From c41ffd83daed7cb503c41a0853a70e3aff634d9b Mon Sep 17 00:00:00 2001 From: Dustin Frisch Date: Mon, 3 Jul 2023 12:22:45 +0200 Subject: [PATCH] First real deployment --- gathered/node-00/ssh_host_ed25519_key.pub | 2 +- gathered/node-01/ssh_host_ed25519_key.pub | 1 + gathered/node-02/ssh_host_ed25519_key.pub | 1 + gathered/node-03/ssh_host_ed25519_key.pub | 1 + machines.nix | 2 +- machines/manager/default.nix | 3 +- machines/manager/gateway.nix | 4 -- machines/manager/ldap.nix | 5 ++ machines/manager/netinstall/default.nix | 25 +++++++- machines/manager/netinstall/installer.nix | 10 ++-- machines/manager/network.nix | 4 +- machines/manager/ntp.nix | 10 +++- machines/manager/secrets.yaml | 39 ++++++++----- machines/manager/secrets/saslauthd.conf | 30 ---------- machines/node/default.nix | 10 +++- machines/node/network.nix | 8 ++- shared/secrets.yaml | 69 ++++++++++++++++------- 17 files changed, 138 insertions(+), 86 deletions(-) create mode 100644 gathered/node-01/ssh_host_ed25519_key.pub create mode 100644 gathered/node-02/ssh_host_ed25519_key.pub create mode 100644 gathered/node-03/ssh_host_ed25519_key.pub delete mode 100644 machines/manager/gateway.nix delete mode 100644 machines/manager/secrets/saslauthd.conf diff --git a/gathered/node-00/ssh_host_ed25519_key.pub b/gathered/node-00/ssh_host_ed25519_key.pub index b10fc86..038aa58 100644 --- a/gathered/node-00/ssh_host_ed25519_key.pub +++ b/gathered/node-00/ssh_host_ed25519_key.pub @@ -1 +1 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjQy/rUZUmLjTAP2+IdkVzGS/VNLqn3bvRpNN8ouS04 root@node-00 +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGNX02IaUopmbdmiTnl3QNrPKVzPNgvatyBuXck016Ph root@node-00 diff --git a/gathered/node-01/ssh_host_ed25519_key.pub b/gathered/node-01/ssh_host_ed25519_key.pub new file mode 100644 index 0000000..5d4c293 --- /dev/null +++ b/gathered/node-01/ssh_host_ed25519_key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETrg1h9yIOOAJzzxC6Exill5P80TOzFJbmsCoGz/bCb root@node-01 diff --git a/gathered/node-02/ssh_host_ed25519_key.pub b/gathered/node-02/ssh_host_ed25519_key.pub new file mode 100644 index 0000000..7606cf1 --- /dev/null +++ b/gathered/node-02/ssh_host_ed25519_key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIo6EciRfNcynZYRFxGnvfFYzwYc712MdyBRko/BQEZ2 root@node-02 diff --git a/gathered/node-03/ssh_host_ed25519_key.pub b/gathered/node-03/ssh_host_ed25519_key.pub new file mode 100644 index 0000000..3dda5ca --- /dev/null +++ b/gathered/node-03/ssh_host_ed25519_key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFi6vsAQtwxSMU2dlKellEHoYzQgMyobnFJVsfRWzQoB root@node-03 diff --git a/machines.nix b/machines.nix index 471d312..cdf72db 100644 --- a/machines.nix +++ b/machines.nix @@ -3,7 +3,7 @@ with lib; let - nrNodes = 1; + nrNodes = 4; mkMachine = { name, type, opts ? { } }: rec { inherit name type opts; diff --git a/machines/manager/default.nix b/machines/manager/default.nix index f50e049..ebb3b8c 100644 --- a/machines/manager/default.nix +++ b/machines/manager/default.nix @@ -14,7 +14,6 @@ with lib; ./nginx.nix #./beegfs.nix ./ntp.nix - #./gateway.nix ./netinstall ./cache.nix ./rdma.nix @@ -22,7 +21,7 @@ with lib; ]; deployment = { - targetHost = "10.32.30.93"; + targetHost = "10.32.47.10"; targetUser = "root"; tags = [ "manager" ]; diff --git a/machines/manager/gateway.nix b/machines/manager/gateway.nix deleted file mode 100644 index 7af4526..0000000 --- a/machines/manager/gateway.nix +++ /dev/null @@ -1,4 +0,0 @@ -# DHCP server for nodes -# NAT gateway for nodes - -{} \ No newline at end of file diff --git a/machines/manager/ldap.nix b/machines/manager/ldap.nix index c0096ac..c951f01 100644 --- a/machines/manager/ldap.nix +++ b/machines/manager/ldap.nix @@ -151,6 +151,11 @@ in startAt = "hourly"; }; + networking.firewall.allowedTCPPorts = [ + 389 + 636 + ]; + sops.secrets."ldap/root/password" = { owner = "openldap"; }; diff --git a/machines/manager/netinstall/default.nix b/machines/manager/netinstall/default.nix index 87381ed..7c81e0a 100644 --- a/machines/manager/netinstall/default.nix +++ b/machines/manager/netinstall/default.nix @@ -9,13 +9,19 @@ with lib; let targets = { "50:46:5d:da:0b:d6" = "node-00"; + "50:46:5d:da:0c:56" = "node-01"; + "50:46:5d:da:0c:52" = "node-02"; + "10:bf:48:1f:a6:8f" = "node-03"; + # "10:bf:48:1b:57:47" = "node-04"; + # "10:bf:48:19:a2:4d" = "node-05"; + # "10:bf:48:1b:56:df" = "node-06"; }; installer = pkgs.nixos [ ./installer.nix { _module.args = { - manangerConfig = config; + managerConfig = config; }; } ]; @@ -63,6 +69,23 @@ in { environment.systemPackages = [ commands ]; + services.dhcpd4 = { + enable = true; + interfaces = [ "enp11s0f0" ]; + + extraConfig = '' + option domain-name-servers 10.0.0.53, 10.1.1.10; + option domain-name "${config.networking.domain}"; + + subnet 10.32.47.0 netmask 255.255.255.0 { + interface enp11s0f0; + range 10.32.47.200 10.32.47.230; + + option routers 10.32.47.1; + } + ''; + }; + networking.firewall = { allowedTCPPorts = [ 4011 64172 ]; allowedUDPPorts = [ 67 69 ]; diff --git a/machines/manager/netinstall/installer.nix b/machines/manager/netinstall/installer.nix index 0c99046..5d15fe4 100644 --- a/machines/manager/netinstall/installer.nix +++ b/machines/manager/netinstall/installer.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, config, modulesPath, manangerConfig, ... }: +{ pkgs, lib, config, modulesPath, managerConfig, ... }: with lib; @@ -37,9 +37,9 @@ in services.getty.autologinUser = lib.mkForce "root"; networking.hostName = "installer"; - networking.hosts = mkForce manangerConfig.networking.hosts; + networking.hosts = mkForce managerConfig.networking.hosts; - users.users."root" = mkForce manangerConfig.users.users."root"; + users.users."root" = mkForce managerConfig.users.users."root"; systemd.services."auto-install" = { description = "Automated NixOS installer"; @@ -72,10 +72,10 @@ in nix.settings = { substituters = [ - "http://cache.${manangerConfig.networking.domain}" + "http://cache.${managerConfig.networking.domain}" ]; trusted-public-keys = [ - (fileContents manangerConfig.gather.parts."cache/key".path) + (fileContents managerConfig.gather.parts."cache/key".path) ]; }; diff --git a/machines/manager/network.nix b/machines/manager/network.nix index 78005cd..8fef7f7 100644 --- a/machines/manager/network.nix +++ b/machines/manager/network.nix @@ -1,13 +1,13 @@ { networking.interfaces."enp11s0f0" = { ipv4.addresses = [{ - address = "10.32.30.93"; + address = "10.32.47.10"; prefixLength = 24; }]; }; networking.defaultGateway = { - address = "10.32.30.1"; + address = "10.32.47.1"; interface = "enp11s0f0"; }; } diff --git a/machines/manager/ntp.nix b/machines/manager/ntp.nix index 4daeafa..2b6b903 100644 --- a/machines/manager/ntp.nix +++ b/machines/manager/ntp.nix @@ -1,5 +1,13 @@ { services.chrony = { enable = true; + + extraConfig = '' + allow 10.32.47.0/24 + ''; }; -} \ No newline at end of file + + networking.firewall.allowedUDPPorts = [ + 123 + ]; +} diff --git a/machines/manager/secrets.yaml b/machines/manager/secrets.yaml index 4903641..97e63f4 100644 --- a/machines/manager/secrets.yaml +++ b/machines/manager/secrets.yaml @@ -11,28 +11,37 @@ sops: - recipient: age1ys5pskgkjsgqfy2lr0afcnl2edry8jmryhymkwtked2se74e9g4s23gunn enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0anVoM3dITTB3SnN5OEZF - VWpLTzg1cXZUTlhkZFl2dm8yWCtSWlRwRW5rCkRNK24wTHFkQk5WdVhEQjVGRTVh - Vy9pazNwZGRWblJVVHJSa1E1OWN4RTgKLS0tIElZc3BncTFwbEhjRjFickdWWXNY - Sms0RWZ0RUhwNGVvbFk1dDBVZHcvZTQKEeTTP2Ked+C9XgKxVug/KIcJ/ES9nLRc - n5DsivfiAsoALxTsIRJvjPt/PNZimIeO3nobFPNuvQLb7Q27++My/g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPMnRvZGhGSUtQZS9VZnJk + Z2xwOU50eUQyajJFcldEZXhaTDNWR09KbUQ0CmxtL3BZQXRFaGNyNG10UUFFbnV2 + ZWp4dmcyUVZqYkIyRGt6SzFhMnRCa0UKLS0tIHBmU2J1WlJVNFM1UU5VMnF2Vk9z + QnRTVmxBZUJrYS9aT043NTFHNHpDOVEKIVdoYC8TfPlf+Lk1fjCbrANbtHofRlo/ + wF3Cm2jZIPsn/tweTWQewoVh23fgp38Fcj3gZgJwBPf+HVtH4QL6EQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1s3evxsdz6zly5qn4fjfl4py8z35n8penm63uwmq0ge2kx0u4rsdq07cn90 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqQXFmUE85WjVldTFCdDdn + L2puQUl4QnhNa29GS2NicHdiZzNKMGJLZkc4CndiUCtaS2JsUGxDbG1nQ2hPbWtZ + NnhpRVBOdFZyeXFnUWNndmhRcXBkeDAKLS0tIEVySEo0bXc4RllKSEtyMWpZam80 + REQzSVBpb3lrOVFkcTF6SGtuN0VPRWsKfi/qLyhgOdDwudWztQTRQpcv5ITUEPeS + zFA4aAzsDf91juywYXWsAmUq4L4WusfWb8Cf2hMTQLYLISb3mJXxlg== -----END AGE ENCRYPTED FILE----- lastmodified: "2023-06-27T09:57:35Z" mac: ENC[AES256_GCM,data:QpMkI/w+J49DeQ0EDrz+6WtbtvJrgNChI1Z4PNNjdD2cik9wvtZNMUhjJVV18dUxWRH3dkhwX7Jt4mPhlDjhDspbkKsNjKaSApOS8AACybs8FqodvlUCU2mF+xG4beblQn3n8oPcqc5kjbAFc2r+mPSb4b7rcoS+xrB3rKUJTng=,iv:xsjx8Gz5UfpAXMEDEzMA4Kau4BI0vq3xvgfFvHS4uFo=,tag:aiFD1PXsHtiXFrx+legUhw==,type:str] pgp: - - created_at: "2023-06-27T09:57:24Z" + - created_at: "2023-07-03T09:54:56Z" enc: | -----BEGIN PGP MESSAGE----- - hQEMA5ntoryXZPD4AQgAivbPI9NjQLAaIi4wE62yy1snYbzsZxsV4fktk4ebhYBQ - buvDARS3ZGQV9Tqi2xfmGx7SF3QHHWkqcYNMuBrjKSLIsgnLYW0sKd3fTU0/yux4 - 7b+duZO66r2gjlFwf7dFKBwn62ln4eLtvHREZbB0UWACaRdwQnmQdRL2v9hQXbcU - /TQiq0msqCfSRLao3wWWl4LvyVY8Uv31K9Kt8NGJYL0yWYuIUMXJhx+ioIbqEBOL - XOEl4JVmR4nZ6Y/aQ3FIeW/+QjXiqenVect7i52+Bv6kVzc10Zeu0qYRI1o6hpLL - iS+/cNaNfu6QZRrypQpkzTjY3kzWWgLI9WhC40pxdtJcASZvVAQqtn3eR5FBs2/N - oRC9WrVE/b8NhgmpJXtbJkTwNLDKZ5rX0/k1lBpqmSKUgfc4Sr9HMzlHsmmIc91F - p5WpSSH0uHoebg6QnNqQXcRRk4Zh7SU4YSEJHNY= - =gHvl + hQEMA5ntoryXZPD4AQf/Y6L/YMf7/WB/4eRdS7bAm1512CGvwfdszYvKIOwmsdzk + uRKKV9IFKl5SRJwFblNBuHyOVymrSIxlqVeQhyIg0fgcVprgipTNJI0s564sCfdQ + Tty8iW2d4XAOQ3inRuQdkYlgmUV4bnT+7kD09Bj5xduBQrQTFhmQfjMRXVCHJ/Ar + n8WAovMfrynevKH4B9sryHjVIosWcqVqd8RYV2yhMRi9+cbnivpsn+W4TXNM1gCX + d+4cNTnSQms5AAwCcP3mnfizWgdVx35j7eGWovKpqj1eUlJe7b4XpwZPJmXItP7n + tq7XqO9X25I52/A25secy7YPHCDRpwkNYUQUMsc6WtJcAXT0+5y516AY3gQKrn33 + mqQIIrfYfgzdJJ1ASG9FdSuLnMiZodKZN39yOYkyEjGE0XWNmdXRqYaMBAZC8Fw1 + dMqkZm7sxY0XdpfC+j837Jb4BaZk25H4QP5oJms= + =aOiG -----END PGP MESSAGE----- fp: 3237CA7A1744B4DCE96B409FB4C3BF012D9B26BE unencrypted_suffix: _unencrypted diff --git a/machines/manager/secrets/saslauthd.conf b/machines/manager/secrets/saslauthd.conf deleted file mode 100644 index 9d9ce34..0000000 --- a/machines/manager/secrets/saslauthd.conf +++ /dev/null @@ -1,30 +0,0 @@ -{ - "data": "ENC[AES256_GCM,data:pekng5DHyeza16XqzFIxKWKktRUZ8mMDnjMGln47d2K6ojzl7KetDwDeyjq25RRTL8ssev/hbHI/7jZo56KI8rKjJ4AsQrECNUu8djjek6yfwPonzSP58nKYllufQiQGPq6yIc7VxMX5wBARh03/2KtObOmiPvGmyFasSVv9Vfg0rCgTG7kD3D6Xvha8fd17I8cl9fFZJH5SsDuzFgyGanwaol7FumXzBwDq4HbQG43aC/YctjwgZaVA7Y9Gah3IULies2r54Le5DCd+Maysg3mJ+3uwEOxqtwumVX4KyGnZ7MpJSwu574xgVj5xFSCAt5W97IoeOWHV+Xru6JQCR/p6UC1VSnJzNFL9TjqW39qNOKgrpsN9b5KciPiLBTTpJF7ij23rYZ0jBkuYeEH7jCzIiaW/P08G2RU/gg==,iv:u7YpDyqO/61JLk5AmBLzgtfkzoJs4I1CIew99lAgXzM=,tag:JXCYrT92t0n7TMtYbe1iEQ==,type:str]", - "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, - "age": [ - { - "recipient": "age1ys5pskgkjsgqfy2lr0afcnl2edry8jmryhymkwtked2se74e9g4s23gunn", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQcFA3bTVxNnRJREtqU2dN\nSFFtUzVyVjdxclFwSHhibEJLMjZXNDZYQ1ZVCnFOVE9sY01QWXlBNlViRDJpb3Z5\nSVBTamR2V1lPVTNUSktRVTloc2hyU2MKLS0tIG5rdm9TYlpHS2JWMTVEUlYvUm1T\nN2Y4UDB6K2VqbFRSSVpKSXUzaFNqYXMK1FtROF7wMlwtKNIN55fWS+OXovVfwzML\n9uObWRxuI2ePJz6pTIhDGJ3m9azGepG02ynX/ZpZ3ggkTnULL+pV3w==\n-----END AGE ENCRYPTED FILE-----\n" - }, - { - "recipient": "age1s3evxsdz6zly5qn4fjfl4py8z35n8penm63uwmq0ge2kx0u4rsdq07cn90", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMdGM0Z2VPdEs2VWd4a1lU\nN25XdUFXMkt6cHBNeHBUMUNPc1pBYXRKTmxNClI1UGZYZEROTTF6YUVMQ1JhZ3hZ\nRzk3bHBhS1Yvamh4eDZDajVCUWxUQ1EKLS0tIDVodVpIYkVsSnhJZTM4WkxTbnNz\nTTRESnlSZVdndVR0UGJRSkRvTVo5b3MK5ncgqt7iq5C2WSskWK4Aqy8lONpEgHbA\ncRXaXwO9dbRd9Qo9Am1VeKHyPXVOga/pJONPt6SNBjWhvpBiwStzDQ==\n-----END AGE ENCRYPTED FILE-----\n" - } - ], - "lastmodified": "2023-06-28T12:21:14Z", - "mac": "ENC[AES256_GCM,data:IbNlGRnejcbpN8JkHZZ5S0brF7HxJnB9+scAZ4lStO0HuUG32TFmdbCC5mIY8Ci7M91kT4+ikqKJ3dMWiwhBrAQh766tSVHlyKw81P2kQGGD13Fe+pujPIPBTum9jAwhKDEgNA8Jgm+4NiOUq1n0mksFkbDqNj5vdvNAn0i5I/Y=,iv:e6VEUgGX51STIZdbKobyN/vwPgKwnrDNM/vA80EAtl4=,tag:zv+meM5/gJ8Ry4VtkBDTnQ==,type:str]", - "pgp": [ - { - "created_at": "2023-06-28T12:20:31Z", - "enc": "-----BEGIN PGP MESSAGE-----\n\nhQEMA5ntoryXZPD4AQf+PR9rAWJHzPWF4LZ+/2yNTzMG0qbgiPevLCNcJCUp4DZ6\nCbBuHrEJVrOdQuCb/rKcgYtnr2Ec4cWZ5kk+wZVKNR6+GsloA1n4C7cY+5aWr7Oo\nKOpuZICUxMLgf/PlSUq5NBAG0oDfT71+N3uQJJhclaPs+P1EcjceX45s48t+A36v\nks8WMqgVMDw5TRxI377WzR7olS99eMAVaLISlu04OIIZw+J7cfaRAgA6gegF2rZZ\nNDYOBXlH4mqKGjmQ6SWyQODUUoAsk5hBWDV7LXyjGIh6Tld+wLlddjC5Abwp9H0m\n2FIDMbIokr72i9c1F1lRp+0PsQsF09UU1Mtg2iBjBdJeAd61RpZQ++a9VziqP1Ex\nMB4FPrsU4qgT3VsvvjYZzPyews5XHOczA/aocUFVf4r1QPFOwt/6wbSLnJ8g472c\nFfBuv+KTjKWLwJYtQDoHTKuiLcQDX5acbLLmT6GDxg==\n=GRPn\n-----END PGP MESSAGE-----\n", - "fp": "3237CA7A1744B4DCE96B409FB4C3BF012D9B26BE" - } - ], - "unencrypted_suffix": "_unencrypted", - "version": "3.7.3" - } -} \ No newline at end of file diff --git a/machines/node/default.nix b/machines/node/default.nix index ba9f63d..af424fd 100644 --- a/machines/node/default.nix +++ b/machines/node/default.nix @@ -12,14 +12,22 @@ with lib; ]; deployment = { - targetHost = "10.32.30.94"; + targetHost = "10.32.47.${fixedWidthNumber 3 (100 + id)}"; targetUser = "root"; tags = [ "node" ]; }; + _module.args = { + node-id = id; + }; + networking.hostName = "node-${fixedWidthNumber 2 id}"; + networking.timeServers = [ + "manager.${config.networking.domain}" + ]; + nix.settings = { substituters = [ "http://cache.${config.networking.domain}" diff --git a/machines/node/network.nix b/machines/node/network.nix index c6c3b56..5325e5d 100644 --- a/machines/node/network.nix +++ b/machines/node/network.nix @@ -1,13 +1,17 @@ +{ lib, node-id, ... }: + +with lib; + { networking.interfaces."enp2s0f0" = { ipv4.addresses = [{ - address = "10.32.30.94"; + address = "10.32.47.${fixedWidthNumber 3 (100 + node-id)}"; prefixLength = 24; }]; }; networking.defaultGateway = { - address = "10.32.30.1"; + address = "10.32.47.1"; interface = "enp2s0f0"; }; } diff --git a/shared/secrets.yaml b/shared/secrets.yaml index 1011ae1..8ec6a74 100644 --- a/shared/secrets.yaml +++ b/shared/secrets.yaml @@ -12,37 +12,64 @@ sops: - recipient: age1ys5pskgkjsgqfy2lr0afcnl2edry8jmryhymkwtked2se74e9g4s23gunn enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUUGZ5RXVyV3g3cXBMSmtt - d2tvL0ZhL01ISHE0RVB1alZDVFZ3RHRtZndVCnVGWDIrSmdsa055THdld0lUeEVq - NWxRUllKQkdhdkFvZkI5MEVXV212ZVkKLS0tIFlPWE84M2U1dUlLTGlLc2N1UXJV - UlV1UEs3cE9Bc0VqdWRSYmtOd3V1bTgK0q1nj4z4Tnso5ts4sCEn0jEunhFuuk+W - 5d3ktEhBY6vC/eNMmv0B9+Z9/Tw3dbmou/VATObWAvprIVR143oIIw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpUUM1bnFZaTgwZ2dLK201 + WXRQc2VFanJrd29mekpoNkxFcks4MnU4clFzCmdMa0xnemlVdlBhWE9NMW02NlZS + elZLa2VqSlBlQ2RrWkxGMXM3TWV4c2sKLS0tIFBTTG9rWEd2bmliZitjT0NtUExk + bWh6NDZiQlo0UHJyR2UrK3hhNzdBRVEKQYIQoTini1ptuCev4jNuZI9KikPOyn+k + z5oV9bQWMQ9Lr+oPYeT03ttMcKwtYy5MXJURe1JnVf3ARWWlKSk6LA== -----END AGE ENCRYPTED FILE----- - - recipient: age1s3evxsdz6zly5qn4fjfl4py8z35n8penm63uwmq0ge2kx0u4rsdq07cn90 + - recipient: age1ll2utvgdlmg2mrdh7xcxw93cdlghrlfxjj4fqmaxamem6vztsecsmghfek enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3S2dqcXM5UUNvWjZxU3pW - dytFeStXNUdaV3YxSXlKUkZuUFp6ajNTOGpRCkF0TzQ4U25lamZRUGhNeDE4blN5 - S2t3ZTVrWWVmSkN5V1VmVzdGcS9Za1kKLS0tIEE4azlPdTZoK09xTHNzc3dQNUIv - T0hhOHIxRXB0Y2g5M1BIK0R5cjBCcncKwZHZHnQN0GGnzOXFGDFhUqx8Nzxk3Vx2 - Gr+6Z/OjxFREPzDlrLS5No4huQiNMhMjacw2uqmcVLOVSVy8HaCHXg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkUVlxdFBIdVFsS1NvNlhH + Wm40NkxCZlI0aVBaZFNQUmtCN2lsUHhZL1RVClFRdTE2VXpzZUVlYk1ibnUwRkp2 + cUs1SXdQVU1sbDh5b2xLc2J2NDJzcUkKLS0tIHcyMlRnWEhsMzN1MGg3dVlCL1dt + TmlKSGJPRjNwV0NYakxhc25oZDhxUmcKrrdIq7F9/swLlXMiZDxwjPO0htl8rLX4 + vU4BBE2/sT9w+jl3N0Z4jYJ6sH2DRWeUHim10jrolR3mUVXQFWTelQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1ujldj2gprjmqjcn376mtj8chskyk40gvst3m765td8za9qcd2fksuyz2h3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyODJxcEFMK1krQ016NDg4 + bW5OVlZ6NmlkeHJjcGRhQk9QSnlFK3VVUWdzCitaVEd4ZXk3Q3pwbVlJL1RCVm5x + QW91V0ZlV25KRy9ob3ZINDJvcGQ3dUkKLS0tIGk0Qnc0Qi9ZREp4TnlOUGJkSHBY + K3BzaG9sc1lUZFZSZkljMWNWdDFnQTgKdBHdbcnbCUZvb9w35mKfvTvpDWgNJ10q + QTPRnIBYgGSvqb0SVuYZJZFRVB/V23Rt9g3pCyolo6WH7ZITivxRTg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1e8f629xakqvc6gl25j36d46vl4tqnntjfqv2re54savhtc9ysqrsj3tu09 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2L0lnT0NrU2FUbGtzWDhZ + MlRHWGJWQnNodytoT0xpelo2SzIwamRjSzBJClN0THFMbjNFcTNuaUJ4UldzQ2Jt + VEZFalZpczdmT09lOUp6djAxalBSUGcKLS0tIFk2Mi83SDJSc3J3TzN6cUQrajRv + eDZoRkxZNjBadWRzVTFsWlBmeGNFemsKKDq7jApNgZUQLyjPI6a9Wq4Txnv+atFa + ESwVNDJNGtIwVTUp1B28VUJZWtJOoqgW1rq1FQ7MPXBS5pt9tmxK9Q== + -----END AGE ENCRYPTED FILE----- + - recipient: age1lqtfrgk2nfdgqm3tculqlph8r8nthrv7frzk7p8vxurwgwudedqs5s04d3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxOEZKNjJnNEhkenhGdEla + UUtncHoyL1R2Y1YxZW9ZL2VWNXpidFoxSFJrCklvVzdYeUVyK0RRZ0E5b2U4c3pV + eEFZaGZQcmlHT0t2czlKZ2poMTkra0EKLS0tIEI0OGR1ay9hS2lDMksxaFBmZXRP + QkNZNEc1ZjdpeWJXRWtuQUhGaHlTbjAKKDP35Haj2ZIeECvm5AjJDZGEbJNiYGuJ + 5tnDJtB3mMrBrDosYd2kffdbKCl3yp/CsWm6H6y5dXJJ51MFcdJddw== -----END AGE ENCRYPTED FILE----- lastmodified: "2023-06-27T09:58:35Z" mac: ENC[AES256_GCM,data:pPgwJnUdwQegqaCXdh7lweQq2Kos6szvo/mfBul+2TruUSSRXlGwKmNVLM2BuodMNZpTan2vCyvVlXvN4zBfW6nVWPzlBrCTbgtyBNodB+k3OJsfgUElQ32T9KccsMVuUsfKDzjhlFnV3NA9A7DVnrYz+jf1NcNSsz4yOjHudzA=,iv:ciFHyXhIcNFlB9fhzcAX8LICIsGPWDe29fxtjmJ0G+s=,tag:oldhGvm8vfPnuhpIXIpVWw==,type:str] pgp: - - created_at: "2023-06-26T09:22:14Z" + - created_at: "2023-07-03T09:59:45Z" enc: | -----BEGIN PGP MESSAGE----- - hQEMA5ntoryXZPD4AQgAi8lqhO1SXvABXXZGNTaU+T4Z/9KWqGltg7nq4qhU44cN - Ge3zstD887gUsxoUEWCSUXoTHSoV6nilgs0KdIs1Jul6MVrK9xFqL9aQMfS4pTMS - oXRbkhtvzbNrxN091sh8rDxzG8OlCU+aE4IyPt4scdDMNviq8vebtmiQjOEv9M00 - HDngyFHVMPsCzWW/cD1D/N/2xQFE9kt1GLbZsOoO41/muyiXVA6uoL8nFXlFZ5MR - H9hJRyfjH5XbGBguKzSPW9rtdbcZZfMark91JCodQQxnA+Tq15cUtM0lOTP6UZvt - 7EQ/ayD6T+wziYXR0iuc7m9uCKTJoY83PK3xkt02hNJeAWU6A33sEe5bPnepTHR+ - 4kT+YxJY5etwYt5KbLCNtVRcL5cCc7jCyYq4m9kRn30evUyMJdmq02fjAi3JgVpW - DZeuooaR6CAQiT8O/BLfNIxRyebAKLJoo6l7szotTA== - =3PbD + hQEMA5ntoryXZPD4AQf+JS+pr3qsdGsiIUYvY6K5H877NUtq1/SKAZxZnYwXnWZ5 + UKrGXfavvh/OL9T/19BcK/eo6GSzrj/yvUHr6cDkJWgZezMaGPMMAR1r/2x2Wg9b + a7oewcOHmwN0yegVOZQilkbIfTebTGgGb4PnqT5w7bwrGVBjKjXNBUekObLR4O45 + jjvNNhGAoOcemRVms4ErdQ0aRPt+8yNVcmOF9gIrNcvMvkO3IfvN1JTzwkoFEm9j + WYgPpvByesBWmbL76Xd95QGfJxOaIHDXgV+sSs8DA8xS81H0j0q2A+krVGpdu0nW + 6tej5P9OlI6atQkmf66eca8di4ztwj1uGZjc9ocYEdJeAYm3Fg20OeYrKuN3ApfX + wWSkWm9b89GuptH5dcqlQsSSf6gpJ/9vfuKuurQiv7k2B5Ge4GD/bRcfTIQyz/mx + sqCxGbnVe4T/bhTAK8Ah60ZsuTRx463EXTpykFwoyA== + =agMc -----END PGP MESSAGE----- fp: 3237CA7A1744B4DCE96B409FB4C3BF012D9B26BE unencrypted_suffix: _unencrypted