diff --git a/config/secrets.nix b/config/secrets.nix index f6567a9..103d9a5 100644 --- a/config/secrets.nix +++ b/config/secrets.nix @@ -1,242 +1,242 @@ { site.net = { - core.ospf.secret = "SECRET"; + core.ospf.secret = "encrypted"; }; site.hosts = { - ap1.password = "SECRET"; - ap2.password = "SECRET"; - ap3.password = "SECRET"; - ap4.password = "SECRET"; - ap5.password = "SECRET"; - ap6.password = "SECRET"; - ap7.password = "SECRET"; - ap8.password = "SECRET"; - ap9.password = "SECRET"; - ap10.password = "SECRET"; - ap11.password = "SECRET"; - ap12.password = "SECRET"; - ap15.password = "SECRET"; - ap17.password = "SECRET"; - ap18.password = "SECRET"; - ap19.password = "SECRET"; - ap21.password = "SECRET"; - ap22.password = "SECRET"; - ap23.password = "SECRET"; - ap24.password = "SECRET"; - ap25.password = "SECRET"; - ap26.password = "SECRET"; - ap27.password = "SECRET"; - ap28.password = "SECRET"; - ap29.password = "SECRET"; - ap30.password = "SECRET"; - ap31.password = "SECRET"; - ap32.password = "SECRET"; - ap33.password = "SECRET"; - ap34.password = "SECRET"; - ap35.password = "SECRET"; - ap36.password = "SECRET"; - ap37.password = "SECRET"; - ap38.password = "SECRET"; - ap39.password = "SECRET"; - ap40.password = "SECRET"; - ap41.password = "SECRET"; - ap42.password = "SECRET"; - ap43.password = "SECRET"; - ap44.password = "SECRET"; - ap45.password = "SECRET"; - ap46.password = "SECRET"; - ap47.password = "SECRET"; - ap48.password = "SECRET"; - ap49.password = "SECRET"; - ap50.password = "SECRET"; - ap51.password = "SECRET"; - ap52.password = "SECRET"; - ap53.password = "SECRET"; - ap54.password = "SECRET"; - ap55.password = "SECRET"; - ap56.password = "SECRET"; - switch-a1.password = "SECRET"; - switch-b1.password = "SECRET"; - switch-b2.password = "SECRET"; - switch-c1.password = "SECRET"; - switch-c3d2-main.password = "SECRET"; - switch-d1.password = "SECRET"; - switch-dach.password = "SECRET"; + ap1.password = "encrypted"; + ap2.password = "encrypted"; + ap3.password = "encrypted"; + ap4.password = "encrypted"; + ap5.password = "encrypted"; + ap6.password = "encrypted"; + ap7.password = "encrypted"; + ap8.password = "encrypted"; + ap9.password = "encrypted"; + ap10.password = "encrypted"; + ap11.password = "encrypted"; + ap12.password = "encrypted"; + ap15.password = "encrypted"; + ap17.password = "encrypted"; + ap18.password = "encrypted"; + ap19.password = "encrypted"; + ap21.password = "encrypted"; + ap22.password = "encrypted"; + ap23.password = "encrypted"; + ap24.password = "encrypted"; + ap25.password = "encrypted"; + ap26.password = "encrypted"; + ap27.password = "encrypted"; + ap28.password = "encrypted"; + ap29.password = "encrypted"; + ap30.password = "encrypted"; + ap31.password = "encrypted"; + ap32.password = "encrypted"; + ap33.password = "encrypted"; + ap34.password = "encrypted"; + ap35.password = "encrypted"; + ap36.password = "encrypted"; + ap37.password = "encrypted"; + ap38.password = "encrypted"; + ap39.password = "encrypted"; + ap40.password = "encrypted"; + ap41.password = "encrypted"; + ap42.password = "encrypted"; + ap43.password = "encrypted"; + ap44.password = "encrypted"; + ap45.password = "encrypted"; + ap46.password = "encrypted"; + ap47.password = "encrypted"; + ap48.password = "encrypted"; + ap49.password = "encrypted"; + ap50.password = "encrypted"; + ap51.password = "encrypted"; + ap52.password = "encrypted"; + ap53.password = "encrypted"; + ap54.password = "encrypted"; + ap55.password = "encrypted"; + ap56.password = "encrypted"; + switch-a1.password = "encrypted"; + switch-b1.password = "encrypted"; + switch-b2.password = "encrypted"; + switch-c1.password = "encrypted"; + switch-c3d2-main.password = "encrypted"; + switch-d1.password = "encrypted"; + switch-dach.password = "encrypted"; upstream4.interfaces.up4-pppoe.upstream = { - user = "SECRET"; - password = "SECRET"; + user = "encrypted"; + password = "encrypted"; }; anon1.wireguard.njalla = { addresses = [ "fec0::1/64" "192.168.0.1/24" ]; endpoint = "0.0.0.1"; - privateKey = "SECRET"; - publicKey = "SECRET"; + privateKey = "encrypted"; + publicKey = "encrypted"; upBandwidth = 45000; }; - ap1.wifi."platform/qca953x_wmac".ssids."uebergangsnetz".psk = "SECRET"; + ap1.wifi."platform/qca953x_wmac".ssids."uebergangsnetz".psk = "encrypted"; ap10.wifi."platform/qca953x_wmac".ssids = { - "Ebs 2000".psk = "SECRET"; - "iz-dresden.org".psk = "SECRET"; + "Ebs 2000".psk = "encrypted"; + "iz-dresden.org".psk = "encrypted"; }; - ap11.wifi."platform/qca955x_wmac".ssids."braeunigkoschnik".psk = "SECRET"; + ap11.wifi."platform/qca955x_wmac".ssids."braeunigkoschnik".psk = "encrypted"; ap12.wifi."platform/ar934x_wmac".ssids = { - "IrèneMélix".psk = "SECRET"; - "paperheart".psk = "SECRET"; + "IrèneMélix".psk = "encrypted"; + "paperheart".psk = "encrypted"; }; - ap15.wifi."platform/qca955x_wmac".ssids."etz250".psk = "SECRET"; + ap15.wifi."platform/qca955x_wmac".ssids."etz250".psk = "encrypted"; ap17.wifi."platform/qca955x_wmac".ssids = { - "EDUB".psk = "SECRET"; - "Zweitwohnsitz".psk = "SECRET"; - "e-Stuetzpunkt".psk = "SECRET"; + "EDUB".psk = "encrypted"; + "Zweitwohnsitz".psk = "encrypted"; + "e-Stuetzpunkt".psk = "encrypted"; }; - ap18.wifi."platform/qca953x_wmac".ssids."Restaurierung Wolff/Kober".psk = "SECRET"; + ap18.wifi."platform/qca953x_wmac".ssids."Restaurierung Wolff/Kober".psk = "encrypted"; ap19.wifi."platform/qca953x_wmac".ssids = { - "Studio 01127".psk = "SECRET"; - "Walter".psk = "SECRET"; + "Studio 01127".psk = "encrypted"; + "Walter".psk = "encrypted"; }; ap2.wifi = { - "pci0000:01/0000:01:00.0".ssids."C3D2".psk = "SECRET"; - "platform/qca955x_wmac".ssids."C3D2 legacy".psk = "SECRET"; + "pci0000:01/0000:01:00.0".ssids."C3D2".psk = "encrypted"; + "platform/qca955x_wmac".ssids."C3D2 legacy".psk = "encrypted"; }; ap21.wifi = { - "pci0000:00/0000:00:00.0".ssids."ZW stage".psk = "SECRET"; - "platform/qca956x_wmac".ssids."ZW stage legacy".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."ZW stage".psk = "encrypted"; + "platform/qca956x_wmac".ssids."ZW stage legacy".psk = "encrypted"; }; ap23.wifi = { - "pci0000:00/0000:00:00.0".ssids."LBK Network".psk = "SECRET"; - "platform/qca956x_wmac".ssids."LBK Network".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."LBK Network".psk = "encrypted"; + "platform/qca956x_wmac".ssids."LBK Network".psk = "encrypted"; }; - ap24.wifi."platform/ar933x_wmac".ssids."farbwerk".psk = "SECRET"; - ap25.wifi."platform/ar933x_wmac".ssids."farbwerk".psk = "SECRET"; - ap26.wifi."pci0000:00/0000:00:00.0".ssids."Dezember".psk = "SECRET"; + ap24.wifi."platform/ar933x_wmac".ssids."farbwerk".psk = "encrypted"; + ap25.wifi."platform/ar933x_wmac".ssids."farbwerk".psk = "encrypted"; + ap26.wifi."pci0000:00/0000:00:00.0".ssids."Dezember".psk = "encrypted"; ap29.wifi = { - "pci0000:00/0000:00:00.0".ssids."jungnickel-fotografie".psk = "SECRET"; - "platform/qca956x_wmac".ssids."jungnickel-fotografie".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."jungnickel-fotografie".psk = "encrypted"; + "platform/qca956x_wmac".ssids."jungnickel-fotografie".psk = "encrypted"; }; ap3.wifi = { - "pci0000:00/0000:00:00.0".ssids."C3D2".psk = "SECRET"; - "platform/ar934x_wmac".ssids."C3D2 legacy".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."C3D2".psk = "encrypted"; + "platform/ar934x_wmac".ssids."C3D2 legacy".psk = "encrypted"; }; - ap30.wifi."platform/qca956x_wmac".ssids."WLANb0402".psk = "SECRET"; + ap30.wifi."platform/qca956x_wmac".ssids."WLANb0402".psk = "encrypted"; ap31.wifi = { - "pci0000:00/0000:00:00.0".ssids."C3D2".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."C3D2".psk = "encrypted"; "platform/qca956x_wmac".ssids = { - "C3D2 legacy" = { "psk" = "SECRET"; }; - "FOTOAKADEMIEdd" = { "psk" = "SECRET"; }; + "C3D2 legacy" = { "psk" = "encrypted"; }; + "FOTOAKADEMIEdd" = { "psk" = "encrypted"; }; }; }; ap32.wifi = { - "pci0000:00/0000:00:00.0".ssids."ZW stage".psk = "SECRET"; - "platform/qca956x_wmac".ssids."ZW stage legacy".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."ZW stage".psk = "encrypted"; + "platform/qca956x_wmac".ssids."ZW stage legacy".psk = "encrypted"; }; ap33.wifi = { - "pci0000:00/0000:00:00.0".ssids."C3D2".psk = "SECRET"; - "platform/qca956x_wmac".ssids."C3D2 legacy".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."C3D2".psk = "encrypted"; + "platform/qca956x_wmac".ssids."C3D2 legacy".psk = "encrypted"; }; - ap35.wifi."platform/qca956x_wmac".ssids."Koch".psk = "SECRET"; - ap36.wifi."platform/ar933x_wmac".ssids."C3D2 legacy".psk = "SECRET"; + ap35.wifi."platform/qca956x_wmac".ssids."Koch".psk = "encrypted"; + ap36.wifi."platform/ar933x_wmac".ssids."C3D2 legacy".psk = "encrypted"; ap37.wifi = { - "pci0000:00/0000:00:00.0".ssids."hechtfilm.de".psk = "SECRET"; - "platform/ahb/18100000.wmac".ssids."hechtfilm.de legacy".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."hechtfilm.de".psk = "encrypted"; + "platform/ahb/18100000.wmac".ssids."hechtfilm.de legacy".psk = "encrypted"; }; ap38.wifi = { "pci0000:00/0000:00:00.0".ssids = { - "ZW heinrichsgarten" = { "psk" = "SECRET"; }; - "plop" = { "psk" = "SECRET"; }; + "ZW heinrichsgarten" = { "psk" = "encrypted"; }; + "plop" = { "psk" = "encrypted"; }; }; "platform/qca956x_wmac".ssids = { - "ZW heinrichsgarten" = { "psk" = "SECRET"; }; - "plop" = { "psk" = "SECRET"; }; + "ZW heinrichsgarten" = { "psk" = "encrypted"; }; + "plop" = { "psk" = "encrypted"; }; }; }; - ap39.wifi."platform/10180000.wmac".ssids."EckiTino".psk = "SECRET"; - ap4.wifi."platform/qca955x_wmac".ssids."jam-circle.de".psk = "SECRET"; + ap39.wifi."platform/10180000.wmac".ssids."EckiTino".psk = "encrypted"; + ap4.wifi."platform/qca955x_wmac".ssids."jam-circle.de".psk = "encrypted"; ap40.wifi = { - "pci0000:00/0000:00:00.0".ssids."M".psk = "SECRET"; - "platform/qca956x_wmac".ssids."M legacy".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."M".psk = "encrypted"; + "platform/qca956x_wmac".ssids."M legacy".psk = "encrypted"; }; ap41.wifi = { - "pci0000:00/0000:00:00.0".ssids."Walter".psk = "SECRET"; - "platform/qca956x_wmac".ssids."Walter".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."Walter".psk = "encrypted"; + "platform/qca956x_wmac".ssids."Walter".psk = "encrypted"; }; ap42.wifi = { - "pci0000:00/0000:00:00.0".ssids."jam-circle.de".psk = "SECRET"; - "platform/qca956x_wmac".ssids."jam-circle.de legacy".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."jam-circle.de".psk = "encrypted"; + "platform/qca956x_wmac".ssids."jam-circle.de legacy".psk = "encrypted"; }; - ap43.wifi."platform/qca955x_wmac".ssids."Kaffeetasse".psk = "SECRET"; + ap43.wifi."platform/qca955x_wmac".ssids."Kaffeetasse".psk = "encrypted"; ap44.wifi = { - "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET"; - "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET"; + "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "encrypted"; + "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "encrypted"; }; ap45.wifi = { - "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET"; - "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET"; + "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "encrypted"; + "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "encrypted"; }; ap46.wifi = { "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids = { - "EWW".psk = "SECRET"; - "ZW stage legacy".psk = "SECRET"; + "EWW".psk = "encrypted"; + "ZW stage legacy".psk = "encrypted"; }; "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids = { - "EWW".psk = "SECRET"; - "ZW stage".psk = "SECRET"; + "EWW".psk = "encrypted"; + "ZW stage".psk = "encrypted"; }; }; ap47.wifi = { - "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET"; - "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET"; + "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "encrypted"; + "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "encrypted"; }; ap48.wifi = { - "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET"; - "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET"; + "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "encrypted"; + "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "encrypted"; }; ap49.wifi = { - "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET"; - "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET"; + "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "encrypted"; + "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "encrypted"; }; - ap5.wifi."platform/qca955x_wmac".ssids."verbalwerk.de".psk = "SECRET"; + ap5.wifi."platform/qca955x_wmac".ssids."verbalwerk.de".psk = "encrypted"; ap50.wifi = { "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids = { - "ZW stage legacy".psk = "SECRET"; - "gerdwork".psk = "SECRET"; + "ZW stage legacy".psk = "encrypted"; + "gerdwork".psk = "encrypted"; }; - "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET"; + "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "encrypted"; }; ap51.wifi = { - "pci0000:01/0000:01:00.0".ssids."antrares".psk = "SECRET"; - "platform/qca955x_wmac".ssids."antrares".psk = "SECRET"; + "pci0000:01/0000:01:00.0".ssids."antrares".psk = "encrypted"; + "platform/qca955x_wmac".ssids."antrares".psk = "encrypted"; }; ap52.wifi = { - "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET"; - "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET"; + "1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "encrypted"; + "1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "encrypted"; }; - ap53.wifi."platform/qca953x_wmac".ssids."Karen Koschnick".psk = "SECRET"; + ap53.wifi."platform/qca953x_wmac".ssids."Karen Koschnick".psk = "encrypted"; ap54.wifi = { - "pci0000:00/0000:00:00.0".ssids."Abyssinia".psk = "SECRET"; - "platform/qca956x_wmac".ssids."Abyssinia".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."Abyssinia".psk = "encrypted"; + "platform/qca956x_wmac".ssids."Abyssinia".psk = "encrypted"; }; ap55.wifi = { - "pci0000:00/0000:00:00.0".ssids."MagLAN".psk = "SECRET"; - "platform/qca956x_wmac".ssids."MagLAN (legacy)".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."MagLAN".psk = "encrypted"; + "platform/qca956x_wmac".ssids."MagLAN (legacy)".psk = "encrypted"; }; ap56.wifi = { - "pci0000:00/0000:00:00.0".ssids."MagLAN".psk = "SECRET"; - "platform/qca956x_wmac".ssids."MagLAN (legacy)".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."MagLAN".psk = "encrypted"; + "platform/qca956x_wmac".ssids."MagLAN (legacy)".psk = "encrypted"; }; - ap7.wifi."platform/qca953x_wmac".ssids."mino".psk = "SECRET"; + ap7.wifi."platform/qca953x_wmac".ssids."mino".psk = "encrypted"; ap8.wifi = { - "pci0000:00/0000:00:00.0".ssids."C3D2".psk = "SECRET"; + "pci0000:00/0000:00:00.0".ssids."C3D2".psk = "encrypted"; "platform/ar934x_wmac".ssids = { - "C3D2 legacy".psk = "SECRET"; - "teknologi".psk = "SECRET"; + "C3D2 legacy".psk = "encrypted"; + "teknologi".psk = "encrypted"; }; }; - ap9.wifi."platform/qca953x_wmac".ssids."Herzzbuehne".psk = "SECRET"; + ap9.wifi."platform/qca953x_wmac".ssids."Herzzbuehne".psk = "encrypted"; }; - site.dyndnsKey = "SECRET"; + site.dyndnsKey = "encrypted"; }