWP5uNhBH + jG/II/2K7yQ+caK93C7fOFnzOD4TAAlyyLji/s72guZC5HLC+y3krOxDCaxVuzCb + 3VcvklJG0fmemVOuAvh7o0jazfEVsPPz2Dc2JFnliLQJzpP6N3I7OWTxNxQO9Dql + X3oBY41/17muMGZEkr45rEnhFOajWUIFPgFr+u9q/XusjJ0vJpuGQL2s9UeZpFXl + 4YJgcS9bHhMUpmhDuLbTPWzSnpcRVTm+BahdrBLBcc1vOllclVySOcgHkil17bCY + 4ISYBv5XEUt7v1CqrmPm1Kvwl+uAbJ7K7Zt4IJGYU3Y0LrfzUwaa0f9d9pdmI8IX + iAGsoJ7HLXka4GQ6eT8qKoBHGUchFHcN8T9/hC6ljuSrbZAD1c0TlC1JRmSdNdRd + +dyh+aYGf4xIFYMU8mE8dLq0jeo6+YHPQnK2R6sosgPoZf97laHs9il12/BHTS/S + UQG89GQQmyyJYzLipfg/MoT+HU0W8AuCwPA5ZRh5yhbeE8uQaKgYWe4VxTd0pB4Y + gzRNbyku5KPuknO0jDPhkcK/D8IVBxQwANrCYwqNh844GA== + =fNmY + -----END PGP MESSAGE----- + fp: A5EE826D645DBE35F9B0993358512AE87A69900F + - created_at: "2022-07-15T23:45:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA8zMZ+ak7y/zAQ//dKe9+VPLWfwnhq3gNfKoEPy1T/ra0yp4LDVO/qunoNRw + Uxt/N8cs6y7MBO2cNAxiEPVT4eBBFjt4m2ziSBZ4fa9jhSBjRp+dM7aNj3ojBZjG + v0sTDfebiNGHXSMypLMep5oRSbyKmYL+IJ0UdPCUOicIYYMCs2g3PJW3vwKGSBmc + EncWZqQ7A5T6ZBbZQYj7bKFONqsP8IRxKJJ9CE1oRWJOugyuu4NnGUkvBniMINPQ + j763R6oRXiSvFf12C3wGUOt82So+om8smBwNYupoYZQbpr7VFJgfAO9j4eLHvbXv + ZnaKQupyCW3PcHjtBoduZ4IzRkdfXGwP0oW7XS2/oM5WyKvKu/G949ghHkD2ZNHW + daFj3lEq1SqAiDMhyQKsEQpUTeGGKIyGu9pyEHuaSieqTBsLAZAPx/Pcz0p/+0Hk + kyjhYbhWFDd1QQezsJqZi7DavKgzxdA7H4uQYEygCXzciFsT3TB3203CLthI6bHp + 7HvtWzXNfA7JHNYRm3XM1Au9qm/e3RvuX/r+0wDfNIP+9mlXaBnBtIdOenWJv7zK + 4+PLNSYxLRmm/YimGpSP2dB45lN3wHsyUIzRsiz2M44mkBlCKUFgMBMonSGw3kyA + biEuntTQ2rbQvfxDhPk/XNrVBu73+CjcMKpmJ/AzwIEEUmSpQMzrckO0E+ADEyHS + UQEIvmnMKBxGGpXakpwcTC7LrQjSWrbzjwBiGqGchoj2mfuKIXAWtjDuyrz9f8yJ + o7c4Tmrzdr+KEZLri5kES3Cny+c0zDQzeI/FlpjLgtO4Cg== + =65BK + -----END PGP MESSAGE----- + fp: D4E89C6A0A58EE803EF708EFA9B23715F7AA3F1A + - created_at: "2022-07-15T23:45:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMA45bZkLXmBFpAQgApl5OISWFwp43XBMIJyw20UKl5TL/CpV8ctVD87z4e9RB + cbgb8/phlJYMI2RhaDATDFwuKiL5R4lCJoUg3cQsHjg4q/DCyyIDNoXS2dIqT92N + y3AqQvM2qOeVX/lX0gDKd2/mb/lQxN2s9/n/HOXDTTvbr68ygKa0YIq7oMhka4pd + Zvw9ZUC6q3kU7IrhPB5UFQ2HYqcyTB/ufXAk0FwedRGTVU1783xv/iaBVfsCdraz + 8DK5mhOmE8Ul+zcCJd4pISmbqF5YAJ0oqfveDJnLC//sGx2MvnNSIsfOaK7UulgZ + fU3sQfoYOaJnin4tpUtDTNn7p/gYBqzpyHOjl0EL+tJRAfoQBcEK930n8O8+ssCQ + +N0mAudkaVz5wPQxKLF479uNMIKI2Q6DZJl4csJV+kdcCqN6d8QfzckGau5xiHta + CqKJVCNE4d5ymecnLfUKFMpp + =sOC0 + -----END PGP MESSAGE----- + fp: A4B0F5A80C2E2448A97BEC25BB829C4DECA6CCB9 + - created_at: "2022-07-15T23:45:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMAwMCBBrc/JA6ARAAvgT1bBC6OLZhPggmW9SgxHE3dfEObpCgXEzkeSRE0LDb + ZSDx6GjiJ6c5YfMGVCA5fBTPBBr8WTmGwNK7LYErJA1sl+5L19Bn+d8tX5AOIPNk + lFKytLAombJklB0IZM0+g9bKv0X56AgUjZYmbIikFnGWZGGVdRzLzP527LGDAuJ4 + gyeHYdvQqmjlAJpjMr/D879Ygcz/FxF2dzsZKJ8G2jaOY0Mi+B17IDzQ3wpUuOJW + liOnzMx1bKnlAMm7I+q+YdKav6Jg38km8qCR9cWlpUM67Xjf34E9S4yZsZW+2V0K + 0ObsnJhtU7+9vs3VnxSnkAe+VcEOGvszjtBPjl6KcRVY6A0SqQq+X6Yj2ZzkuHJK + C6va72MkCJOcDJASMqoe/zAJFE9zAaL3x3bpNhVRwdtOk2pcW63KOAMmUbsdcfpS + eXhmHdm3D87QRvbCJgjp3zp9OlChrnGPT+uj72tdP5UNQnncjelBI8dCBDg2/Dnm + vcTG0bOsuVUFbUR1zLL4K6KKHYIapb5w8tr+5dvNCAu9qjrVjzezxgT49wDF7Y6M + 34ZrnmnbjvOjVP1NcavAoIuHJ9Jx6SQ2a76A3IWno/IJIGUOH5nFphFn2Waq+ZH/ + Mo/e6EjZqKDNsDBBhhNNDbyrhc3PUW9Wm2uSVEn9cfvYpj1r7zSW9cKX4/TDerXS + UQG6nc1I3Ckak81BKRDXBFZkTMczYogqnbM4FcowGNWkb7IQt0ppamk7d1W2/EwB + LzRUDP+ddYb8Px6zmfETxhSeH/o/BBBbJOkvLNxGrbGZUA== + =p+ZT + -----END PGP MESSAGE----- + fp: 4F9F44A64CC2E438979329E1F122F05437696FCE + - created_at: "2022-07-15T23:45:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA9XEenRNYVGHAQ/8CeNT3oc9OIqlKB+2+gozhiJlA39Heepzw4UZMgPI+PSo + uYVhX8lov9xmyk2tgCbwxl4mL4iCXq3MNpCO5H2zDUTKJxy4TBeRxHs8QjRrFk8h + Eh8YKWoukjR/M46nLv4s5y+HTZAb671i5Yk5tgkLrjyGZUnDJIbjW0FafVbUFRYI + ykGHxypw3bZ0PtI+PAQhh7GmsbNwX2HvASGFUc6oghGirJUPGn4tFLSDQQx/+JHg + OWi8frVD9vPcJEgD3yyBI/RnYTnMQmzJM1wvhH7f29IS9+h9OvGQDhY9fKh9HFOe + oVBcilRzl3IACFSc7wPcXQ9VzM+oNb4q1zo4ChejSRtU31F4Ufmgvu9wPKvDXkuI + V6XmBx2AC5eDn5aU/4XE8gaA7lxFvP5xGPqv/QQJrV+L6mcbK1lxSLUy47ZSd/xl + CaqJ5X9G3b1RvWhJTvOpZoIE3VUeZRVyhFpwFs06CnR+pxjBo9gHNPjwGcRAYkKT + XSmGeV26o90YwdJE//RlUIKQ7nS2geFJWttwI8be8CL5eUBwOaBjEN9ttiGkBJCD + cKH3SqjpyInwmXmiJLs6IWyDfcEKLP2wTaxeecRZsS5GjAa5aCOk2MNcpANZq43i + hcXsfvhNNzHOio8+0qrOjVRqdPFrCM05UjDXrFAavQ/O7WMTDBhxvO8g1UcRFRPS + UQHUPsBTibeIc7OI8w/xn1lTUtyJs8o37ZBqD6YgfmcA9ESvKRF3BRxtN+V4pMP9 + ZDUAU3EKk9pKNtMP1gkALZCFcNZVU1ej5bgoDRqowRq4ww== + =TtKA + -----END PGP MESSAGE----- + fp: 4B12EFA69166CA8C23FC47E49CD3A46248B660CA + - created_at: "2022-07-15T23:45:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMA/Z87ylQaotQAQf/Y9Ee7T6j2i4HKW7jejoUxv2b2pI80iCHeJ/olAvOUFi6 + bO7i5OcxDvs1gtOLxMZXnj09NQUXkMp8Pvzp4g4VkL+/wCyArE7vyVh2VW/AD1ia + HAi3VNkVwiX+prZjvUUs7xumMGT4rJiGw601Ds8jVSdIyQt55hd/AKq3n4VMf5MZ + BwDZbyuSXpSMYCRlTiH72i1c0lhBOG53W4BOEPGv0sRh4ngrZMDh7BtP2OAVgLE0 + mHKsTh5loKVsQSfQMGWzIwe/wXkRuiKeBqqgyanO/h8W7PGEj1hTxVRP6zOu4tn5 + kZWr2U9L5La5X4eSVYnJoHMyhvCOn5PCAODldtsrZ9JRAYBtCSriMIS39Qnu+1XX + /Anejs4yrPXhj1Qf61E7IEaRx5us8d5ib831WsJ+Krheq/FUfrb16ebVpR0jdBRd + 1dVd2PCz7GP+O1jZIMEhDQSX + =hsLA + -----END PGP MESSAGE----- + fp: 9EA68B7F21204979645182E4287B083353C3241C + - created_at: "2022-07-15T23:45:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA9qJIVK2WMV7AQ/+OJnw2yEBaestKxnyNeUlFR7uWXiCdOl6EC3AcxflnDBU + OC6B2ujd2C2KsQPBVpfRTY5CvxpZ2YHu1wu6zTRYnoieMGhQ8FNDoqCY1Y2BtSOF + Nn4BsXKDnbqaSJc5uxsIJDbeU8PEJuWGCeKwnMQlK9oOAivmXyWOJaPTLcQaoq3I + 2QEibE3dOk0qPunN1Ejiyi+wy6jT1WpZQJom80ntjUCNdSTPZhhCcNdsxhDev6Ok + pF1ImfyReeDQojSByQ9zAC2dR9JiaJUJiL7P11Le71vFrWClDJ4Rdh7MNmMdu2Nh + a6NsPmbe3hbAtVND7XPxAOIndl4PttJoaWj5u5gFwGd6+jmiiQV0p8Y0fB3Sh/3e + JVauSnLAjYX3xUWvLtKecr4WJhUH35cXD9uGkF12XJE6KAxYku/TCAbG3xmBsvKI + jd2eoWMTj6qyMXCGk2vjByq//M2HkKi5VFzuWgxOBkN9WbNZc8xVaZg+jAIBt90f + xE4fLf6FqhMuHtCPq0LzVx/DNSB4+/p+ZdQz/TAvzsIt57l92tDKyHO1UYXn9LkI + lNN0JMbUXYBQ5qMHSOxI4vP7Ct7VAn8ZHUsyo5wlFLuYgYvPajFbHeT/3GEH3YEr + mkE6JBORTUn8jet29RXmWHs1/CFKYD9cEV1KvYJzuc+C+ADYBurEKej5IeeHZrfS + UQECjRI5ggBF9lfvptswB8iVIavEeKztzOsZSgQm4u1Yr+ln21frn4Oq5s8ycKJe + 9VEN5FgmMQ9pWJXBlu/I0XjRODXIcUj1Rxr9Dt+RcYOqOg== + =LHN4 + -----END PGP MESSAGE----- + fp: 53B26AEDC08246715E15504B236B6291555E8401 + - created_at: "2022-07-15T23:45:57Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA/YLzOYaRIJJARAAnXdJXHrbl9k7W3MmwaLZP0fsOUQ5CUl6NAwP4sHTt95M + 36CeCskem1KAvT/5KlTnxi2O5FkMaYJGd9cqHCmQ1YLRWVGdZ4UAjuY0lr8VN8H0 + S20Cn7E7eBTJXUp04ndt6ghwZ6QmVPRbrk4fLtquyZduudnem4qdL7LigZ/NxGvd + COWSCAhEYlWxDb7ZlYoogovp01qqK+d7LIj6IEL7+k3STi3OWQa2xYNFXMKYMALK + MtGsJjKbmUS9UCnq/ccoIh4unpJwkaYVZ62PeNeYEm0slfPUPOI8n2N1F5ICnrpg + sXlOaP0SoZ1bysTbNrghefziWnqwMocdQk6KyaqErhe9rnPXxPIEfQZSFvR7JvbC + qxM5RFX2122lzD4qrgIC+82u6zEgyP/bjGLVLZZLsHVkLLJXkDTjrKmJrR4tcwPZ + gK13HBNZRv92mi5CGBhH6k/J5400oI08QH4XN6lCAvSrWJ9hrOjBppzh+ZmbQjLN + 6UkBBom+sshyAWbdHAyAoT2uF0T0TQHvYA9IjixVb4Y9vzTkayy/KL+8NiHWhz+/ + 1H/0Dhk6lY9sbYRUG+IzRzJIy4rOOibeGXMRI3GXLJQnZijxngNwmsJQMnszV2d4 + kBzFCYErx3zRwhMHkLOTqcQ9d/dYrnO1rLkq/pis1A3Bjy6dbq7De+xG440fr/zS + UQHshLmiAAZapYqCEWFOzvOfC+kPM4NS4jel7xJ6Ji1jlg4SglEC0zYqVccSzrfy + rSfJZyAAN9qFc1JDsdAyaJLxNURVwNpKj+ugPCVtLixzPA== + =/TYd + -----END PGP MESSAGE----- + fp: 91EBE87016391323642A6803B966009D57E69CC6 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/hosts/containers/c3d2-web/default.nix b/hosts/c3d2-web/default.nix similarity index 100% rename from hosts/containers/c3d2-web/default.nix rename to hosts/c3d2-web/default.nix diff --git a/hosts/containers/direkthilfe/default.nix b/hosts/direkthilfe/default.nix similarity index 100% rename from hosts/containers/direkthilfe/default.nix rename to hosts/direkthilfe/default.nix diff --git a/hosts/containers/dn42/default.nix b/hosts/dn42/default.nix similarity index 100% rename from hosts/containers/dn42/default.nix rename to hosts/dn42/default.nix diff --git a/hosts/containers/dn42/routecount.rb b/hosts/dn42/routecount.rb similarity index 100% rename from hosts/containers/dn42/routecount.rb rename to hosts/dn42/routecount.rb diff --git a/hosts/dn42/secrets.yaml b/hosts/dn42/secrets.yaml new file mode 100644 index 00000000..0e57ac78 --- /dev/null +++ b/hosts/dn42/secrets.yaml @@ -0,0 +1,212 @@ +neighbors: + dc16: + wireguard: + privateKey: ENC[AES256_GCM,data:/2mb6CbeRN3QGPJWZgjjEdpIU9pZIjGDjJ4/AWwhP5+Yj8BH7m2YjZI4Boc=,iv:tCRvqiWj0T/1QtQyMSwKhfp9Myiw7aTm4IFwTCfpgO8=,tag:HNaR0l4Dl6Eath/Ade5mOA==,type:str] + dc24: + wireguard: + privateKey: ENC[AES256_GCM,data:MsEm12ODjVgZEMYn/H6OhRlGuX7xuybGCPc6Nufntl0DlL/DCxHr/8jfK4M=,iv:+eBLJWfnLeOJ2sdjxEO2xQcRQpSVB630HUzNLsY6FB8=,tag:PC1/YDvLb3yrA82NfOAlfA==,type:str] + dc98: + openvpn: + key: ENC[AES256_GCM,data:JIZgOJdNtQkIiTMQfGiHbpSH7cIrhVAKd0cFncg+JDve29mz5vhQOiXLPWneY4VMm589mCNwm1vfOr+Jvb9zhtTjOHqfpnwqJkDn5hqKDoZXxJHoe2s0ENs26Mvk9MkJTbVqcMmP2dS5ZirVkjv02nHJEjbY/wpmgqozS5D1Ou4o4P7pJ9DL7/0qlQfJarbIJB0bUyRKCORX73myBavyRjxfSwbGC2kt6ZxktRoNR1rKIac3isPblRV751002WEA0Gu80XpQRdLbKqJYpBrRpQWFsB45wD/4SDcOVEGZrmHSFZi2GyJQrkt4aa524uETIzFxhmHBa93nZPc3QNTqqeJL2IW7WexS2I29BOw1t3AmrDHyYWCTedyfWhcgKAiKDdtmDViOc0NjICVNjrYgbxIiTWzL834kShV9Vfgh5VR4ic4egqB9Bk2IDy/K/29GTr54TQmE3BT5un7OQB3xAcUMiMxFkdxX60Yp7YcR4Nt/oXpv9JKdjnD/NUZuva47RQFLGEc/uLGnL/T3rOx0OUMTU3MDsd8Z6ZGHEUbDcw6x+dkjTWTaUnfpNWQ8Yh1XovXcLGWMxH4yqGh9vXPx+YpMeBB8N+/HjvdwqIdUIFfjMmOLpdlMaCE/Cf6+1hrUEEEHj4Rtxcbv0Kepd6hu7GYYNw+eHMuiXHFQATu8z6I/Gkr3S+Sqq3zpFF2yvZPJuH0i8h1XVpRXxmd6l7y3swDLFdXJ7YRHeUGOaiaxOGr8KqW8uGwhtNUMoVj7+w0UkgMsNFusvyt+i2YIUk95yHWqmq6z5Ch95KWx6fxzxZG+pUawK41vElyeeh/KjzvtbT+rcWf4dSoav2Jf,iv:F5eYrI28GynapGeGr93HqlACTw21yb4n9oKbzBSql8k=,tag:wHrcZz8Ug++hsXL67mmScQ==,type:str] + dc113: + openvpn: + key: ENC[AES256_GCM,data:upX2+LixRSJOOMF40VMjOmS6/Hxwunv4UHTvxQjiPZDpWzhoC7ehO12wKPrxAogNRdOY7876Lx2jXC72Cb1P+HYehSK6MG9daAzfJMG7Zkr4vjOF8A+wf9bjTDYUpzAUjwXxj+M6UwguW9oqCadC20benf4YBRiC2kXZvHpFURKFIeWk01kORem6yZaILjyq2s3lAntDp+HUIzJalq7pO7C+dirPfwCnv5xHSMak+pZAHoHVnzVDTQDvBqj1pq0qFEJsXLCoyyI76Enx4hpPCklNz9yMRzQCjMjyOnJGBVy7X+a5jwx24y/W8U+GgfbiTlCAXwgrn1YOxAhIxYi3M5+YKktZiaBFDgU9fp7p1qbBPckMaDoriCB6eT9uG1s4K3wE83aB3iJ5w9B+AX+tG1SnumQZmSlbEojKmQpp9DP62O5F7yR8z9OGPGhyA4/P/vVFinGaCvNMMfMnS0L+JYIlxZbMeOvPQG7Zc5vh/gs4uRaU9GsaWIUvjaNyjM0b9MgVJr72uDpNNko9Yg2usT+T3nBiKPngqzMHaMWg6KFboZpkQjFlq3vKGmVziT+kMwEFH4XHhPSISWpHLvpUHUk+bJVqd3M7fPtCVfkmX3gd+ZDSpBi9iyMUJlEThjsv1OdXfZKZRyfExyyXpAhGlLQ5rAszv71HJcNBDtOwsvWFZxsWr7jLxfGN220KMed0si07bjrLBANTgr/rfDWsLKyMvhHuNR16k/+Q0IjFlxDLNvwsRJD1cP86lMuBGXe91/8H1ffr4nXLp73rJOjb+SbTEC9WBS9uiVXZhSaAIIDI2X/lNAaDCPsp28OK5VMHIqrof+7o73Jrqw==,iv:TSy+xSwDWL92CzgiLETiuWqWUJCd9+Wi16BAE0qlbaY=,tag:HFei7QNPMBw0EyO/USxGLA==,type:str] + dc4242421374: + wireguard: + privateKey: ENC[AES256_GCM,data:EQH+LMcWj1JrZ5wTW+yyV8wUQRIn5oYgHv6hwBNrxU+V9iYeNzlAdimy7wg=,iv:XS7X9VtnNgu53qeEFlsyNahSDCX3115WaIZrz+ZVGE8=,tag:kSsRitKp9hW1E+5RT4W7dQ==,type:str] + dc4242421789: + wireguard: + privateKey: ENC[AES256_GCM,data:2HJ5BWDalGUEEytPghljEj1CRFEFYws0LOMtDZw5UfXXVN5n5qeWg3mtKDc=,iv:snawAn6NKRiyGESpE++wyNlUW9Se0G+7FfIVjGOX5L8=,tag:qgj2fnZcd/VqnXeh12tfKA==,type:str] + dc4242421602: + wireguard: + privateKey: ENC[AES256_GCM,data:8J+knTqkqsyPs5sqbzECS7XPugC00/WsYhlFAWU2RhJLOvgTotMhqMfnPI0=,iv:IpcKsi601Nu0nx11esqZh+nxvmZ9IrjlHMmDE3RYZiE=,tag:4V+7g3lmJXH7EnlGxlUEkg==,type:str] + dc4242420604: + wireguard: + privateKey: ENC[AES256_GCM,data:id22cWFEO8ctlyTBVqWHhnIChrIIQMl73RgeAHPQv6J5knHE2jQVvSVNL88=,iv:7CwUR67xZoIGTzSxZ3hUL3lxaeo6MqfEUM7dqkByQ+U=,tag:FPTi8eU6vRq1815FR6X6tg==,type:str] + dc4242420197: + wireguard: + privateKey: ENC[AES256_GCM,data:REqZ58vt6hYnGOKJ+0SNEW1nePrkW3u3HMjFiDFjJeWsUJc7k2HQzJecANM=,iv:+FOk+lDueMvSjmUPBCxL/dS/yHtEiwqQW/rSt2R40cE=,tag:ZbzQ98XYgqZL8wM40lCZxA==,type:str] + dc4242423804: + wireguard: + privateKey: ENC[AES256_GCM,data:O04wJJ+YIbyXgNbr5Z6T1uFr/8xQDK28Hciu1hLu3cf48c4efSro5aCyXYA=,iv:lOoTvVpqb6lSUDXi/EIIXlLjFbd44hCgzmPUVllRrVg=,tag:KHWh1a6JjjSRvYcv2onVGA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1726t33dl7pv3xrxxlafj2sexh7c0jm8pza84yu6l3wpz3fw5dauqxlass3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGMUhIOEg1L0swa3JSeTZs + Q3czQVhvZElwTTlIRSttYXpoeHI2Q3lrVW5JCm8xZnNjVy9zN2NtME5vdVpZZEJk + eEJFd04vaVdGUHhsYlpDWHVNUGJQS00KLS0tIEdPMzhySU9aL3UrMkN0THFVam9B + SUJnYUdGNS84RUlyS0VzVnVjSnN1LzQK+gADsc6Vf6NBYFcfrMHOHQZvzaCX37HM + fGO3TOsV9E9i51QU4lxHWF0NNh6CnIefq4o27a7HLWogc3SBz6TwhA== + -----END AGE ENCRYPTED FILE----- + - recipient: age12aukzah0pt2rck52hwn08kezyxueqz2f49ld7hpyuzmu847vavdqkunn5c + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmYWl1WmNKVzdWMmxyWWVB + SzE2cWpTTXZxYjNodUtyam9tekp0dkVQVlVzCnhxeXNWTDdPSmJBZENoZ3BvOGor + RTNFMk9peVd6T1JSK3ljbkl6azdndmMKLS0tIHRzZzgrbGJKRjFjcGRIaGZzUGI2 + dTBsOWloSXVpR3VlUEJibkRYaGgyczAK066qQW7vu5U0uuLiMVlUfpSovyalmXTs + 6ECD6rHyI61U8xTyAiA+MVpfoRxvL8LkLLMESEGlKlAvDgR2lsnPvQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2022-01-06T22:45:31Z" + mac: ENC[AES256_GCM,data:6ooG3L6RBMn+DZ4jFsmc1WuS7Pu2hkYM74uGu6lxGEwwOqTPXsEAORtcMdTeCL2OtDKZradmMqcGPNJwm0MrHNwemgmmfn9GGHjM44SfyIdApa9H8Gpql06QjpcX/r7H8XXdvJT6YpwBX7S5htO0kyJc6P0435dg275Jl8m8+bY=,iv:nH3Gz/h0Ikq9kV7n0nHH7fxYuDoPHqwZsdLlAngZopQ=,tag:UJVpBYg+7sjiGqODirON1g==,type:str] + pgp: + - created_at: "2022-07-15T23:31:12Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA6j84+xkv3y7ARAA1blof/jf6JUPX+isHSL2+ZmUaCNNvIe0qAZbI3KtZqPp + Sgi8R4BfQrYW5D1Xi6WdYP+q0EcKZkXKty8GW1mENgY751w2+sw0WXIMOwwnIAyU + aLEVzGI4zvDRLUfAaiJACEiHnOMfJ/7I6uI8Ag3pswoLLnqObF01uC/mJ6KYzrLx + eYUaYe2z1b+xENFMp7TrBJaQgrlInHYl2p3rcXdrfA64ZTlZdRFOXE3sqRWRKuF4 + tfkcp1VapgJgdPu/SDDgnfqq4xfMD9twICq2yQVo72C1/cM7Rw2GlmT3qHqWD5L0 + VXuRTdnxkU7Pz07aRun2HEN7tN0tdeeaixZJqdmMvJJbR5hdNrBILSzx/sAKWDh/ + eTHSIKRnvt6RHQ/qCZDKJhvRvgeb+BRSNJBVQFgKALqHDowDdu7bluRgEVJmRybJ + i1MlW0IINhq1ULZs0nud07PTIc8NC0rK5v5RwF8HmU7XShTlfO8XKEHiKBwi8lTb + /fk6j+2rfo1Oa8ULVX2vrVMpUpsSm12iaiOizoFRK3nJaFPlLk3VfC5FzSqFOaiK + zWgOv5k//CunYpshjs8cXS00PdZ2X8xzubUhN12Awk6D4+bYFAFQ2giTRDYBfriR + IxtszoOYssfsFlJVvKsEQIDIO2wdl8ZGjf2jzme2OBQKEdux52tcrT0nGVH6XIbS + XgEQYt+VwhWhY8YMLkk335WIgzwG1rL1lfArYcP0TjqYAv52Fq4no68biV1TToOl + 6BjR6BUX14sUSnmD+FqtLRyKioarMrrFsfYN/HMAd5KyIytT3+hLnlsPWKe/aq8= + =LtUh + -----END PGP MESSAGE----- + fp: A5EE826D645DBE35F9B0993358512AE87A69900F + - created_at: "2022-07-15T23:31:12Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA8zMZ+ak7y/zAQ/9HmZfaP+pq8X8foUByTbtJG1rnABR1UpW0JzL2dZmMzC8 + Na9gCASTu0zROJkEjjfOFOjv82rXlA3KCWsg3uS13LG7yBZiHzA5qo1J4b4zYGrY + brCH+XP8K0niZC2kjZkoNoY98NB7CIPBBRlBlmvUQ0yrJCzyTVfN8kwPfAUMVTEh + RRm9xMeFfx3Y0oKf4z0WQcOwCy+vrzGGJ3dzyvpGa9+PewJ6BBq6iNwaQY2qEEPM + wOvcSWx2mLu7kIH1nSllkDabLcVBk0v0o95uLLK0TKzjg/AL5XYCpUcZv2jVmpNT + MKJwP+XAGJeEXjARvQK/LaA0/oPRKvdxTuwahHAAtXzFonysuhzrvCsaKdn0U0DJ + wnDeP3/UCiEwCzhKbxL3LleZIp1YPoGFbFIiVuE3Z9NtHXB0ziuhUmxh6lY18bw5 + f1FsJx6XmSThKUcPb1kWEUL1TkURqhxuBABOBBWat3YHN4+tJoLGreJPeBxlx22v + 5RW4vG7ogJkhS/AjqQlcHqoFpcy5S5RvIyewvlG2XH5MSXrgcCul9v4XM21+xgaQ + +p6Q2rlQAp/BQg/2jYbAA+rXwZuWItZG6vwW+ZKdlL3PjDZIVQ+imzOTn5t5vCCg + 0w+RXd+4zhkDmzAuPbDlfpWj8zybM9G4WRBFqBSxcCC+wKyZ9PUZ2mm0JQ5UVqHS + XgEvG/OSq4UcEQlQoDKexrHYM7bUeJyRzwHlJc9vJ5N8+H6lls73tyIH0Dhr5Jks + y0Blog09MqIvJ1wPtsTI7YwqTtuKAaN3tRpn5v0Irjf+kwUOO9xFYq55qoUqnso= + =cipK + -----END PGP MESSAGE----- + fp: D4E89C6A0A58EE803EF708EFA9B23715F7AA3F1A + - created_at: "2022-07-15T23:31:12Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA45bZkLXmBFpAQf/eDKnVBfmgIxgodwg11IQavjvzV+TL6WX8+/KffdrjbmA + oZaTk/1S8qEBGqvlxPH6e/hi8dkGVgGiTMSmyPmcBv3Ku7vJDvpEiiSKBR2p7s7j + QUsirBozXIdhIb+ChbTilr6Ub4DUUr90XT7B0CMLrA/R3oGZJeAiY3MeMVNRNupr + TTZqqDD28t1bKrFTtoUyaOlTm/Bm3owIx+lpbg2xRda4tCjBmabGw2RIFRIjCKB4 + LaRfcgcSCmQ1Nyg6/25I9/G59vCFuihm8z7Rnvr4hJV0O5zOoDXrKhpYWiSjF/d3 + OImS7XxIZ/36cWwFcAVdgnQv6VkwGWkJmhGhP7Oi3NJeAfg34nx9jLp3UQQ+lQKO + aKFmCDhveWZg1ZQGNnw9Tu1B+opevgiR9aXnPiyJw5ZMVvhhwib80f0xR30h565W + Muvv/zNTWhgL3Bc5QCrcEpeA79Fx4yj9a6iioPeutQ== + =/+oj + -----END PGP MESSAGE----- + fp: A4B0F5A80C2E2448A97BEC25BB829C4DECA6CCB9 + - created_at: "2022-07-15T23:31:12Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMAwMCBBrc/JA6ARAAjoIZ3MFENhuDlgtqGHGO+VbfilXLkj8JSkDQ/FfCm9Od + fDMj3jS7hGEkFdFgQSR5X92aHPQA8SoSEcby/8fiGgoBMlhPO0UkWni7wFZBAv/H + ZTo997yv099PzuBLbNuwfdJQIa3ohiHQ4HaNg3AQhav0keCtX4I+gRKa/k3wXvRg + q1pfEEqRzt3yS/z2gtOIVNAvQv2xKFDUOULFQ0eFMCxM5OE/rC2J6wtST5Qj4boM + kNFSu/HD8kKMOoLVyOPiezbXyXER9D2naR48BQ1sjhKUS56Y441kCMT9+9PJWgs/ + 8q7PAfZ/TDqV+1occnpIHO5EPgWgBy4Ig1EVQuDHh9NETu7eo51sKpj1ol7SnweO + srNvoHaT6nKVKi5aZs1PqO8UjUZOrgcyuDj/PHoCTrHy+8JzyWjZoqzpLzh1zsXf + /dE6tB4G/CdM3VA/f66uo/DyN4yqMP4I6SxUOwoI1SKpobrEok6SkgksDl5Fvxzl + DmtbZCH2Y794vvSmAbNMP2fxrDcD5VE/nolSHHFn66TKVH59D3RI4L0C6bZTg876 + gdbbe6qjMIXGdqi/v5bx5sKEYbPBWLFs8KmTN8GLiuUWRkmgHfBbLA7TrGknbn/Q + o3189W5Ev2kzjwcxW3x9Yshiqa0vXHlcNLXgU18A5Afe8oqHo4KTya3VFRkBZqjS + mgETi6Z0X4ipqEaqY1HJYYpNalrULBc3HR8xvuwX+SRJEodOlFm+nRPwKAztItjl + tAPuUj4Y6axit75x53d2ZQnIOqiHWtLfCO8BYq8gnsLQUE02rldbmj5rSIg6TdQd + nK7O2t9MWzDIn7W+Isli1a+GZHs0AwxzRsrr8v8InGErq/uamMA4plqlngSTwVqz + Yp9P7VifpT3ENps= + =rIAj + -----END PGP MESSAGE----- + fp: 4F9F44A64CC2E438979329E1F122F05437696FCE + - created_at: "2022-07-15T23:31:12Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA9XEenRNYVGHARAAy8/abI5IsSPw/js6gLm2huUV4BuShjDs6O32jYzNpfu/ + dSZ+64oos6v2wdSol5WQM7xsnzSu8+kbHpL7jQNCljBULY4ZBN8XyI2tke58+iBr + GaG27lNBTQwHPQvfW079ZOo2E/IJuqE8e57+ufI1P/lPPWF3o7Fs4/LPhb8fXp+6 + GFXotiljGjgo4FKlfeAoASlOJbYpM0YfsPQgS8cOOxvYb/MdMO6c4Q7/1P/HgN89 + umEIT9c9pG5oojjosvqXEYH3SSqiNoCPh5lDZnjUxaFHlTUI3u2hHiHAoLqtr/Na + XDcwgjL0WcxpzkitTN/WwNxHPtAXMRI21AtVkAyots75pwHcORI08HT9Lg0n7CMF + FdQObdKrXsoM/Ta3ddn4AvSKPvHxPZXhacpWbu3ZRZs6j5CdvogNVMbzp73E8QLv + G6IhB4k5Y4yzEagW3NYplt5sAkyAiw3CwwpAGhe1ybFV7czLon4UYvxr0b7A48p7 + yW3Kdmu0NsLTxim/Nj5CQXKo93Pyhy9sZ3CBSj3TLwzBENBPKsAxOBhqWNLG+6kG + DPhVcRt4UTC0gsKl6MIz1/7iWw2zZbKIp9ICvYmUWNzWKmVCX5dQZV6tphA1Oujv + khXPuhjNf/vuVAKiF6KVjOeK8g6sMtIJ2YLgUsFpMtL5v7vH0HV0pAkXTVU2hYPS + XgHEysoXtC0q6yeqNMqO629Ga51tFvsK4J35qYnqMlvIzWUgUVKqAJXIjEwRYuSd + dpvLLyZqaw03CyViprS31ZyjZX/uODplfSGgEdTX0biDx1V66PkYFS1BgX5F9Ec= + =HW+p + -----END PGP MESSAGE----- + fp: 4B12EFA69166CA8C23FC47E49CD3A46248B660CA + - created_at: "2022-07-15T23:31:12Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcBMA/Z87ylQaotQAQf/a9eLCXn+WqW36Z2Y2CmpG6w354DJcnv66Sg3RmJ5pbgo + 5MEl6jsgoAbaKFCaHTnThHVsjHbpI1EK6IPtUeQq4J0wx3X0tOSl+cVk8BDBo9VV + 6zFjgx08rsFh7UVv10Z6v2GflqQxgE3XEmj8g/QNAhKx8kULp0BmolA54V64ipvM + ptACU1yx0Bzz2P+yb3UC/QUxv5EsdERUVafFzhnr4hHN4yF4hQ1OYfzVID57UjE+ + 3ykAaZQXHLIdlGREq3Lg5tjbbqVn7x7DB5a3HAYDnHRNeW0YWAww0IgbdtOTnQQ8 + os73dmJjpY+S1CfjNnqGXJlsz+3NqpqgB9EoQmC07tJRAbCUELT9RIQY2H3x7Ahu + /kmjy/HrCjSgnoowh72TrEUtuimXsnSqI5n/elGaskP2f0RQmMHaLfDpZ07aw497 + d0raMR0a4VzvjeFcyB5TuMZI + =lOay + -----END PGP MESSAGE----- + fp: 9EA68B7F21204979645182E4287B083353C3241C + - created_at: "2022-07-15T23:31:12Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA9qJIVK2WMV7AQ/7B2ptXyoEfcOZarRjx4An6gO10sPm4XCgnrc4IoEl5C0e + o13k4qJtpggIxjx3kR4mIGw5nnFHDVOMLtptCMKsbadb97NTAxFE6/eLSRs45Cb7 + m8bRc9wPHfZNJW1o3nSU9VCWJI3LYMBDB02XxQGEbca7SKfcaTk47HIZkSch7eHG + la7s19HiQ2Pw4tCmWUWEBO4S4B3+H6zwHwrxOFJn4YKfbIqx61MJ0ARCG44kwMbu + 2EXO7qhtFH15IpkWFpKXxZw/lgvBSgAFQ1FzFU5JtjEckd6QvQtOeqXt98OfqIUr + fTBXzedj3+sW8c+bNA1U0NrtTFzQ7wHuigiR1xOsOkOIaOQFcOTce6qyvZUB9E0u + tuBz/tio7TH1ryFX6TgEVaUleYNILbIfCmLEJKuDD0B4Qp2QJzMv47Vcbr+svUry + VkEc4V5/aZNSEv2hoaDljwdGF7EBFVbV9Rf+w8EHTGYruaJXI8gbvPGctUIXamDL + TgtETzDwZwWsje17ko7HQJ4fD+xDnjnLCAkHy6q2D/7Yi6++BkGjECzHYyBL3mYp + gu4Pi9LGyLUm+bS23Aj1sf6ds4N0tLcrVdFa6P47CorUisai/bZap2SRzsIvEHbl + HCPR/xZgjH5vqqsTNDAdfy3AjaTPKSGM6XLotXO3Yqn1UCd065TDWUIIEf5CtFjS + UQGLy7qi+Nc4SVs218muH0xwdL2v07gkX/lckRjNDuTkhw3cl1KR6xGOCQyCAXsa + w3Hm8OCO32j2vnLAEL2eXAsJFVCsClXdFzF6T27avRtu6w== + =/SRt + -----END PGP MESSAGE----- + fp: 53B26AEDC08246715E15504B236B6291555E8401 + - created_at: "2022-07-15T23:31:12Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA/YLzOYaRIJJARAApGdXUvJf+/YZGK1VBjfa6rIVXSM6AJHGfUgCsteNWOiA + PVpNRQx1qE0LCdMiqLjSVDoSx8o/crWhqSfoS/9ip7VKzhHuiw4ZSqNI2wIQVatL + 7+MJWw98wuB1askHy6RdeFbhdGFdRs7hI6v1ByZroqE25eVKRQjtXzMCSvz2/K/+ + K3LELDzGxWfr8NKMykcGRClSEJ4RXQi2S1WBRtfejDuDgiiNlSKZQGYUZqz25TIc + Oh9pI9U+KwAYi8IyLRAsz3WTGLwn++nldiluPCNHVKE8uCtIc9kWwGSNEaQIliRC + gCCA01MBV3lJhnwBP+PIx03dJJCLtCm+OIFV68/DGfb0QHjCUc1n7FCemVX+8P8T + kC4P9KPMCXr++F/wZWfRzQyDOy7+EgXGSdMv7qQ2+i2iiZN12Ejedk1yNT+THMZS + VS83aeMaushMifcpdFAiS7tup8pr9aRK7qaJ/nEi2Nc22EGPW4VtRDvEz2oJlMzr + xEY0KQP/1t3dNOeuZetVLywR3srXngZPq6oPE2ZUYpFjD7if72wWlUELWC2IZumx + KjuALINSLTtUXQ8WXGHficqS0fiDQ2miWRs4vbuNRrmF7h33ouO2uHR+zpmYqGsS + 9fw2YVmRQ/Ed506sHuDJNcAA+61CJI9W+AD++F9LqUEUuNZhNr1V1HimucsWPXrS + XgEar8ve3x0wiydVvp85RkyOrcSZEqq1Qa0QZlwGZ87YOcRFrikAfdo97jTcJlpU + vzLo9Q8rLZWp3BoLJyM6Jjoyaeausz1+LmoHXzJWmJqds/zgwXwdwa0K4WKRR9k= + =wvUO + -----END PGP MESSAGE----- + fp: 91EBE87016391323642A6803B966009D57E69CC6 + unencrypted_suffix: _unencrypted + version: 3.7.1 diff --git a/hosts/containers/freifunk/assets/index.html b/hosts/freifunk/assets/index.html similarity index 86% rename from hosts/containers/freifunk/assets/index.html rename to hosts/freifunk/assets/index.html index 38e495ed..18b1893f 100644 --- a/hosts/containers/freifunk/assets/index.html +++ b/hosts/freifunk/assets/index.html @@ -11,7 +11,7 @@