clara/nix-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: clara:0ac3bbfbe20df09c8f31eab792d2d32819cb1d94
Branches Tags
clara:master
...
compare: clara:9bec44c636ad72be9b18387f3a1d4126d0423785
Branches Tags
clara:master

10 commits
0ac3bbfbe2 ... 9bec44c636

Author SHA1 Message Date
Clara Dautermann
9bec44c636
set up forgejo ports for ssh correctly 2025-04-18 08:57:00 +02:00
Clara Dautermann
7693a3ccc0
temporarily deploy forgejo 2025-04-17 19:23:49 +02:00
Clara Dautermann
f51a453c14
motd 2025-04-15 19:07:27 +02:00
Clara Dautermann
b521cb1e72
sops for initial user password 2025-04-15 19:01:08 +02:00
Clara Dautermann
84072ee09b
added zammad server 2025-04-15 18:52:51 +02:00
Clara Dautermann
13a9c9f13e
configure Password via Colmena 2025-04-15 18:49:03 +02:00
Clara Dautermann
05a89fe0f2
flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/6607cf789e541e7873d40d3a8f7815ea92204f32?narHash=sha256-cPfs8qMccim2RBgtKGF%2Bx9IBCduRvd/N5F4nYpU0TVE%3D' (2025-03-13)
  → 'github:NixOS/nixpkgs/2631b0b7abcea6e640ce31cd78ea58910d31e650?narHash=sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR%2BXhw3kr/3Xd0GPTM%3D' (2025-04-12)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/69d5a5a4635c27dae5a742f36108beccc506c1ba?narHash=sha256-SR6%2BqjkPjGQG%2B8eM4dCcVtss8r9bre/LAxFMPJpaZeU%3D' (2025-04-08)
  → 'github:Mic92/sops-nix/61154300d945f0b147b30d24ddcafa159148026a?narHash=sha256-pXyanHLUzLNd3MX9vsWG%2B6Z2hTU8niyphWstYEP3/GU%3D' (2025-04-14)
• Updated input 'sops-nix/nixpkgs':
    'github:NixOS/nixpkgs/2bfc080955153be0be56724be6fa5477b4eefabb?narHash=sha256-y7Hg5lwWhEOgflEHRfzSH96BOt26LaYfrYWzZ%2BVoVdg%3D' (2025-04-03)
  → 'github:NixOS/nixpkgs/f6db44a8daa59c40ae41ba6e5823ec77fe0d2124?narHash=sha256-QAd1L37eU7ktL2WeLLLTmI6P9moz9%2Ba/ONO8qNBYJgM%3D' (2025-04-12)
 2025-04-15 08:44:52 +02:00
Clara Dautermann
30156bad33
sops-nix setup 2025-04-15 08:43:01 +02:00
Clara Dautermann
d51709f0cd
added sops-nix 2025-04-14 14:09:10 +02:00
Clara Dautermann
df35107001 zammad setup 2025-04-08 19:06:54 +02:00
13 changed files with 247 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1 +0,0 @@
secrets/

19
.sops.yaml Normal file
View file

@ -0,0 +1,19 @@
keys:
# People
- &clara 58EF8D71114EF548DEE3320DE6F04916B6EEBD83
# Servers
- &wireguard age12d8mxwnt0a7gl4uu0uwdqaxuqdf5j7zm50qy5qrhj0kd4ny7luaqv7rj4e
- &mcserver age1v98yggaarelrp7z8rljzpf3gm70up4q8460trejmptdpv7gjucrqssjz9h
- &zammad age14ukkn4plvnjacvjux929qwpeynxk4cfxw285vlwddqakm43kfyysfdg02c
- &forgejo age1vd33efsea2509hm0dwmhkuu7mm2kgw6tsss6lmzsqfg7gat06qyqys3qfh
creation_rules:
- path_regex: secrets\/all\/*
key_groups:
- pgp: [*clara]
age: [*wireguard, *mcserver, *zammad, *forgejo]
- path_regex: secrets\/wireguard\/*
key_groups:
- pgp: [*clara]
age: [*wireguard]

29
configs/container_config.nix
View file

@ -1,5 +1,17 @@
{ modulesPath, pkgs, lib, ... }: { { modulesPath, pkgs, lib, inputs, config, ... }: {
imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ]; imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
inputs.sops-nix.nixosModules.sops
];
# set up secret key
sops = {
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
defaultSopsFile = ../secrets/all/secrets.yaml;
secrets.initial_password_clara = {
neededForUsers = true;
};
};
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
@ -22,11 +34,20 @@
# default user with sudo # default user with sudo
users.users.clara = { users.users.clara = {
isNormalUser = true; isNormalUser = true;
initialPassword = "123456"; hashedPasswordFile = config.sops.secrets.initial_password_clara.path;
extraGroups = [ "sudo" "wheel" ]; extraGroups = [ "sudo" "wheel" ];
shell = pkgs.zsh; shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC45xdNbidyqMV7CFxhObUFSuKKjDTE1+wCJFX8GC5uoV/dYmzNKxG5l8oMEQn6wVrWvOYNbuy4hsOxhBoVa9Y7YlgGZaStKPkjerafi4YUvQ5U2f5oztConmD1EHASOalDviHt+5HevokQDtZimx2sUYgz5lN/DtYzgsNgFueUt96iQEQ7zUDtSC5BiZ13lasyNcVQK1XuP9aqeoa11ce2CcDg3LMJ5tXn+yxRlN9v5R1Mkt028mqwLr8d/uAUbcgUo7j+ommrXoK6+/3n2SoAiTIp3UZPMOjMEMQUuSVBAjhycVoMM1hzGSoUsfXk0GZTDZQdvIBrjsIyysdsEtNWiu51F9OnX07YqEh9KEX1i7KK7U30MAl172Nf85egP/oRRUmZOm9JPEW8rlTbnQYSGvtDsFEcwzfvZODQW+Knb/n02RkHTyXVRgTkEdhavgSnSXeTJB8zn+OVpwYj1EQ1v+x9H9DDALAWj3ac61WAKk+SAa/1WjQNDt+bFQ/ehxkMTeLnaak+fWJO/pqwSrevJtlCC+5FbzSwlLOiqevOg97ciu1ESeYPYnTwU0rFSAh4ZEP7CbSg2vmniZNF3kbeZrw3a5ZlnFU29cPs0b5t8A3txGFQi1W1zK2Y2oFZqcm7u+WntH9Aq69g1vEPWT7yH4kK1Y5HumpPsP1II38evw== cardno:11_075_348"
];
}; };
users.motd = ''
##################################
Logged in to: ${config.networking.hostName}
##################################
'';
# localization stuff # localization stuff
console.keyMap = "de"; console.keyMap = "de";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
@ -45,7 +66,7 @@
# Enable networking # Enable networking
networking = { networking = {
networkmanager.enable = true; networkmanager.enable = true;
# configure firewall # configure firewall
firewall = { firewall = {
enable = true; enable = true;

19
configs/containers/forgejo_container.nix Normal file
View file

@ -0,0 +1,19 @@
{ lib, pkgs, config, ... }: {
deployment = {
targetHost = "192.168.178.60";
targetPort = 22;
targetUser = "root";
};
networking.hostName = "forgejo";
networking.interfaces.wgbr.ipv4.addresses = [
{
address = "10.8.1.4";
prefixLength = 24;
}
];
imports = [
../container_config.nix
../services/forgejo.nix
];
}

3
configs/containers/zammad_container.nix
View file

@ -1,6 +1,6 @@
{ lib, pkgs, config, ... }: { { lib, pkgs, config, ... }: {
deployment = { deployment = {
targetHost = "192.168.178.50"; targetHost = "192.168.178.58";
targetPort = 22; targetPort = 22;
targetUser = "root"; targetUser = "root";
}; };
@ -13,5 +13,6 @@
]; ];
imports = [ imports = [
../container_config.nix ../container_config.nix
../services/zammad.nix
]; ];
} }

10
configs/services/forgejo.nix
View file

@ -1,7 +1,9 @@
{ lib, pkgs, config, ... }: { lib, pkgs, config, ... }:
let let
dbname = "forgejo"; dbname = "forgejo";
ssh_port = 2000; ssh_port = 2225;
http_port = 3000;
domain = "new.git.cdaut.de";
in in
{ {
@ -15,8 +17,10 @@ in
settings = { settings = {
server = { server = {
DOMAIN = "192.168.178.50"; ROOT_URL = "https://${domain}";
DOMAIN = domain;
SSH_PORT = ssh_port; SSH_PORT = ssh_port;
HTTP_PORT = http_port;
# important because otherwise ssh doesn't seem to work… # important because otherwise ssh doesn't seem to work…
START_SSH_SERVER = true; START_SSH_SERVER = true;
BUILTIN_SSH_SERVER_USER = "git"; BUILTIN_SSH_SERVER_USER = "git";
@ -37,6 +41,6 @@ in
ensureDatabases = [ dbname ]; ensureDatabases = [ dbname ];
}; };
networking.firewall.allowedTCPPorts = [ 3000 ssh_port ]; networking.firewall.allowedTCPPorts = [ http_port ssh_port ];
} }

8
configs/services/vaultwarden.nix
View file

@ -10,8 +10,8 @@ in
ROCKET_ADDRESS = "192.168.178.51"; ROCKET_ADDRESS = "192.168.178.51";
DOMAIN = "http://192.168.178.51"; DOMAIN = "http://192.168.178.51";
ROCKET_PORT = port; ROCKET_PORT = port;
ADMIN_TOKEN = ADMIN_TOKEN =
};
}; };
}; networking.firewall.allowedTCPPorts = [ port ];
networking.firewall.allowedTCPPorts = [ port ]; }
}

13
configs/services/wireguard.nix
View file

@ -5,6 +5,15 @@ in {
"net.ipv4.ip_forward" = lib.mkDefault true; "net.ipv4.ip_forward" = lib.mkDefault true;
"net.ipv6.conf.all.forwarding" = lib.mkDefault true; "net.ipv6.conf.all.forwarding" = lib.mkDefault true;
}; };
# set up secret key
sops = {
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
secrets.wg_private_key = {
sopsFile = ../../secrets/wireguard/secrets.yaml;
};
};
networking = { networking = {
firewall.allowedUDPPorts = [ wg_port ]; firewall.allowedUDPPorts = [ wg_port ];
firewall.rejectPackets = true; firewall.rejectPackets = true;
@ -25,8 +34,8 @@ in {
address = [ "10.8.1.1/16" ]; address = [ "10.8.1.1/16" ];
listenPort = wg_port; # to match firewall allowedUDPPorts (without this wg uses random port numbers) listenPort = wg_port; # to match firewall allowedUDPPorts (without this wg uses random port numbers)
# Path to the private key file. # Path to the private key file (see sops).
privateKeyFile = "/root/privkey"; privateKeyFile = "/run/secrets/wg_private_key";
peers = [ peers = [
# For a client configuration, one peer entry for the server will suffice. # For a client configuration, one peer entry for the server will suffice.

15
configs/services/zammad.nix Normal file
View file

@ -0,0 +1,15 @@
{ lib, pkgs, config, ... }: {
services.zammad = {
enable = true;
openPorts = true;
host = "10.8.1.3";
database.createLocally = true;
redis.createLocally = true;
};
networking.firewall.allowedTCPPorts = [
config.services.zammad.port
config.services.zammad.websocketPort
];
}

43
flake.lock generated
View file

@ -2,11 +2,11 @@
"nodes": { "nodes": {
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1741851582, "lastModified": 1744463964,
"narHash": "sha256-cPfs8qMccim2RBgtKGF+x9IBCduRvd/N5F4nYpU0TVE=", "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "6607cf789e541e7873d40d3a8f7815ea92204f32", "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -16,9 +16,44 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": {
"locked": {
"lastModified": 1744502386,
"narHash": "sha256-QAd1L37eU7ktL2WeLLLTmI6P9moz9+a/ONO8qNBYJgM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f6db44a8daa59c40ae41ba6e5823ec77fe0d2124",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs",
"sops-nix": "sops-nix"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1744669848,
"narHash": "sha256-pXyanHLUzLNd3MX9vsWG+6Z2hTU8niyphWstYEP3/GU=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "61154300d945f0b147b30d24ddcafa159148026a",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
} }
} }
}, },

6
flake.nix
View file

@ -1,13 +1,15 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
sops-nix.url = "github:Mic92/sops-nix";
}; };
outputs = { nixpkgs, ... }: { outputs = { nixpkgs, sops-nix, ... } @ inputs: {
colmena = { colmena = {
meta = { meta = {
nixpkgs = import nixpkgs { nixpkgs = import nixpkgs {
system = "x86_64-linux"; system = "x86_64-linux";
}; };
specialArgs = { inherit inputs; };
}; };
mcserver = import ./configs/containers/mc_container.nix; mcserver = import ./configs/containers/mc_container.nix;
@ -15,6 +17,8 @@
wireguard = import ./configs/containers/wg_container.nix; wireguard = import ./configs/containers/wg_container.nix;
zammad = import ./configs/containers/zammad_container.nix; zammad = import ./configs/containers/zammad_container.nix;
forgejo = import ./configs/containers/forgejo_container.nix;
}; };
}; };
} }

64
secrets/all/secrets.yaml Normal file
View file

@ -0,0 +1,64 @@
initial_password_clara: ENC[AES256_GCM,data:ux8zKQbsw52SDMjX4wyXFp445vbCV4eFdvAJNzYSb3YMxbVWlBTV3KaEFYW0dKFwUvvserHPfyXmFgXJJ5Lx+D+49b8s8mVZqwVs,iv:2c8I40749+bXnwHJ2Gnjkv8a/AtV1P30sCE113jZcH4=,tag:b8kmLLZ80lytRH4dAl6tpg==,type:str]
sops:
age:
- recipient: age12d8mxwnt0a7gl4uu0uwdqaxuqdf5j7zm50qy5qrhj0kd4ny7luaqv7rj4e
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAweHFOQWNaTGxLTTVNWlpw
UUdZYklScktnL3QvM0xLMTkrTmpYTG1ocXdzCnlPNVdkQ1FwZ21wUlhiOXpCSmV2
R0Q4RGlTNWRybTFRU1ZnK3VEU0NWUVkKLS0tIGFNRzVDMnkvRXhLTzMwVEpONGFr
RGFIVDZyL0dSTWNDMDZEWEJIamxRMDgKBeRdsbub+XhYKyCkpo9x1yXXqha7PP/s
/nzUyMNqDB7Fh5K9xY2BRxwpxIKYWpzFPjybt5mHL1NxbYheGle5hA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1v98yggaarelrp7z8rljzpf3gm70up4q8460trejmptdpv7gjucrqssjz9h
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzaWxRVVd3bU84bGwrZk5F
blgyRnd3MmdSdGtaWHdnVVVIeUs5dGNkVDJVCmo1MU9PeVRrNEZzcHhKUVk1OXlG
MDNCRCtCOERnQmtmUmt4YXlWTVl1dmcKLS0tIGZiYnlveWlKd2VZaVhNaUtlWlVK
UXkzL3k4YW5ESGRza0hURC9wR0o3RGMKsvc9zCQ323d/eSP9vVDiYTNgZrNmVvfE
+GfDEc/4+OpG+RRmMrXvlvCYRof56ywWZJr9tpAlunZ/t8vHRCUJow==
-----END AGE ENCRYPTED FILE-----
- recipient: age14ukkn4plvnjacvjux929qwpeynxk4cfxw285vlwddqakm43kfyysfdg02c
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0YjhORkRmWk9pOVV6cUpo
RVRpNmhzWS9pZDMxTXViMDFLSVNYR1F5NkZZCnFCb0Q3QjMzNk5WVkM3K1JYYjJ4
c1VER25FVUtyWHFpcVpKdUJ0YlhSTEEKLS0tIEF6a1dJY2JmelQyVzd4Mk9SK0R2
WFZHdVZiMVdaNHFhTVZGMzdYRTl3ZU0K6yMpKKXKIaYHxR1cAHam7jogZShH5xsK
c43sMBz/WxHjvmI9TCNyxnkvgwC6kJUpV9vABduJg2INjkLltjNc/Q==
-----END AGE ENCRYPTED FILE-----
- recipient: age1vd33efsea2509hm0dwmhkuu7mm2kgw6tsss6lmzsqfg7gat06qyqys3qfh
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPelBOdktOV3Naa1ZWdlFv
N1c1clFsZTlkbVlpYU81L3Y3L2UxTTJMaUdNCnJYd3Y0YWpRNTRsTkt4Q0ppblVB
K01HSzgvQ1lIaUNSR2lJZWY4NG1tL28KLS0tIGVjZ0svVlFrK1h1NFViVmV0bk5Q
MW5ZTWQwZy9iQnFNL2dRalM3VSswVkEKcE2M6Ph8d+7BafgjlARITRbxivOajQ3H
7evjNzFDqga/AZ1rLG+5anuD2giAKVZGok10NvDroCKkobUpsXd6jQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-17T14:15:59Z"
mac: ENC[AES256_GCM,data:QBoeoWS2eoUjbXm40OLk8vxpdZRUkLgVLPQ6AX9JaYVLl4+reefFw269yngF2ZATBniuYLBHNhkSjOYttC+J7M2Zt8cQhhj4G2TFt7JkYHQRtkbuoa9ZiP3Oi3Jaj6z0w3cHsyMT+fBBdr02winxf8QggYHGmvcK8QXoayccyl8=,iv:lG94yszjtq1tDYrNM+xt5ehdrNYO6M+oqZg/Qg/cO4g=,tag:K3Cr7DySQ02fgHOaVtYmDA==,type:str]
pgp:
- created_at: "2025-04-17T14:15:33Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAzwtBoBqH5ZOAQ/9Gx1uySXuafWQT/xz2b4yY37t3ZKE5SE4LxKoyOPXRhWR
yVISxG9MBrYeDe7DR4QYJ5KVpKUui/TMKv5+SFiDvlxgQdWVA2PZ2KXgGK0KDDEk
cOn3YNGLHpZL4ZHwAlbgeNWFjT/A99logCnv7D4VocAX9k+AMSh5ZQqI5HLmBHfO
ZQOugRfGDI28D/iH/8LUXoK+l6VDX3CLt0xfQmNN81q2IQzb2NK9GZvj5qyILR3c
MMzGDMU1pw0OWCZWZDRCE5YA71mrvflGOQPo3/JPsVg1Qr8l6TbGjbFwKlYUgGDU
JTSsZ1ATKjzbWg7KSdrBgztWHcSDdrCW1yytUh9uoJks2UHGdfb060k9DH99IYXk
+u5DutiPqiz8xwn5YHetO3SaJjJA9uIODQ+Em7ElZ+XbY81NIlhbdT8DZKdDHmOx
ozFIs5r1glRaojo8Yc9fym0j8cZ6Dr6rkD+nbgwzRCuUucuzOILIPrutdUSgdpbp
LnK8ScJnOBsF3AhKuOB4Qhnb6Q0ooT8Zt+R2uDdezfACFMa6nW95MP4sPYPqy7ee
ZGuWOaMGQ1Cn9Ck3nBCn8hROzHwp9pv56mqVIKu+oWCGsFm9GUZ5XFvZxez6Kq//
SVhH/qbV3RElBj/Q8u4Xcbl3ZNnHbMhvi/Xe2Ji64orZkzjHrsViB6KXR6uzY/7S
XAF4UTbjzSVkqbZ+IKQbkhoM62YQpT1bOgMk9djNFilauKRqD5x3eKTyuooOnMGh
jVjxulE755eSO6qvATN/P7OIXzaPKI+HSPcdm0WH8ZXVTXrZjkeO7D7gCfh/
=qTot
-----END PGP MESSAGE-----
fp: 58EF8D71114EF548DEE3320DE6F04916B6EEBD83
unencrypted_suffix: _unencrypted
version: 3.10.1

37
secrets/wireguard/secrets.yaml Normal file
View file

@ -0,0 +1,37 @@
wg_private_key: ENC[AES256_GCM,data:51eBmT70Y0dMcTs/tIZrLpPoXsC7YBcbKLl5UPnRp7iEw+ZSpSnrSrKI/uQ=,iv:ULxRzi1bv74WINeDtcw0LrSuquQfQuZTYz+n2eH1nCk=,tag:79oVQvpnYHihdQZviiClvg==,type:str]
sops:
age:
- recipient: age12d8mxwnt0a7gl4uu0uwdqaxuqdf5j7zm50qy5qrhj0kd4ny7luaqv7rj4e
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNaUM0RHNTck5PMWtWcnh6
R2dpSElSUjhheWZCazBDL2VtcXNLL2VCOW5RCmZIVVNkbi9hWnpMcjFGMldrWjVC
alhIMmZLZWVGam9Ld1ZIdjNvcm4xbGcKLS0tIEtYQ2RDWWtNSlpibmJXZHRQdlVD
ZFhFdHpSbkFSaTc2VmUyeHUwalZCVUUKNMDMcyrV2J2zhX/m6W5pIzp5YoQlPdKY
0QA7RYTQQIBuu0C19+E3VlpU0eMHupsTpqTHMA6RNSwY3wyyV10hrA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-04-15T06:32:59Z"
mac: ENC[AES256_GCM,data:tJpQdvPndAmv9AG81vYlD7Bgf+/np2uOBZ4AjgBJc3D9l80Rb+BVS5DPjFpVhOiIxe5vrKDKfiYAe2Ke6x5F9bE6vIC7CA5pN2oAQ/h5K4wwyCrjCSPMqkjv3KB+a2EFKeX2JRHeGfz+RMMYjnk8lhG9DdxZT9q1T9TyKdFchbc=,iv:bY/hNb3QvCKC0bmtCWZeb4cNgbXNCAWcFhAuKQI4WPM=,tag:3MJGVP4aLuFrZ46rwOS0EA==,type:str]
pgp:
- created_at: "2025-04-15T06:28:27Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMAzwtBoBqH5ZOAQ//cOhooxvYdj++jbDDcv6w70gh3K62r5AcBf5iEXgtbHcZ
Ag0qQpGxb6dySyys/++//fRizVTokQUd+zFHMX8ppMri7JHlw0ioX7GvUAwlW2jE
6nibHvbJFYEJ2xIunGHJwJ98ryPp65qdP0wCyMsdzCc+UOzgKeeyi3NccYbQXYCK
0aQ0VnDHh0OF1B9vLbBCSaCfZstTCG8ADnK6FzANipoMoU8KytFdUqjj3zZxNwfx
9lgZocFoNm7Kx4Uv5r0DXKrJe56q0UJPFMkDnPoRp8YRU9h7tt2yUvBL9lJyIoFy
D/eKIPokM4CjeqByecDfsRTlmmFLRPPoLXHWklcJFkmapfW/c3jmsUhZwq8WAaSa
LxtFkesveyXhn/xuL6uWWTtmGdmwk4gJ0QIDDlDhGrrkuHSgRqb+2wI90pIggmHS
tZvsSfT16FOWuWgO5Fx+PQqNLT2vvMnsVxFkWeNdvpQ1sBd3BPZiwE48pVaTNQwH
2NNYY4gZPxKFPsj1CesPVa8x2jskguYMZ8Mo4O3GSn77jKbaj+GtrBSy+TE2dSJ7
k7LEuqtnmGBE1JrsEeXXWmVAnY3mWcaTKmljFOSBOT9/jJPUATTbuB0CCIdlsxlB
O3egc9x5VRgYshBnznw/IipLFUGBD0idUFwch+ijPyLk3efhFDXuvId22IPfmjDS
XgH83/dkii+PTK0tNdtaeIx8zEtamRlS8UYSE8f/Oko78X2O7Vy/wRpdAgs9RslB
VP1Ti9J3yFvo6mhFZg4Mm//WFa8dsMbphjoKKAqrHP0Qa4Z2O5GJvUMkKC0Gy1s=
=pswU
-----END PGP MESSAGE-----
fp: 58EF8D71114EF548DEE3320DE6F04916B6EEBD83
unencrypted_suffix: _unencrypted
version: 3.10.1