commit 128e983e3290edac02bc9a9293b50023de06a533
parent 6cc1c448b22533356ab75b3c66bf25a44f7409bb
Author: Katja (zaphyra) <git@ctu.cx>
Date: Thu, 29 May 2025 18:22:04 +0200
parent 6cc1c448b22533356ab75b3c66bf25a44f7409bb
Author: Katja (zaphyra) <git@ctu.cx>
Date: Thu, 29 May 2025 18:22:04 +0200
hosts: add `polaris`
5 files changed, 170 insertions(+), 43 deletions(-)
A
|
74
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
M
|
85
++++++++++++++++++++++++++++++++++++++++++-------------------------------------
diff --git a/.sops.yaml b/.sops.yaml @@ -4,6 +4,7 @@ keys: - &huntii age12dxnl4upy7agngqztrnp6wnz5jcq4fp06nxngah9n7umr4v90cvs677azg - &morio age1wpffcr5p88a2x9dzx5v3sq4jqurvygu94fx773n229fqk4p95qzs840cmn - &novus age1tud4lvpmpx5nqceyp09ls9ej8l80zlh29d8cpjxcajfnnyy85fvqs63snm + - &polaris age1x038e3tmhkuddn3ez9hcf80ehs0mvgfucxmnynrfzgccask4vu6sqlmr8v creation_rules: - path_regex: secrets/common\.yaml$ @@ -12,6 +13,7 @@ creation_rules: - *huntii - *morio - *novus + - *polaris pgp: - *katja - *void @@ -33,6 +35,12 @@ creation_rules: - *novus pgp: - *katja + - path_regex: secrets/polaris\.yaml$ + key_groups: + - age: + - *polaris + pgp: + - *katja - path_regex: secrets/zaphyra/sieve\.yaml$ key_groups: - age:
diff --git a/hosts/polaris/default.nix b/hosts/polaris/default.nix @@ -0,0 +1,74 @@ +{ + + system = "x86_64-linux"; + nixpkgsStable = true; + + domain = "home.infra.zaphyra.eu"; + + sshPubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHH7pnD5l+1jfUrJKp900AeH7WHIIwCZVhA7BGlwzHl4"; + + hardware = { + cpuVendor = "intel"; + allowHibernation = false; + }; + + networking = { + ip4IsPrivate = true; + ip4Address = "10.0.0.1"; + ip4PrefixLength = 8; + + ip6IsPrivate = false; + ip6Address = "2a03:4000:4d:5e:acab::1"; + ip6PrefixLength = 112; + }; + + configuration = + { + inputs, + hostConfig, + config, + lib, + pkgs, + ... + }: + { + + boot.initrd.systemd.emergencyAccess = true; + boot.kernelPackages = pkgs.linuxPackages_latest; + + sops.secrets = { + "resticEnv/novus" = { + sopsFile = inputs.self.sopsSecrets.common; + }; + }; + + modules = { + security.kernel = false; + filesystem.rootDisk = { + enable = true; + encrypt = true; + type = "btrfs"; + path = "/dev/disk/by-id/nvme-INTEL_SSDPEKNW010T8_PHNH9210020X1P0B"; + swap = { + enable = true; + size = "8G"; + }; + }; + + presets = { + base.enable = true; + katja = { + enable = true; + router.enable = true; + syncthing.enable = false; + }; + }; + + users.katja.enable = true; + }; + + system.stateVersion = "25.05"; + home-manager.users.katja.home.stateVersion = "25.05"; + }; + +}
diff --git a/secrets/common.yaml b/secrets/common.yaml @@ -2,70 +2,75 @@ katjaPassword: ENC[AES256_GCM,data:JrW2Pyd3rkvc3qz59m9ftHFOTX0GM9uNEkfRIoIdyJv3x resticEnv: novus: ENC[AES256_GCM,data:KTTd0UMQiOHrrFIbY9pIJWO9MVIFWs2pvjm4Vo46CE/CrgGfxJur5uYtxHvR94bwaoLXd8RpdlONSRzbShQlH0xE86C/MyRNWiZR5QLyWj6YwzFd+DSdHQD0h0AlRviZY/vFze1EJRPZ0d6XCMJBX+aTizVSxw==,iv:pSfa9Kgpwq/wqn6nOKozgEy2h9C22oVWSCA7X07aW1w=,tag:+aD8wh33mA9hqQ1TKT1m8w==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] age: - recipient: age12dxnl4upy7agngqztrnp6wnz5jcq4fp06nxngah9n7umr4v90cvs677azg enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLdkNSSFV4R0RySis3MUxD - RVZraXpBVUQ0eElNRzUveGVvanBtR3R1Z25vClZTN1VNL1ovbytXQXVlV0NHSmtw - UWZLSU9KVkx1c2V2WC84ZjhWbzdXMEEKLS0tIEtXaTNDK25KM2xGYmZkdEovRmJw - QjR4RjY0V296NnF5b252OXh0Q1p1ZzAK3bw8c++BZrY4SdXlR/EyuzK0aSsWah9x - kDCSpxNLWyXUdKfg1olYXuVErIgN8p9WTDluaaRcua0g9PE8AC3WZg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMdkR3bVIwK0QvQWhJMDhY + V2JMTUxNd040U3BmalFrU0xvTDRyTjljMkZVCkYvak4yZUpYTS9uTzhzVGw0S3hR + U1pOOUFUWHhEeXNmZk1tdzhxRFZyVzQKLS0tIHp1SGxXcjBxemllVjNBMk90MDlj + S3BWVVl0Y2k5SVMzSDNRYVFBeXRjN0kK+a+sL2ra4pnuiZONRxjkG7QZhptxGDL8 + XqMbwxTxMWwxH6Sm7LyBD2F8zDci5PS+4kfFNakvkhNg1Jzyhz6THg== -----END AGE ENCRYPTED FILE----- - recipient: age1wpffcr5p88a2x9dzx5v3sq4jqurvygu94fx773n229fqk4p95qzs840cmn enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6ejdTNEl2azJVUWpEMDha - NzFDZUE1Y21yaVJWTlZ0Q2w4b1Yrb1V1b1NjCldUS0J3Mld2S1NnTzE1ZW5Yc0Zi - VTh4Q2JzTnpzck5OOGZRVVdEVENFVFUKLS0tIFF6aXVBZXU4Z1VmVnhHZzVXS1ZN - MWRGZXlqaEJiT3VBdzFDWWx3RGJsZUEK+1aozxblsZShC0Pl4zqM9n+8R7ljj9Sz - OuAShX0LkIb3nl4FcNmlCJj9OyTFUl+R1RTZNlts7bop5Hq11Hq2+A== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCblJxbGljTmtsUDZ6dFhI + QmJNYU1CQU53Z1lveWVYTnBmTW9VdHlZWEFnCndjNzRTcUlLeHFKc1AvNk03T2tV + VjVmaGMyY01XdGYvN2QvOSs5RHl0YkUKLS0tIEwvVjJWU3dhZFM0Y09vVUIrQTdw + MWNUaVZ0R3VqdFRSdnBHYy90ckNWelUKQSvIqrN6AGqfJhJ2nlNGXA5yVV+55CAJ + LTHnUPHSD5X+dRUFj3WEr9xibjuZBewIxOG/2lUKjDe5wGy9ui7GaA== -----END AGE ENCRYPTED FILE----- - recipient: age1tud4lvpmpx5nqceyp09ls9ej8l80zlh29d8cpjxcajfnnyy85fvqs63snm enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlNzVCWUc4MHhnd2NGa1Nt - eG9TMmNubHlmcmFLUWRtWVJ4NjFYS0taS0I0ClF6QXp3aXd1SWpKNitaQ1RzV3Vq - VjZZajV5dTEvZ0RNdmlkY0h5bWIxMFUKLS0tIHB2TVVqZmhGUVU0dm9oZ3RwRWVn - Ti9mMzB1Ri9LbnhVYnB4S1ZRdktreEEKNCi9wEdj4qruCrL+pdq8D8Q/mTimBLaR - pQIFd6SZLf93PnOiza/9xfhAMYqjk5EIL49jVVZ9m5OOMGOzGn9HiA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwM2FpQ3pPa3IvRUhJREJ5 + SzRVMklzS3ZKOUJFQ3B6U1hyUCtEVkpPVGtjCjJybDg5VHNoenJNdHFuOFp3L212 + ZGtBamNGL3lVQlZUQUdiQ2NlR2pRREUKLS0tIGV0dW90OWNkOTF4L3BOT1lzVXhR + OTRkajg1ck56dzlTbFd6U2xYM2t0N0kK8NG4qPsH84CF8Vrjox7Uv1Lu4nMBFNlB + KU6d/Lb1l0Ay4+rEpa/9lyOGuuQVoMshvX1+kl1dP+dDxSiMosGR0A== + -----END AGE ENCRYPTED FILE----- + - recipient: age1x038e3tmhkuddn3ez9hcf80ehs0mvgfucxmnynrfzgccask4vu6sqlmr8v + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsbE5tT3dDL0NWVmwvT0Za + T3FRRW9BK2xRTEpES0h0ditkZmhKekhSNTFjCnlxN3BPeWxGZmxxRytldFVySzJh + Sy9qalYyZTB4TXY4ZWRtanMyR3FYR2cKLS0tIDlDM3FUZmxmTG5WVWJreFhCd0dp + b082N0RCS2gwMTFVL1FPNnRPM2JvajgK/CRFQXbNPulI82bqQyVh9EtqvX9DG0jB + /WjHv/FAVccXLzdYLhllKbpwYI4nnWNa8ybS+uPEcNpDlfmG2yGMlg== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-05-22T22:49:04Z" mac: ENC[AES256_GCM,data:UkVp3IEknRO5/JcfdqX19imbukjpwZ5p12hrKhyI6nJjiIr8oFhrc2l50knyhx6qWmywzg0RUIxFMmqTrDlkXij+XgHa6L4BidpMBoZSWmQ/LH9uVPTm8KcHU/YI4+C39XcKSXlyXG6f09q8COl7RFnH3dJEsBtarEnGfjO8wMQ=,iv:O4kCZeFMCMrOuCmCcxmRSdugY7ZX9gpVrt3LC6Mus88=,tag:tEO8QqwElRZxg4OT6qAnKA==,type:str] pgp: - - created_at: "2025-05-21T10:21:09Z" + - created_at: "2025-05-29T09:38:32Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAzmqVs6bjEjqARAAhH3syDNofNaCWJYtYgXJmql5BcEJS5T89e3x2RRQr8Wv - 8o1Ktu5KJO+iZC1XvYf+F8hVKhUcEscHWkauGc5qI6RINnoMue0w754GAF/Ga6yt - PEeZon/hPoPxAG6sYwaAVnQQ1+zA1QFSSexDPYoIAUH/cTHteONwg5+X9e/X783f - GRp/ZXHa8XH4XrA7o5FbNGQqRULsJTaMAjw9xYmWWZJygquZCdvLqISRVbiQv52a - T6j3euO5N7/L0ZjVmHN1cPpMKW+XE83iGEeEq+9ebA+cVeXOx9a+RHLd5YGbJqnB - mEqOgzaW17kiKnGs5Jgawa5BPFa0XdYr26Ltn0h0AaMECFHvCO35nqL+Ix1U5GQU - /ea+wPyiPmVZfdcXWZz0yKgRcnwLJjEm/OCEp5U3bqR5wu+O92tf9ajQmh2QD1RI - pEaj6tYkpw6JaMAxYns3PG3o9t+vsN7e+zW3xhX8PJxpk84Ai4jCQocigP4/pstV - mdip0ChyK5CylB2+D9Fsw7s5eR2ImDF6L5ExuqhrP7WnslB1C90DT8T2Pn0LZbR5 - muKWbW09W65ZLOpPWItrkN9nzmv80ac8NUBUXfPbGqGLVYnD8qqn/uE32K8USLye - 34saAyqOSYMlolJnDpOaawXTI2dZDp5ZaTT6rUu0R28LHNLkoVIP6Ik+SLM+XkDS - XgGarUoRkuNLapz3lioX4vbi1j6Rsk7qRmlAZUSIjsDKnALYo1Q1G+SdKkeRecGw - y7WBkmF9jhFpBIBPh/FmaRZ6ZckWkT7/JqPwrVuv8ngSpkVTwiJLmaTPdBTWPgA= - =3t24 + hQIMAzmqVs6bjEjqARAAtM6HCq49xa9EkM3SU4RugV8k/ltvih7Z9bejBBOv90Ay + 2/6xLKhg+yO1zg9sO77v7gIfbn9chLhYbPKEiMQyRN/T0Ay7nu8y16TCq2X84mvO + 2pt+sW3iwrKTaU5fnOFnieNx43wfGVTWMN5YDoRsY2aLuEK996vbU3Yy22kEzA0V + N/IIfX4JDS1c/xdUQlMKtGbRZjxU5APjprm33AfG0lgReogU0IheJGLKQgK8VgQW + G+AlANOBn8esjQK0cBJgDM1p3ou0x2Cx4Oo87r9f0XBmSiumGHIItSbsNnpJFWXb + RceOmszGjaw/XGvhFO3q1R0U/vtLa46fM6jqvwhZX5cak0ckfHAgYklf+k6TnUJ1 + H5qRbe1AR7HMjzac6/SOh7+FqYpxVuavPGHQ6F3EZIZuB8rBUCwzQkjgNlqzsEvT + w7LkUN5s/J2eIqyGa7sV8lDsLWfj/Vx+UQJ3FPJ6iLRku93RuRzmsB5RN2ehA2fF + IU1xCz5q3QlY92zV6dVmmtqxjfGa38dddCLOsTap+rHEYoHt8svZBhB973SoUYUh + 0h62digxfEap/qG+iiGfAGJC2NwcYfbw1gBt7N2GVox1m7jjyAsqQdPv/lkWy6So + pH1fOMarpZyu/B6NSAeWl2P/8bEniij1qIqZoeqduWqCf8bWXuSZhRqKOA3EEv3S + XgFgt69le8eUUzJM/km8FjUbt1yeHhNLfNUIAPq6h4D3WXTl8LDUAPRD6bHKmQpJ + OVDtsDRrkWkHUkWRyUb5ecTnxbbVf4/mzZF9Z02bLRQOnzIC4QqAFoBo2wKVg1w= + =ycyE -----END PGP MESSAGE----- fp: 9D7CACD7039E5AD616FD25879F935DB630A167E7 - - created_at: "2025-05-21T10:21:09Z" + - created_at: "2025-05-29T09:38:32Z" enc: |- -----BEGIN PGP MESSAGE----- - hF4DaBViTd9dOpwSAQdA2Gce8ibHNQbG3qrilVXG+T8tqfgJFKvRqE6NNbITeAMw - ieH1s+w3zG+ZAZJO+wQYeTAi0O3/epQta4SU22MpilHyPpvyYwFdBInbNiHP2jmL - 0l4BWTFQ504qSYlQDswAA4+MWKFZMdSInn3v9FLgSCUMyCdMHq7rzchraTb2yHxd - geUGyV0FxrFtAUo6MUc1V5SsnWTheNc1CmyLXDjd5wlKlYAY8nVY7S5V1pPDflKP - =/wyM + hF4DaBViTd9dOpwSAQdAfbM1hcnq8bx0Xj381fe9RlIkoDn1cE92lKEcRW68pUsw + nlZZP9u3mV1jOPNfUa7OzfLiP2sxn7VbIxV4M+phtTN9YJBCntrQYaesBcrlHQIW + 0l4BWWCNMiQMwq1odtbqSfQaSLxpZP+QPzE/eEuoowrmnRWZOC6NZP6i02o3r77r + yFVjOmpy40VX+Jhy6FD6qQORj0+3r5+ezSg29R8JlHR0App0CtStkBS5a3SukE41 + =QUtk -----END PGP MESSAGE----- fp: 321EFA52CF155E9FD646279E0FB0CA11985EB5F6 unencrypted_suffix: _unencrypted
diff --git a/secrets/morio.yaml b/secrets/morio.yaml @@ -13,7 +13,7 @@ resticPasswords: grapevine: ENC[AES256_GCM,data:ElNtJC2elPstqJ1vTJRJpNr0OyhTuTxCulh22qq459c=,iv:sgQCekPMcnyFzir/fISJAQZvV91e+43z9D9xShAz4Pg=,tag:LVjr6ZxFO9VmPXZWtz20Uw==,type:str] vaultwarden: ENC[AES256_GCM,data:MmXXWit37MC4dpJG1654IpxfRdw0b+2mpfu7K80ZTRQ=,iv:4wRi3ovrLrzCkUjiGpEpWWPSDkHUdpI82joofhoIP8U=,tag:zgTTK+h/vqLmxCNNtfrxwg==,type:str] things: ENC[AES256_GCM,data:9jjtqiUHwtCJKF1Mfg5bNZQhGHDFNZlAm04umn0SqnM=,iv:5sx+9tOTX/GHk7KwEZo1r4vJVX8LTe7clNsjxIhRAYw=,tag:D5b7/H4CWCCnAmTPPyCMyg==,type:str] -knotKeys: ENC[AES256_GCM,data:rlTFDvonfEQFST1eSHHcaG3e1CSt5paDUTvfoYmInBV7mjqe7PwT5dtg01W2ANZJYl+SN/cdI3eEvAdJvwYR6FK+7g1LPwn6G1coE68a/XwzsWM5WpSemmDfTykoUiguEUfRCZ0Q3M7YqV0/jDWrKMaH0iKqKqvlv7nEy6VXB5SZBX+aN18KvPVygw5FixQ/kD3XFI2HTTST4vqlMma3CTsjnK6Uwf1421JOIe3JR32qd0V7IfhFvL0mErMIRhLnITO9uJ//t1HJoeaOV7FEY4K6Ohacng1c68fkUjVX5wYBTd6X657nFqevvLiMRDiQnASOJrAJUAeq4Kwf5R7C/I/MeVh+1Hq/U+z4ZQKh/DViEE8+TkJwDMBAWarzlyOz7xDF8O+fj4iH5jTX8H3FmJLU/TVU0QXqnwjcAAVs/YNARNVt0wGdWTb9iyvD7vEIZE57wIp+TIGE8XFjOO11/DRC/0kC8HFkvoXke9IRrTIj1pCP1VIrv31v7aIyphWa5hBuBHfVb0f8g5eaqyKumM03Rge+Fo+jtM/NP7H2gao6uaZM/K4a625nVx+M1lUpW+1c0sIAME2SlDjSyuhTkMknOPGAAYXMwVQGazoOJna6sEBl6jYcgn31w3dHtJXGKyAB0eqELxjt5b0tzcBfJ4pXi7HO7w2yhKrqyL7GuE5LtLp5mkguC5eZbiX+VlGTLX6V2z1kDRUdYDDZMMh3cYGBIrGVoJhWx8xLWrLGm7TrvifiwYJq5Mq13tt2hS7HpY8T8YGBD2x3IdPAHtikZUYgv5cQxs7drSJi8zFQAwDUKofxhJQUvqrnmvNf+eiGkfgI7lQ0//NLg9o4t+5g+T3mV8IUkW4nbJsP46k6azQGBt3udYAVhgrFy/jTE++KrA==,iv:+5NBUUC1QhPjN+6E8nWhzd2SNuH9mLbhsFwDTm8Hy+U=,tag:RtSO5Rmb0wNR9ovtpwJIIg==,type:str] +knotKeys: ENC[AES256_GCM,data:dHctggySqTqOxR9knCXbqYfvHRWOoKtoAUUev+rLHuDcTPyhS+cBHMhxxuRInpV7dkSdW/uY3TNkwpdwwPyRDDuBmQRCmPUmBDDYdPG1MmtoV6SwpQYSS3eDTqQ+CPOPSltwLp/OVTcgxGNx30WoLP0JFOr1HrJVInJKRk40MN+d3KmelbYiHMRJCL08u6fpSl1CRokZ9XYXpjRv04LydVcFMMCLz7mLbrTjBrCWCcqQTG2bV8q/4mwswGxjaB+r8GKjHcJhoo+C3te7E3J9CWS0R02lkTfvI2vE1nzMlJejhhs2mBbHL6xYdf6/ZhaGlA7xSTUdG6ra4kYcI8MZ2PlYfdksNLsP3gyHGIataPExpoVZLY6ZVwMucA5ZLJ34km8sgKcTCFdDo1+mEmupJW+U8kUynTYgJFtKlY3Gd2nK2l9Lt11tLgy8WxAptoQqimaTtpBKufnOLpe+SJIlzkGOdru25qDfpJALqp3gdBcKC8/JZKAX2a80gMsXVJqUXHr0RsogK0ncFqVCLWTCMP6k2tv6e8A3GxMofLiNiYevTWvBotBoX9i5o2uhfRP4fC2NIboFgOvD5hsCH1smhF7CdMHnsyqbJ8dk0iSN0DH9ma/R7Kk3bkCdFKCG37Hoob8eeanQliU+FeKw0MpYh+LabtD4Opk4Ki6hVk1BHANieKKB9lmyzGjG17uMC957evmY4wllqhxg6m1v2dj/iDIDfhkAZlsjHB2rpMqCPDLBmSkYsj8ApbYZBtIG5JBBrX5elPZKHlmtrHYHPag/oCfwEC9jFbrJewIGjBw2LBxzptrewYAd7mkLKAB5uhYzip8psg7EY2IxLjJ8PtB1c4I7QUCpAY30hcYG+dLtumG1aHsAXlg+Wk9gT2EsCqFPhM2AlSRckAQP+5+vh6793Hx7bwbvk29cYWtWz5X9HQHIY2i9RWyVwoRC2fa/06bM7HGwkxov4ENZwxFdmAL/Gt+6M9L9hNsYKrcLu7J+jgiIA2kRdFJRJC6azXBIvKUUfcpM3Gi7HAojqVmFmGRLR86dnb4BSiFccxDkRY1dwQ+YGIjfRI5WDQ==,iv:i++v4zS98QN3hgZWA1w2DsWqiFwkwxiJFK8QcG74E+I=,tag:0VPmFm2WcAo6sUXCpYpbEg==,type:str] radicaleUsers: ENC[AES256_GCM,data:kH5XW/Gr2xMJWm68unKtZ+L19S74gOf1YXw5QtPcBnp8jJrQsc3mHX5GPOJafuNa23Tnt9BHTFmuO3e5bEzhBcVm8GdoMR/Wz4B0y0W5,iv:Frc4ukXwdWZuWNgauLUyz4ErFKFUvoYoTMN9eZNWAGg=,tag:PLVaetT3syVGR4Ox3AYhUA==,type:str] gotosocialEnv: ENC[AES256_GCM,data:5hvURqX+EqN8zpjirBmh5TIWWgaCga9QxnAfyW1rwOXELnM9ZBJAmqwLdxUa2j2DGrXsqw==,iv:nhVyiAoOJY0HtjB13FnmnQyLB+BWSRwDVrwUiFHBrE4=,tag:P207zPou7yXJKJBf+pxlHg==,type:str] environments: @@ -33,8 +33,8 @@ sops: bDRhUEtDdmlZa0ZENFhSVnNqVjFCR1UKEIkSg3tKFkwlnNXFFqCBtdZBGz1bEmWl wghkTtqTl++759zZAAmjdnFFQWs/AoCZ5g/GUidz6HHcFdxMpGVmiA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-05-27T13:41:11Z" - mac: ENC[AES256_GCM,data:1ixAYQynSIRCfYlnKXmjEvnIUYG+dscSH41xO3WEaKxiZVqguFCWe492IUREkQkr4TXHOresLjoFnq09Pc4T1ns18LT3v14decm14gJoTlXEIteZj2PzCvf95kvxSDksVR68W5IpSBXLHLmI/ptc1S0h9kRRjWeh/Nf6wGksI1A=,iv:MujhHj3ywnac4CIO1N1IH7uGrEiVqXo3g0hAVWsGOKI=,tag:g0y+BaF3S1RCBoR5RRWtMQ==,type:str] + lastmodified: "2025-05-29T11:52:25Z" + mac: ENC[AES256_GCM,data:i9ARtGGCL+ojO4FAoMMyRE5atlEX+n2QOuNn7/YIMV60cuaxYZOXFSCme0PkgD5MfrVba/ZQmcdU3WIF2oJY/PsOnFay3fDOF6laPtbmri9rN+njByzD9XHM96ByXr5vgmzMF0xQHyuF5gTCv1Aj6LvoWFOWQDYHoy/4bD+eacI=,iv:cUnG7EQibVtZdGRyafS3qPoTu04OE+bs16xkPuI7bKA=,tag:BDt1UsvvCmRZ8hlE8Mk/3Q==,type:str] pgp: - created_at: "2025-05-21T08:09:28Z" enc: |-
diff --git a/secrets/polaris.yaml b/secrets/polaris.yaml @@ -0,0 +1,40 @@ +acmeTSIGKey: ENC[AES256_GCM,data:qDk3XM2ZqPqdAbGTkLO1x/ZYK3JNcJxQReYSFz+2Mcpr4B8zeM5Clv2DYZds4g2MhRZngx3zCTabYK/NI3SXlA==,iv:oAP9NmLpI/5dbVjUT0Swyv5ARheY7SYi21+Bbhn6jLQ=,tag:lqjWTXma3Zs6BDu7iVaLSw==,type:str] +wireguardPrivKey: ENC[AES256_GCM,data:R8JIxdwu+SjhT5n4ab582jnZ3Ed27FVKk999mrIWNwtF1FsMR7XcBoSpbag=,iv:h/GOtJO7hFe2BYqzfwJ5mpLUUzq1eoEJsd2iDRQDv04=,tag:QS/52ZI260xH3a9Md0r2RA==,type:str] +environments: + pppd: ENC[AES256_GCM,data:ajmyLnfZQej+SN4Bhihupo7IANxTBx8HstT+KoO8pwcQwpwQBpTYUKVOEDZYpPwrRBEbF7wzZ9Col+UGzymHSUB5,iv:I0aHwKhZSC7qOOk382XMttJI+fl1pWfPmU5IcGAqR/w=,tag:xUx49Aw51a3JF4mUvxplxw==,type:str] +sops: + age: + - recipient: age1x038e3tmhkuddn3ez9hcf80ehs0mvgfucxmnynrfzgccask4vu6sqlmr8v + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArRTl6SWZiREp1M2dhd3R0 + Q3FSUFN2NlBpcFkxU1MyL3VkaElabCt6ZHljCi92SDQ0Q0w0OWh3cnEwQ0xrR0Ry + L3ZwRksxRjcvUmMvMmZCRC9GWHFPUDgKLS0tIGF5MHNNdnhTT0llV3F6dTloVWtM + ektXa2ZUZFlNWEZyOURsSHB3WUs1eTgK3AdiBxPM5DAWJ3qlA8P7NAMgvlngxuIm + jno7otlT8WpEuugJ2LAwNDXCsqoyntoncDa5jHXHKjsQsyW+fQlb3w== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-05-29T12:52:44Z" + mac: ENC[AES256_GCM,data:TecAq7hRccJ4PLMXKFZmXuNQekjAzx1R0o7QLyfps8yZ35bf3zpdRc5aIOpFo4PJYjTRoTjUtfJ0DiVqmlAuxwJj+aLU+J8kCJdrNLSvrxyRac0l8f/YU7h2USpyOPWKE731HBfv2HoAqezZrE8z6vN+mlwpylIfxzd0+1qUuoY=,iv:yusXC2te+SKTQyrgVe1bI98RLRH9jlKMK8y54TzxHp8=,tag:e5nMVDlKHE5AkkDejKO5sQ==,type:str] + pgp: + - created_at: "2025-05-29T11:46:02Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMAzmqVs6bjEjqARAAtvI2LgewFjVvUDqM5//2edZQCb6dO4OQ9D5IeHQNyrv+ + ULyTx75eh6+7A0+OvqR5/a6sCk8NxijVsVsTiZzgW8AGv2rBA/j1gzLf0j6DVv4V + RGoUs4FZ3H72lfalKzJZqZmI8HzG50qnh5IO7ozGALyXtG8AdJT/T+6HXL7a5nLq + VRdwc/8+GLdqJ4T2aJgtY310wlHgueju4x2ElC73V7pgsbR3KmrAvHspGgk3VnGh + p6EpxxPBnUta4MGw607as72mm4EL3YBahbENxPnMv2SQC0PTibk8hobPsi5VBVsl + 8u5ie6EotgazGbJG/iA1Vmnvrel7+uWndrLrWu4fcec0OJ1fplE6B2u6dCDx9okE + AU+WSUJJnefMQ+Ky+FuMqqnLpkcYt4VSCH53BDMyesrzJTSJxeX0F7PpuWpvNi3P + XfjXd5qNnEoI1yb8iJ4Qxwp8ME5UeSUG+7NYVvRdswxyK61eEpmYzHwzsI6vWeqe + eZWpczpZo+j/qsYEzrTWScXAFp8LebF9B2BR4af5fSbFC7VKsGbhR3ErF9jsgacu + nO/KqcKp1y2WSkznmn7MP0Ebg+8YTVEu4jXyCfrhS68QApbX8TuIhvbC0gak8AS7 + 6rwumkrSAatysP2NNQHj09M2knjDj0M3aXbKq3RqGQ81VIHbyf1KxpLw9n9D5OXS + XgEBJ97+Ev5UgbvUFtERe8CmV8Fh99JrlPxN8HA9bHhFuNRCactazpufi6nqyl8i + fwgLxYkknP2bxqmyi/ezCIbnhrqLh6ESmw1fgcH/W2cl3VJ1RRqflFaFtrIHVMI= + =FuNe + -----END PGP MESSAGE----- + fp: 9D7CACD7039E5AD616FD25879F935DB630A167E7 + unencrypted_suffix: _unencrypted + version: 3.10.2