home

My NixOS systems configurations.
Log | Files | Refs | LICENSE

commit 088f15080e7c3f4db1362368b0c6961a3e09866b
parent d5a30f7debbf532ecd8bc7ee767727bd102a90ca
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Tue, 26 Apr 2022 15:17:53 +0200

Merge branch 'flake'

Diffstat:
M.envrc | 2+-
M.sops.yaml | 8++++++++
MREADME.org | 15+++++++++++----
Adocs/moving-home-to-nix-flakes.org | 34++++++++++++++++++++++++++++++++++
Aflake.lock | 457+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Aflake.nix | 276+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Dhome.nix | 24------------------------
Anix/modules/default.nix | 2++
Anix/overlays/default.nix | 14++++++++++++++
Dnix/shells/cargo.nix | 21---------------------
Msecrets/builder.yaml | 291++++++++++++++++++++++++++++++++++++++++++-------------------------------------
Msecrets/desktops/gmailctl.yaml | 7++++---
Msecrets/desktops/redhat.yaml | 7++++---
Asecrets/keys/hosts/shikoku.asc | 29+++++++++++++++++++++++++++++
Msecrets/secrets.yaml | 291++++++++++++++++++++++++++++++++++++++++++-------------------------------------
Msystems/hardware/lenovo-p1.nix | 10+++++-----
Msystems/hardware/lenovo-p50.nix | 8++++----
Msystems/hardware/thinkpad-t460s.nix | 10+++++-----
Msystems/hardware/thinkpad-t480s.nix | 10+++++-----
Msystems/hardware/thinkpad-x220.nix | 12++++++------
Msystems/hardware/thinkpad.nix | 8++++----
Asystems/hosts/default.nix | 34++++++++++++++++++++++++++++++++++
Asystems/hosts/deploy.nix | 16++++++++++++++++
Msystems/hosts/kerkouane.nix | 18+++++++++++++++---
Msystems/hosts/naruhodo.nix | 21+++++++++++----------
Asystems/hosts/okinawa.nix | 30++++++++++++++++++++++++++++++
Msystems/hosts/sakhalin.nix | 4++--
Asystems/hosts/shikoku.nix | 137+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Msystems/hosts/wakasu.nix | 4++--
Msystems/modules/core/nix.nix | 8++++----
Ausers/modules/modules.nix | 4++++
Musers/vincent/containers/kubernetes.nix | 2+-
Musers/vincent/core/git.nix | 2+-
Musers/vincent/desktop/default.nix | 1+
Musers/vincent/dev/emacs.nix | 24++++++++++++------------
35 files changed, 1451 insertions(+), 390 deletions(-)

diff --git a/.envrc b/.envrc @@ -1,2 +1,2 @@ -eval "$(lorri direnv)" +use flake test -f .secrets && source .secrets || echo "no secrets" diff --git a/.sops.yaml b/.sops.yaml @@ -5,6 +5,7 @@ keys: - &sakhalin 8b80ab02638ab9c34f6c21bd69928b5908e10cbf - &kerkouane b8b02c0885a74753f8fb53f031f0386f20f3e4ec - &naruhodo 5722867ac621fd15d2dfc7eab7bfec55a117c1bf + - &shikoku c7ebcb8e935bda9466e98b1a659af87ff4f5ab02 - &k8sn1 298092af3b4de6f5a6cb51a14f2247aa4fa91e04 - &k8sn2 0ebe388f6827fe2eace1055d0b23ac2723c1de53 - &k8sn3 95233a9c933a7ff9d7a6ca9a531bfac356b8f712 @@ -16,6 +17,7 @@ creation_rules: - *wakasu - *sakhalin - *kerkouane + - *shikoku - *k8sn1 - *k8sn2 - *k8sn3 @@ -45,6 +47,11 @@ creation_rules: - pgp: - *vincent - *kerkouane + - path_regex: secrets/shikoku/[^/]+\.yaml$ + key_groups: + - pgp: + - *vincent + - *shikoku - path_regex: secrets/naruhodo/[^/]+\.yaml$ key_groups: - pgp: @@ -66,6 +73,7 @@ creation_rules: - *sakhalin - *kerkouane - *naruhodo + - *shikoku - *k8sn1 - *k8sn2 - *k8sn3 diff --git a/README.org b/README.org @@ -75,15 +75,22 @@ * References Repositories +- [[https://github.com/jordanisaacs/dotfiles][https://github.com/jordanisaacs/dotfiles]] — [[file:/net/sakhalin.home/export/gaia/src/configs/jordanisaacs.dotfiles/][src]] +- [[https://git.sr.ht/~akirak/nix-config][https://git.sr.ht/~akirak/nix-config]] — [[file:/net/sakhalin.home/export/gaia/src/configs/akirak.nix-config/][src]] + + [[https://github.com/akirak/nix-desktop][https://github.com/akirak/nix-desktop]] +- [[https://github.com/chvp/nixos-config][https://github.com/chvp/nixos-config]] — [[file:/net/sakhalin.home/export/gaia/src/configs/chvp.nixos-config/][src]] +- [[https://github.com/gytis-ivaskevicius/nixfiles][https://github.com/gytis-ivaskevicius/nixfiles]] — [[file:/net/sakhalin.home/export/gaia/src/configs/gytis-ivaskevicius.nixfiles/][src]] +- [[https://github.com/davidtwco/veritas]] — [[file:/net/sakhalin.home/export/gaia/src/configs/davidtwco.veritas/][src]] +- [[https://github.com/buckley310/nixos-config][https://github.com/buckley310/nixos-config]] — [[file:/net/sakhalin.home/export/gaia/src/configs/buckley310.nixos-config/][src]] +- [[https://github.com/eadwu/nixos-configuration][https://github.com/eadwu/nixos-configuration]] — [[file:/net/sakhalin.home/export/gaia/src/configs/eadwu.nixos-configuration/][src]] +- [[https://github.com/berbiche/dotfiles][https://github.com/berbiche/dotfiles]] — [[file:/net/sakhalin.home/export/gaia/src/configs/berbiche.dotfiles/][src]] +- https://github.com/hlissner/dotfiles/ — [[file:/net/sakhalin.home/export/gaia/src/configs/hlissner.dotfiles/][src]] +- [[https://github.com/Mic92/dotfiles][https://github.com/Mic92/dotfiles]] — [[file:/net/sakhalin.home/export/gaia/src/configs/Mic92.dotfiles/][src]] - [[https://github.com/lovesegfault/nix-config][https://github.com/lovesegfault/nix-config]] - [[https://github.com/utdemir/dotfiles]] -- [[https://github.com/davidtwco/veritas]] - [[https://github.com/bqv/nixrc][https://github.com/bqv/nixrc]] -- [[https://github.com/berbiche/dotfiles][https://github.com/berbiche/dotfiles]] -- https://github.com/hlissner/dotfiles/ - [[https://github.com/leotaku/nixos-config]] - [[https://github.com/rasendubi/dotfiles]] -- [[https://github.com/akirak/nix-desktop][https://github.com/akirak/nix-desktop]] - [[https://git.tazj.in/about/]] - [[https://github.com/danieldk/nix-home]] - https://github.com/terlar/nix-config diff --git a/docs/moving-home-to-nix-flakes.org b/docs/moving-home-to-nix-flakes.org @@ -0,0 +1,34 @@ +#+TITLE: Moving =home= to nix flakes +#+FILETAGS: #home nix dotfiles configuration + +This document is a /live/ document on moving this =monorepo= to using nix flakes. It will go +through why as well as trying to dig around what was done for it. + +* Why flakes + +#+begin_quote +Nix is a package manager that lets you have a more deterministic view of your software +dependencies and build processes. One if its biggest weaknesses out of the box is that +there are very few conventions on how projects using Nix should work together. It's like +having a build system but also having to configure systems to run software yourself. This +could mean copying a NixOS module out of the project's git repo, writing your own or +more. In contrast to this, Nix flakes define a set of conventions for how software can be +build, run, integrated and deployed without having to rely on external tools such as Niv +or Lorri to help you do basic tasks in a timely manner. +– from [[https://christine.website/blog/nix-flakes-1-2022-02-21]] +#+end_quote + +Nix flakes seems to be more and more stable and usable, and thus, as I needed to +re-install one of my laptop powered by NixOS, I felt I would migrate the repository +towards nix flakes. + +The idea is to make this repository a "flake-enabled" repository while still working with +the current setup I have (=niv=, =morph=, …). + +* Digging into the flake + +- Going with flake-utils-plus. Why ? + For a "configuration" repository, I think it makes perfect sense. For standalone flakes, + like projects, … I wouldn't say the same but for this one it does. + +#+include: "../flake.nix" diff --git a/flake.lock b/flake.lock @@ -0,0 +1,457 @@ +{ + "nodes": { + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": [ + "nixpkgs" + ], + "utils": [ + "flake-utils" + ] + }, + "locked": { + "lastModified": 1648475189, + "narHash": "sha256-gAGAS6IagwoUr1B0ohE3iR6sZ8hP4LSqzYLC8Mq3WGU=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "83e0c78291cd08cb827ba0d553ad9158ae5a95c3", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "devshell": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1650389807, + "narHash": "sha256-GFRBdHMJ/T/ifaE2GS58RWpxyufH0LqI3oGS6oWAnHk=", + "owner": "numtide", + "repo": "devshell", + "rev": "5a53bbf3eb4c908d83884d725a86b3a3bde35979", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "emacs-overlay": { + "locked": { + "lastModified": 1650859355, + "narHash": "sha256-p1OGPwJYkehsudHycEp++EdSTwpW1C9kBbz2Uz3paFU=", + "owner": "nix-community", + "repo": "emacs-overlay", + "rev": "ce0571f95210dc4c00a3affb4128012947f9a250", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "emacs-overlay", + "type": "github" + } + }, + "envfs": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils" + }, + "locked": { + "lastModified": 1646734227, + "narHash": "sha256-fJ7glrf7sWHRMm7L8cBNWXQdoekOVJ699xPJqJxWsDw=", + "owner": "Mic92", + "repo": "envfs", + "rev": "b0f6c7e4906e9ac6f747a8d991fa8bb58e68f7f4", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "envfs", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1648199409, + "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1648199409, + "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1642700792, + "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils-plus": { + "inputs": { + "flake-utils": [ + "flake-utils" + ] + }, + "locked": { + "lastModified": 1638172912, + "narHash": "sha256-jxhQGNEsZTdop/Br3JPS+xmBf6t9cIWRzVZFxbT76Rw=", + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "rev": "166d6ebd9f0de03afc98060ac92cba9c71cfe550", + "type": "github" + }, + "original": { + "owner": "gytis-ivaskevicius", + "ref": "v1.3.1", + "repo": "flake-utils-plus", + "type": "github" + } + }, + "flake-utils_2": { + "locked": { + "lastModified": 1649676176, + "narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "locked": { + "lastModified": 1649676176, + "narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1650836336, + "narHash": "sha256-W9NfDZVSBrmiURX3LUQOp6McJMEqpw6njC1/vtRLp+M=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "09f3e67950823d5abe192e474f1af51914f4cb9a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager-stable": { + "inputs": { + "nixpkgs": [ + "nixos-21_11" + ] + }, + "locked": { + "lastModified": 1650841545, + "narHash": "sha256-AF3fk+p/mHbdtyrI3kpms+MoMVOdGIBGJ+7LT7WWdaU=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "236c6ec21420e44c38ec76de4fc3335bec1859b5", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-21.11", + "repo": "home-manager", + "type": "github" + } + }, + "impermanence": { + "locked": { + "lastModified": 1646131459, + "narHash": "sha256-GPmgxvUFvQ1GmsGfWHy9+rcxWrczeDhS9XnAIPHi9XQ=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "2f39baeb7d039fda5fc8225111bb79474138e6f4", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "impermanence", + "type": "github" + } + }, + "nix-hardware": { + "locked": { + "lastModified": 1650522846, + "narHash": "sha256-SxWHXRI3qJwswyXAtzsi6PKVY3KLNNnb072KaJthII8=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "6b4ebea9093c997c5f275c820e679108de4871ab", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixos-21_11": { + "locked": { + "lastModified": 1650728030, + "narHash": "sha256-VfCYsC/0mZQlQqsXf5o5Cib1ncJQ5l7WHN7hEIMmZNw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5fb3a179605141bfa4c9c423f9b1c33658b059c8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-21.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 0, + "narHash": "sha256-zQyTr2UebTKUh1KLyLtevhHsM8umPK1LfQLGUGjRjiQ=", + "path": "/nix/store/aqhzrz2k83h3pxid8va5r64szcmjd6n1-source", + "type": "path" + }, + "original": { + "id": "nixos-hardware", + "type": "indirect" + } + }, + "nixos-unstable": { + "locked": { + "lastModified": 1650701402, + "narHash": "sha256-XKfstdtqDg+O+gNBx1yGVKWIhLgfEDg/e2lvJSsp9vU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "bc41b01dd7a9fdffd32d9b03806798797532a5fe", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixos-wsl": { + "inputs": { + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1650629047, + "narHash": "sha256-IwiKbzXTzodPKMHm5qTizGoMVjipevbliraFmnrdsqU=", + "owner": "nix-community", + "repo": "NixOS-WSL", + "rev": "69783cf56b2ada7e0e8cc8d17907a346e8bd97b7", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NixOS-WSL", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1643381941, + "narHash": "sha256-pHTwvnN4tTsEKkWlXQ8JMY423epos8wUOhthpwJjtpc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5efc8ca954272c4376ac929f4c5ffefcc20551d5", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1650792148, + "narHash": "sha256-n1MZSZIzvP70BJ56tV8GwQ5L0wHt/nTH9UkF5HTGB/4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ab83c5d70528f1edc7080dead3a5dee61797b3ff", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1650701402, + "narHash": "sha256-XKfstdtqDg+O+gNBx1yGVKWIhLgfEDg/e2lvJSsp9vU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "bc41b01dd7a9fdffd32d9b03806798797532a5fe", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nur": { + "locked": { + "lastModified": 1650863045, + "narHash": "sha256-pgKfeaV5uGfh7XtSfOvJ1XAU4E7IRpVNOE2lsBjXToQ=", + "owner": "nix-community", + "repo": "NUR", + "rev": "804f296c699984ebb4edc52cd570091562f22153", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, + "root": { + "inputs": { + "deploy-rs": "deploy-rs", + "devshell": "devshell", + "emacs-overlay": "emacs-overlay", + "envfs": "envfs", + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils_2", + "flake-utils-plus": "flake-utils-plus", + "home-manager": "home-manager", + "home-manager-stable": "home-manager-stable", + "impermanence": "impermanence", + "nix-hardware": "nix-hardware", + "nixos-21_11": "nixos-21_11", + "nixos-hardware": "nixos-hardware", + "nixos-unstable": "nixos-unstable", + "nixos-wsl": "nixos-wsl", + "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable", + "nur": "nur", + "sops-nix": "sops-nix" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1649756291, + "narHash": "sha256-KTll8bCINAzIUGaaMrbn9wb5nfhkXRLgmFrWGR/Dku0=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "c2614c4fe61943b3d280ac1892fcebe6e8eaf8c8", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "utils": { + "locked": { + "lastModified": 1610051610, + "narHash": "sha256-U9rPz/usA1/Aohhk7Cmc2gBrEEKRzcW4nwPWMPwja4Y=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3982c9903e93927c2164caa727cd3f6a0e6d14cc", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix @@ -0,0 +1,276 @@ +{ + description = "System Config"; + + inputs = { + # Flake for compatibility with non-flake commands + flake-compat = { type = "github"; owner = "edolstra"; repo = "flake-compat"; flake = false; }; + flake-utils = { type = "github"; owner = "numtide"; repo = "flake-utils"; }; + flake-utils-plus = { + type = "github"; + owner = "gytis-ivaskevicius"; + repo = "flake-utils-plus"; + ref = "v1.3.1"; + inputs.flake-utils.follows = "flake-utils"; + }; + devshell = { type = "github"; owner = "numtide"; repo = "devshell"; }; + + # Flake Dependencies + home-manager = { type = "github"; owner = "nix-community"; repo = "home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + home-manager-stable = { type = "github"; owner = "nix-community"; repo = "home-manager"; ref = "release-21.11"; inputs.nixpkgs.follows = "nixos-21_11"; }; + impermanence = { type = "github"; owner = "nix-community"; repo = "impermanence"; }; + + nur.url = "github:nix-community/NUR"; + emacs-overlay.url = "github:nix-community/emacs-overlay"; + + deploy-rs = { + type = "github"; + owner = "serokell"; + repo = "deploy-rs"; + inputs.utils.follows = "flake-utils"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + sops-nix = { + type = "github"; + owner = "Mic92"; + repo = "sops-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + envfs = { + type = "github"; + owner = "Mic92"; + repo = "envfs"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + # WSL + nixos-wsl = { type = "github"; owner = "nix-community"; repo = "NixOS-WSL"; inputs.nixpkgs.follows = "nixpkgs"; }; + nix-hardware = { type = "github"; owner = "NixOS"; "repo" = "nixos-hardware"; }; + + # Channels + # FIXME: is it needed or should I just alias nixos-unstable instead + nixpkgs = { type = "github"; owner = "NixOS"; repo = "nixpkgs"; ref = "nixos-unstable"; }; + nixos-21_11 = { type = "github"; owner = "NixOS"; repo = "nixpkgs"; ref = "nixos-21.11"; }; + nixos-unstable = { type = "github"; owner = "NixOS"; repo = "nixpkgs"; ref = "nixos-unstable"; }; + nixpkgs-unstable = { type = "github"; owner = "NixOS"; repo = "nixpkgs"; ref = "nixpkgs-unstable"; }; + }; + + outputs = + { self + , nixpkgs + , flake-utils-plus + , flake-utils + , home-manager + , home-manager-stable + , emacs-overlay + , nur + , sops-nix + , envfs + , nixos-wsl + , nixos-hardware + , deploy-rs + , ... + } @ inputs: + let + mkApp = flake-utils.lib.mkApp; + # homeProfiles = import ./home { inherit (nixpkgs) lib; }; + + nixosModules = flake-utils-plus.lib.exportModules [ + ./systems/modules/virtualisation/buildkit.nix + ]; + + stableModules = [ + home-manager-stable.nixosModules.home-manager + ./systems/modules/profiles/docker.stable.nix + ]; + unstableModules = [ + home-manager.nixosModules.home-manager + ./systems/modules/profiles/docker.nix + ]; + in + flake-utils-plus.lib.mkFlake { + inherit self inputs nixosModules; + + supportedSystems = [ "aarch64-linux" "x86_64-linux" ]; + channelsConfig.allowUnfree = true; + + sharedOverlays = [ + (import ./nix/overlays) + (import ./nix/overlays/sbr.nix) + emacs-overlay.overlay + nur.overlay + ]; + + hostDefaults = { + system = "x86_64-linux"; + channelName = "nixos-unstable"; + extraArgs = { + # nixos/profiles/core.nix requires self parameter + inherit self; + }; + modules = with nixosModules; [ + # Exported modules + buildkit + # Common modules + # FIXME: migrate this to elsewhere, or at least split it + ./systems/modules/core/config.nix + ./systems/modules/core/nix.nix + ./systems/modules/core/users.nix + ./systems/modules/hardware/sane-extra-config.nixos.nix + ./systems/modules/profiles/avahi.nix + ./systems/modules/profiles/base.nix + ./systems/modules/profiles/builder.nix + ./systems/modules/profiles/desktop.nix + ./systems/modules/profiles/dev.nix + ./systems/modules/profiles/dns.nix + ./systems/modules/profiles/git.nix + ./systems/modules/profiles/gnome.nix + ./systems/modules/profiles/home.nix + ./systems/modules/profiles/i18n.nix + ./systems/modules/profiles/i3.nix + ./systems/modules/profiles/ipfs.nix + ./systems/modules/profiles/kubernetes.nix + ./systems/modules/profiles/laptop.nix + ./systems/modules/profiles/mail.nix + ./systems/modules/profiles/printing.nix + ./systems/modules/profiles/pulseaudio.nix + ./systems/modules/profiles/qemu.nix + ./systems/modules/profiles/redhat.nix + ./systems/modules/profiles/scanning.nix + ./systems/modules/profiles/ssh.nix + ./systems/modules/profiles/syncthing.nix + ./systems/modules/profiles/sway.nix + ./systems/modules/profiles/virtualization.nix + ./systems/modules/profiles/wireguard.server.nix + ./systems/modules/profiles/yubikey.nix + ./systems/modules/profiles/zsh.nix + ./systems/modules/services/wireguard.client.nix + sops-nix.nixosModules.sops + envfs.nixosModules.envfs + { + config.nix.generateRegistryFromInputs = true; + config.home-manager.useGlobalPkgs = true; + config.home-manager.useUserPackages = true; + # Import custom home-manager modules (NixOS) + config.home-manager.sharedModules = import ./users/modules/modules.nix; + # Default SopsFile + config.sops.defaultSopsFile = ./secrets/secrets.yaml; + } + ]; + }; + + hosts = { + # Main laptop + naruhodo = { + modules = unstableModules ++ [ + nixos-hardware.nixosModules.lenovo-thinkpad-t480s + nixos-hardware.nixosModules.common-pc-laptop-ssd + ./systems/hosts/naruhodo.nix + ]; + }; + # WSL setup + # FIXME okinawa doesn't have openssh + okinawa = { + modules = unstableModules ++ [ + nixos-wsl.nixosModules.wsl + ./systems/hosts/okinawa.nix + ]; + }; + # Servers + shikoku = { + channelName = "nixos-21_11"; + modules = stableModules ++ [ + ./systems/hosts/shikoku.nix + ]; + }; + wakasu = { + channelName = "nixos-21_11"; + modules = stableModules ++ [ + nixos-hardware.nixosModules.lenovo-thinkpad + nixos-hardware.nixosModules.common-pc-laptop-ssd + ./systems/hosts/wakasu.nix + ]; + }; + sakhalin = { + channelName = "nixos-21_11"; + modules = stableModules ++ [ + nixos-hardware.nixosModules.common-pc-ssd + ./systems/hosts/sakhalin.nix + ]; + }; + aomi = { + channelName = "nixos-21_11"; + modules = stableModules ++ [ + nixos-hardware.nixosModules.lenovo-thinkpad-p1-3th-gen + nixos-hardware.nixosModules.common-pc-laptop-ssd + ./systems/hosts/aomi.nix + ]; + }; + kerkouane = { + channelName = "nixos-21_11"; + modules = stableModules ++ [ + ./systems/modules/services/govanityurl.nix + ./systems/hosts/kerkouane.nix + ]; + }; + }; + + # deploy-rs setup + deploy = + let + mkNode = server: ip: fast: { + hostname = "${ip}"; + fastConnection = false; + profiles.system.path = + deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations."${server}"; + }; + in + { + user = "root"; + sshUser = "root"; + nodes = { + shikoku = mkNode "shikoku" "192.168.1.24" true; + wakasu = mkNode "wakasu" "192.168.1.77" true; + sakhalin = mkNode "sakhalin" "192.168.1.70" true; + kerkouane = mkNode "kerkouane" "kerkouane.vpn" false; + }; + }; + + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; + + outputsBuilder = channels: + let + in + { + overlays.default = import ./nix/overlays; + + packages = with channels.nixpkgs; { + inherit + bekind + tkn + tkn_0_23 + tkn_0_22 + ; + }; + + # `nix develop` + devShell = + let + inherit (sops-nix.packages."x86_64-linux") sops-import-keys-hook; + in + with channels.nixpkgs; mkShell { + sopsPGPKeyDirs = [ "./secrets/keys" ]; + nativeBuildInputs = [ + sops-import-keys-hook + ]; + buildInputs = with pkgs; [ + cachix + git + nixpkgs-fmt + sops + deploy-rs.packages."x86_64-linux".deploy-rs + ]; + }; + }; + }; +} diff --git a/home.nix b/home.nix @@ -1,24 +0,0 @@ -# This configuration file simply determines the hostname and then import both -# the default configuration (common for all machine) and specific machine -# configuration. -let - hostName = "${builtins.readFile ./hostname}"; - home-manager = (import ./nix/sources.nix).home-manager; -in -{ - programs = { - home-manager = { - enable = true; - path = "${home-manager}"; - }; - }; - nixpkgs.overlays = [ - (import ./overlays/sbr.nix) - (import ./overlays/unstable.nix) - (import ./nix).emacs - ]; - imports = [ - # Machine specific configuration files - (./systems + "/${hostName}.home.nix") - ]; -} diff --git a/nix/modules/default.nix b/nix/modules/default.nix @@ -0,0 +1,2 @@ +{ pkgs, ... }: +{ } diff --git a/nix/overlays/default.nix b/nix/overlays/default.nix @@ -0,0 +1,14 @@ +final: prev: { + + inherit (prev.callPackage ../packages/tkn { }) + tkn_0_17 + tkn_0_18 + tkn_0_19 + tkn_0_20 + tkn_0_21 + tkn_0_22 + tkn_0_23 + tkn + ; + +} diff --git a/nix/shells/cargo.nix b/nix/shells/cargo.nix @@ -1,21 +0,0 @@ -{ pkgs ? import <nixpkgs> { } }: - -# This file contains a development shell for running and working on Cargo. -pkgs.mkShell rec { - name = "rustc-perf"; - buildInputs = with pkgs; [ - git - curl - gnumake - pkg-config - openssl - - rustup - - # Required for nested shells in lorri to work correctly. - bashInteractive - ]; - - # Always show backtraces. - RUST_BACKTRACE = 1; -} diff --git a/secrets/builder.yaml b/secrets/builder.yaml @@ -1,188 +1,209 @@ -builder: ENC[AES256_GCM,data:CaeaUekBrYhNP4GR3qB53/7JF7leKWL9bZTVTqorPmEIl+bcK4ZV9SGIeivfrdZjfEvggZFn8el6FUCAcbhni1hc2eJG4ptzecR4EuSZjCCxNqTmnFqDPsugd/oz//xvxFJNz7NGItDMw0boVImigVc5Ai7BUvrqzH1CgKJmshR1expAjEq515rdjTDcZJuj/OKnzNJz6Hf/WGxf6A6scOSNP0FE9QZFzwNKpjAadXbnOXbfsKaDxkOcOsE9n4hsBvA3RKRtWI0FjFv0dDOt0+Fr52hr9OzgpM0zF+NySUFfM3jVb+5A1jHcfCt1EZe+Xg6v9ty4OXEd0Cu/U8/H7iCsATaA57QbHKaLyfwgq3zm383W+sswz8D+GlQxa60j7602c9Bd5NtVvE7oNn6CPDG+TuNPTLvPYuQQ0paCQZwWxVpVDWN+SWZsHMa7gcB5EV9TA0W1M83gJTewtlch1SdWuooxXgM0Mkuk7copLWMN+t7qHsMXNNFwRZRV7+S9HtcEN8gpWwCUJ0OHmRGHplDZ4q6I/+PHSaek,iv:Mra66+wNI8n/AJvlBvbNlH0yOoikqvfARKKzbMj+R8k=,tag:Xq9Clz7lGtuTWD8D3Z7ufw==,type:str] -builder.pub: ENC[AES256_GCM,data:PWNUoI4FsCMcb854xm1Fa3sLxgYe3PNxDi1Gp7Xuke/DTe3RCP26W6bg83hTtnwWUPSgfZcPmtYD/wsC0OHK5ZmufTVZlT2oAVWVlfErwi/9QN8aE/mc9vpUlNAAwXMnr+A=,iv:HZ0W4Z4b1/Na0lHa5C95afJ1ufJqP+SM3C7Gigeff/g=,tag:Yzyk++OTZhTMUFN4cIm9Bg==,type:str] +#ENC[AES256_GCM,data:mZSh5l1ilIG/FHyJkshIs8yb5RM=,iv:LGs1LFCrJA58pQQxj0y+n3dALdEY8otBmN9WnGKIAws=,tag:cc1D1EDr8jBMAVy5iuuqiQ==,type:comment] +builder: ENC[AES256_GCM,data:Fbd9x59bdZw27K26pf0FVIOP7jyCOq5Qos+Y8T+mZoiryK0YPxK4aPhf5gtlLXr+esUzxJ37o0gCRZjtyJMSR8VlLwKKQECz8l2PqEXvH/A1rFjs5AuU0263FzmfI9b0uLs5wiV3IU9FTc000kn0XuELA8BqDt7rje8pf5eu2qCsp821jEHzen/A3QUSR14KI39V/Aoa4bSzoItYqhPynxAYPQjCXeWhlMy+WDEMToA+M9TqZ/RA4yRQV+P2L63JYTLendaUJ0GTk+yVNLfBR4/L0O/JkKGL7N6Bn+n/eDrilndAQb6dYXhDB2WlguQlfxZUm49h3VE89zJOWd45Y8VjozAo+djnEKvAAfpN9AIXLFn9Duie2BFFlEqp2ApgggBrrCh82DndP6fDOfa0l3jVfRV0FdOOfEQES5Imc1YDSOplMZDgaGZzDBcofjPmq+OjSfhLg5OA1TnsEsRzQONH5NZusIuSWrdzO5n9Mg4oDF7MvNol6YIBtXW/Uy7kH1in+zemCU8NH9oRHpz+FdJkO5DBuI/2aZt0,iv:Z+Iig7TJ4tz53LX/GqAO1C/U4k+EkMnf/ehU+d+5P8I=,tag:9wrtb4yaEBshEpS2k+GfSA==,type:str] +builder.pub: ENC[AES256_GCM,data:vnJIIQ43hd7CZaBvXTUuQ2zGjRlBTSaVhoPdcStaNf7lj1KU0xKqDPCJ5OCjDD85oTwWGWSKrvx403DL4dZSlkslLTxChJ4gc76zM4mT4/5wgdwd8LrTJ3Wakm+CVtw10HM=,iv:h8/TGNj2aDpoBfD9rdar8tXNh7k6FNEefL7Eb0g4sso=,tag:NuRkjpoZHKk1qAhuya8zVQ==,type:str] sops: kms: [] gcp_kms: [] azure_kv: [] hc_vault: [] age: [] - lastmodified: "2021-11-18T17:09:39Z" - mac: ENC[AES256_GCM,data:RDQtmtJKrqiV8wiVgA187vZqnMC9SjHzey0+YDvPNfLUlBI31CpLtz7HTRq4CR8T7dCOUEpqHt6ECSAcWl2FAFBjQPEhA9CK1ibPgWkx5QWCL/wGjvILbZd7+1ulu1R3GsN7njHWSGX80g1VUQktS1w1qmf2G0QE3+sDdyDTF20=,iv:bYu2ua/02HseYgEotySlsqkuKOg8oRsbFWGLt+xmBsA=,tag:PQ3hzBMfIC5brZP82TOzDw==,type:str] + lastmodified: "2022-04-20T10:24:44Z" + mac: ENC[AES256_GCM,data:TXGsBZ+upCQesS2SOYG2SNXZxsa70lMDkuHT3EdHKPGjAzd9rEn9I6FHz1H/+e7qASW19ge3awNHRlxGcW+dZdVQ0wYUJzcORToZ38AmSyvN73nKpcn8qv1GifDLpvXjl/HAZvz8bMcqLbCLTUkvgUGtCaD7RCK9DM9ts98IQs0=,iv:RnLIFA0I5VFtnl2c0Kqf2JDSR3luLP4HEOeRc741jSA=,tag:lYs8av+64ppjPC17MHXThA==,type:str] pgp: - - created_at: "2021-11-18T17:04:36Z" + - created_at: "2022-04-20T10:24:31Z" enc: |- -----BEGIN PGP MESSAGE----- - wcBMA/Z3oSgzL9TxAQgAvE15fu3KmSizH10xRuG9NL4lHvyE+8pZJ656Kwyaqf3p - h80MYn3TG9x8DuPgPIhGBm3BF+7/z747cHpKgJcsFtQlesjM0+/dBxZ8OPSwhqy7 - rPvX+cD3e2QR0mRAGOLZbmZmhwtyWr2CpRtj/gk7oBschRBRm1lNwi62kyUL77XH - noc8hH0bU0YJV3l4PhaQZzofjbpB3YIoBezfJQDQ8rpmW6xcdVSHXaPxpcQn9h82 - HBeaweeBBiootrL53/FTPdIAhVGY4puCqMxMIiGpv/q6u0eHzL4pEfQYDoRskzk/ - r57HCemLS1+2u0y/uLShBdijOe2q4mhOuvOaMsHortLmAWfKwk78zWwg8x982HCF - BnyI7or4fDujj45ZZX1Wngd7C4nO+3UlCuC6Nl+/W0kNBxOsmf/3DMRHrWOfMxkA - 4OR46XccVwRfnWFwYdj22Qm84vhVtpQA - =L8DL + wcBMA/Z3oSgzL9TxAQgAqPoo7DQ0UUKxg/8kf+VG6cz/cutcoh5ebphJvEy3lIFB + kxkAHCf0eFMjDUiBL7nWV7LctOecRefep/dfBgjQwnqgfJ1c/AtgL4UlaXDGJkSp + Z8gJOVcJnOWZ/isUMx3PnN9Qu0iZmvL9amnSDPgd4ejyubOB8LXv+LjGiJ4cm30a + eACZrz04xa0rI8rvuC6Syk4Oaf26OvcexF7ysLUM9ljrjP/EwICK+anc3Rm5mqTP + bawBwYm5qdBkSrx8vpj0PX3kejV4j8AIyd8nk8umw5N2mEOLmmdYTGqyFH9zxRjq + 8vjolIPz/yb583QS75ptkc/GgnhnZ8In18hNiMsBRNLmAd0MawaypBBMSP54YKXQ + 9JAjnLJEWKeCGa7zB9GXpPY4Qt0np6WpeOR6zeP9nf2ZlXyC7UB8iFniXLla5aSx + OeRmdX9Y35O36inZio3bAPGS4giItMQA + =Rhc5 -----END PGP MESSAGE----- fp: 8C4E8DDA04C18C6B503BD2DBB7E7CF1C634256FA - - created_at: "2021-11-18T17:04:36Z" + - created_at: "2022-04-20T10:24:31Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA01ZgQVEYlRdAQ/8C0Gfoew/0paZvE63c02fnTL3Q3lLshKQCfQLHaTZYgLC - rl570pan8FvXszjct8yvcgjE/TTTYaTmGjmMjLVi96lNuLFrUvkZCEodrhJ+MHNf - O/fR1IBXqXzW/xwLSnjmRDbrSFd7Tkw3BLeoD+Wf8gOV68jI1DkZ5HQFLbLTHKbF - EeT/QZNUGpQgtKxKlY6QEfKT5PrIEK4eVln6jUVzeTw4hZj6dWJHF4dh11iBPej+ - knyfiT/o+q7RWxCi4AO5cHlYEjfob/ACrY1/Vtg3h0QZrFGNCYvy1cLrN4bSb4f3 - pcxLErHOCJzsK5x+Y/fIb2aOOMq6rj9/7AKjo7YUXJFipFWOvq7AejqDawkEGsHw - eNLfkCDgEZIrsRx0de+pExnpBgcBiy2tCIC85Tv8fozS5WD6JTjXgmSW34nE2cPL - +MGNdmX6TuDC7TU+pR5/4Gz2juVWFEKi91TYKqCsAqdLzUFl49PstzaSn5KUhkhX - mwT5aakCM+gItRzOdxyoz7q2oZ7fVnFP2OJtbAwwg670StbZ9DgAvB8iRCTib6U6 - hJ2yhj9wsxejnFutyq5aG7/9dfeK7O4En8/65iz0/gouduNfrmzw4xQ7ztzS2dy8 - 4bb0Kq4qa0d7F7Dm3f9gXRJqJszf4uNhaSFVxyr5Uwq0/X2eAwqkhubj4Dsj+1/S - UAEWqdrXulFZ8EI5Jdv6mniPe4oUYc0/HhJ8LxOs2T3TYAJzfM8LM3rmu2TXsP3y - yhkSoB2Epot9lBcqQQZ/0Xp6ZQXJAcopJSHFeqJ/hy6n - =itzq + hQIMA01ZgQVEYlRdAQ/+J961BmpAZNan/5EDEd+DsZfjn/WAUcn/JDlKyDpzLROy + qsqbRs0UJJOazULgjw25YPr9xURQbNcgIefMveMwlpFaYZ5Xvh8umeZvurACkLLX + 6ASJtk5uMs0dOWUjoE48hNXNqh5mRBO8jODp3m3wMG4IwAGjQs2V0i7YKn0PijtN + RKNykc035gyByYEa7/YcHgZVG+MZ2nQ5l5REiZrZgvoFovy8w3chkZaH4O1aTwgO + yzhiSABnuGo73fqAGBLksRMTqHt6UxDxjITik2wfFaGAtAaRiNOGJtjW76PPvSnV + DpT+IGX4DGUHQQAA1EJRFFXvKGvajh3MqOw/8fswsVEzI54SeX1kfdE2zX1uCfeR + VXtwF8kt0nGrzG6V2n2ExhcMr67O1Ry28bdjMbF5nL+70pa9VObHbfwjmXgJKIUa + eM+Og+2y1YjkthMS5gYfGIYe+awNFnn/PXSYyiXGWtexxK8ANL4aFk8wAAjaqQpH + m0OhNTChS2xJuc/+VV8a4J4NOXvJ1pAs8pd2U05kaGcg2ZJ5UrRZGwwBh4OAvicb + on7/OMwo5xk79U9cTHq/Ez6gHUIqZL5yx5+EKpQiIhToqKynTHfNb2+EJTzpt2fC + JGBlljEvyAqlkoFRwC7hyx9q96wFdtGJvNBBDoO4CJiyh5DJSNQaksEHZSlN4QjS + WAEctcgM1MaUD2QwUizJ1/U/a1ql3+GbI3GIb1OImetQ8ffbDc9pNTQ/pF/+6iXe + ISuWu4m23Te+nz6acWgXECFhyJ1i9eQESJS6jKYy5J9C1iDZQE4JYg4= + =sTvE -----END PGP MESSAGE----- fp: b14ab1e44008e7d4c39875324d5981054462545d - - created_at: "2021-11-18T17:04:36Z" + - created_at: "2022-04-20T10:24:31Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMAwMoaz6prFK7AQ//SeyStMo0ikhpLCtvBGo9HwldqiqnGWUBjDgrqYIkffEL - dFxc9pa4VTaTpLFXk0FJEUTtxcky+LBgewjWphtH+c/LuiibODhV51XEIg+qHn5x - XjVaHbIdNFWrRBnaHRNlcmE0fY8ix/apNrKf0WNYPRKSRBPKSY8MCbzfJ+kobFNV - 9c/WE6nXEmVNwtuB/UTxbtmc3cabtYFQ1RR/9Qd5BcvviYeVzPv5OmXemK1eFTPa - tRGoZoIWJRUgN+MfpdlPdeRPfU42GVn+LmIBdTsJjmQYUH8FrPFIj4zQ2Y5vQrqn - 2dhSwXb+g8xAXtxbwr0OtU8s3aLdfKPyTBR1vdC6RCPPBALXSX67mR6UaFbpK37i - OkYWX0UeZcfTVoJnbHtc3Q0rYluhmZquFuLDkhfzJcFtGHMKw3yFgvJcjsCPk2H7 - JazN6DKMUOBAjDNOXIejONlRvjT/cuStyylkioHVeWJg6KaCGLEoq5rqtMD06BEO - pBuECoVDj7s51Yxn5A1s57jr9T3zPz3rf7hhY9uA/KFvUZ2+20Mo1swgBmYHShcS - TIaSw6fJSyzq/f9x92P//t/9Mm3THVTTARowXzjY58gPwPsqsWFVECy3YUwBj5JL - dAZE003B56J4FxmaWTe1OdPe1EeId0xFXtKrdJoezTmqDN2/XyfnH0U+EKJXzDLS - UAGJc5WGsvsGFkEBK/NHFquVTd+lvZjO5dLku7ZFUq9hd3AQU2H5nbuIKL/OrpEL - yvjXT+WSVcOsk6KY2nZRFUQcf4LNinRmtJpsO4vWY/KQ - =rhA/ + hQIMAwMoaz6prFK7AQ/+KNQ0QXZyDvEgg/UWXKOapkEdMpeFKsEo9+5Ztp64tsHi + lwgFsTAIOJrTg7xfMDkNAstRLpcBWNUuPttRNaWWToODrJToh8wWIv6Rwx16Uz75 + SKpkUwNblwgrFvKbKkWwU1xJeLf6fa4ATDTxbCaNMsbrHsX0BHGVg9MAxtmRPfOg + GYZiyrKgt5IwfK5vytXrvpIMZQUC8+JToZfAyeiIwBn+ZaZQZQu7s/XWAKbje7ae + TIXyc3HrVnb3qV2CaXtGUjM7ChW1RurGo6t3moiHUF+Fwpc35nKFBD95Rncyxk4y + C9ov7WRBkQlloudlqPtp+/2MbZwTZv0YKYXOferREVWEd13ac0mvNRqOKty0zcFo + Xmuv0EIzWxZDk11Lz0Q5N7MEllij1VHN+f085Gr/rVvRJDHOmPniyTGoOV64b1G+ + fF2AmMsGD4N7dxTCZu9b1fQgz9g6l9HG+FXwPxfC+y+WMNIQi5amV28TLbFo3ei8 + 33L2lwjlEQxdLWbE3cNFRioi+zkTMPUQZCkFrKPeWILomXXcxdtjYUKJ+wvXyjE3 + Dz2ELzdwQDVrTlemDLaO8q9BjCyk04bHqfIOPkC0TGm7Ik3YZ2BcpNH/fMVRubRk + FjaQw3eElK+D+7x/3PvCVSuU/QtXSbjku5YvNr+SN1TOZiWz9dGQVuBM8Lr1DY3S + WAEP0FdI7L7LZZKDGVWDpfp46k/8qulDGQkQxWLM/iYhHIYJspr2K2HunrIhiM37 + k4kSLl9XWqlUE3py3vB7bgcdK55hya40IZr9ch2rJvq5+CRhtUrlxjQ= + =jYmH -----END PGP MESSAGE----- fp: 3f65577842cabda3955d1f5603286b3ea9ac52bb - - created_at: "2021-11-18T17:04:36Z" + - created_at: "2022-04-20T10:24:31Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA2mSi1kI4Qy/AQ/+NUyvnaUCrRTMjjAKA92s6O0MzFwbWNq8/ibvYDB2jTAt - jh43Q0xBn6zNxDvyHgGp7pJhU+6ze/bQFLvOj305NTPaztyYuAe/mD81E55Tztgd - ZB9x1k9WiOl0pIU+5Zx+C/2VaQolmnDF+JozRZR1cQAD0S2910Nw7P8pvFp5rCxV - eLZFt2fCJn1iB/ZjoCV8ztD3xrf9sQXgqjqxO1rZxFVedo/0UHIUIHTS7LXSjh31 - QV2Zmetc09G7JL1B5br5vyH7CfEPVuU/np8AYzAiFJXCG1LkzeWiZcEO8VqjTUpR - uALvgPK56NukEhYLMAtEC8NRubVyZnkGcmx5CLLXZLAxRYrHuunCqZCH+cF64qhY - qymqsHWRdHz36wzpWFvATJjvttPcZeUu2ZGpF0rgI/8h8yB9b0kdHuqi/atEOm2t - y89Z6gSp6dwaeZ1uzJWW9I5pGQ2uWKYIjdni/tNy2wi9BLKC41niJEq0T7Jx6VMJ - 7SWFLVym76Ji43ALk/lkmTsBBLqy0CFdhV6ricecZ654Qr9hDUF1cXhSeDLHYo1o - 7IJCWampq9PWLTuESw8bsueQ6/EnMUTwJuG3il8i4oef4OIr3AqccWxlJ4h0RnVp - pBwVyWrwJk5ZrziO9uyU5fCAt58nBoXvNjSEbg3PNnPujAiY9cv64yhEsCvJHc7S - UAG1p923CwKJ6XvhYN+IrYYHiKAttOdgugZuszYbPYs4VKA2IQyIMQs9BP4xMd+K - UY8Sp2nS1laBUlCrsJuRt+qVPuNLATnIfuIv+Mxtua7t - =M/k0 + hQIMA2mSi1kI4Qy/AQ//XqAhZRtk9kA2QR6WYCRGOteUqEEFSqDAvAlgAMovb/UO + ZqipLXaP9UrpGhlx/P/hcoHwzrsB1FSR/OLMDPSq/CovBN7nGfAI7F8bXBAdZ94A + 9F6vnUr/8MuXuF8QHI45NNOENXd2k05QBC/7IkzyyaUj5OlhFRo3m9MAzBeysx9b + qteDdK1NTbidMGxUJzifjplmIgfxQJKNQGyQjlW0yHvPKxHApYEX7W7n4Uxz8t7G + 0SVGiHR5Be2VX7B4RnP34P3TOWgMwrolU8V++2iF5ZwUWhvXtZ2u7Ur3a1YLGm7T + FcHk4k0Vk2usRialPUnOduOZjFWWh1KO3MuJljrTFATuSax+KwtduQhOx0qhO2k3 + vX1Lw55sdR0Gz++vrIkHlYG9VbUUndyvLzKBV3c/E5o3aKug7WN17GzrnuwZVyop + HQWpaHL8JHr7Wn/D0HJFR8Fe1cTRdzOtrdfU+J92Papsg0s+ygLf3S6G0Uz33jMS + 1Cv0HlNRXGf3Z2ybE2BiJGA2OITf0/sRpBkH4Uun3d2fiAFHzDKVnE5oVCAl/qsj + U/0IoqufrWj+8l5WbA5+Y+KBvzNZzne12yvR+fu0VCKR7tWpPv1ox5srmGUjNkfG + ABA1DiTpa2rfYHpgvbvQskee2zJH+DU+w7++D+CM+/lykl2PTqrKl4JlObcrrnbS + WAFekwd5IVqG/OcqYJicB6e0y8rtmmE4DyTmXu5OHENWPgpeqoL7/PBWzdD93M7s + Qd02y0cB3AyadOj4z29Z4BBzQnX7OxDrvgus1TzJau3Ozyhr1PXzeQQ= + =chia -----END PGP MESSAGE----- fp: 8b80ab02638ab9c34f6c21bd69928b5908e10cbf - - created_at: "2021-11-18T17:04:36Z" + - created_at: "2022-04-20T10:24:31Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMAzHwOG8g8+TsARAA0QBd8aF1m/A2pyn6qrj8Gu7TB5FCeqN7k65bo/sviS8F - 53bZHH6RFB6LVG9oQ8KIAIID4aHUhGxvEuoHXCbDlIMqGxMmIplrE1yd5Ozb/YnL - 1TnKoopiL/vRARkXxzZEoQP0HuhDJcgoETEcIIVUYNDMvPTN3LctGXbZjKFT1T1F - EARoiFcrXXvw4ARVmt/jssWjfDDb/RzbYffqZFdPJeT/kkcV43XBJZAPbq6udofO - U0B7h4qqfYJAdypVqY7Q3gkRW7DCZIk9jOdlbsaX8QVlNM0v1RNAPvF2I76e7KVJ - zy7Yi2RKYr9daDFZa/dx9llSwetIbMyOJLEhEV3AqYFRAS0JtUFZRr3ICWHdu3Zq - 1jz9d39XsxTfZwmxsb3Dit1/GbBE+sCyXn4Ye5D76KdWFcYAJJXmGsPBAvqheIC+ - nPuC2cNjo46U0KmWhDzWkNYK0Hf+lLLihi2PLGyLHCFO+WEU85ZkaAYof4bOGeQu - 90TM2SCNdpEE39mGcJQ0HzjBfJVNwWLnhyeLLaZzGy620n1E22577JEGNXREqK+5 - tiFe2m/jVAk0yPCGaXu2sPNPlRy2UUF1ThVfTfBxze1oGkxWYhrgW2/JRNXRtk7f - cNK6LK70qao9ZwTPrS73lgpLDvUTlFbrMzPyFstD10gxfGGHIgZ9xGHCy4BHMlHS - UAFfq6SZ67xYD6zI2Me49GwBI+QDVevqIM/BI50PajNWK6e0XZ4LLJK/xnDgFoXP - L6Q89MQ22/JsxovTL5DV7q1CK1y5wXbWAO+V0DmSqkw+ - =v8E0 + hQIMAzHwOG8g8+TsARAAzZqzYZg3ucE8vV4MDhXFOet42bDD5dfFsB8/DPGP3DvS + WJzHH+JOsLby4qnVURfxYNOraFREs9yJ9DHK0h6GKter5qGKDQKlbOnXmq5Zy4G0 + PBk3xD0monaMW5V4pzbj++9RaL97dUt8bnD7szpm64vK0jSrJCMpsynk8IHPy5wY + ZrMN/83AQzgvk+KnswxHPXg8NRRhIr/ncFtaCIM2ArNjKLSfPa/97hGlFybBnPtI + dD0BRKyybICFiwY/XXBf6kqrvl0RWQbrMP33NU596bNxd3l0eOWhlUh3b5JJJMUZ + VtZnIVSlxTXiX+ZOjZ0HGULFIJpYnTbP2PdJ39Rxe8c/q7Nuv94ACZIB8YHHPEEG + kwfaL4gdcIdPa5zLxBmLosHMulSWaTWw2kwm756BizUDYlYrkGjNUaHMPOfIWC8L + MWiBAwgu+VmL4utvc+U1HuDHnqMavM0xfy0YPGLjXkwrZEXpXil6YzGgIued23Gr + 4/gz+ETvpxj3o/YL4IY+ylRH70tuoC8SC7vrCMutKoI0/3pjJdxNvMtbs+W/qPrn + Razcz0YjO1h9cYFbLvfS3GaIg7xg7/kT4VmD+9JxEzu7+Us763gKtjxXnfgRKBsd + /C/98RRkcGzcr1fd6TaDH5hoUkWls65ssVPi+2VKwiT3PqE5ovo8goI+0oy0oePS + WAEljGoz9pTXsRFc4lWgflVwnhM0EdZyP3EQ0GNva8fpHe+cng82A8fOwOBE2eIk + XVXo0vhqOsjHtldGaH6FpK6iPpzrQEQXVJTXDtCSv75bn1IoKXyD0XM= + =N0tl -----END PGP MESSAGE----- fp: b8b02c0885a74753f8fb53f031f0386f20f3e4ec - - created_at: "2021-11-18T17:04:36Z" + - created_at: "2022-04-20T10:24:31Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA7e/7FWhF8G/AQ/9FgogB+AyEC9VckAAA93k80GrdgJOUJgZxHox1B2sR2cR - HXKEso72RnUnro3vRtCd0lpmlybV5ixekuUUSFMduFR9zBj3/oUmBQj2OaOPRvjg - X2iH+EeYKj5CUaieTSbyx+XI+9XdPntcTRG+gv+DBWYQ4g5pdtRAzGYA3ow7NsaO - wy7FS3okx9rFHoTsELOMO+W96VjDL3ny27dkuqcbtUizfBRlsW67Akw5MULriR5S - dr0oRrKtHOBKvHV1I3NISutfqEwb7+tuHknpUvdO8nvplMRYMRxXC9BJ5NafxpV0 - 51m3STB6PSspFopLPGbIDSMNc7A8KOnmsxVqzzeh6Qu+tluBlF6XfIQf0de+eFwE - PLfcSB3BmM6M+lebJQNk66LXQ9dmfuf4bFkarL+Gefz1CjIEeTtX1QI/E/a5H5uU - 77O7XyV7eAWlq6/GoOJmWrOFOuLD1mKshJ1RmlKpiAOu90WLNse9WSyW9sUeyU8V - ExGLsBUSehk98tzdMvqFDnol8Nx/f1y2kNEwyoJ3Vxr4BQPi9jpBgbcQfKzZW8rR - +EeQylS/SPq25WA6mllo9LYNfE2MBBZaVQDZOqTGbISZpXUXJSwmoy57m8Z4cixl - Cok3P904DIpa272TGFWM+Xqkl6KMu5ejqSl/tg13A3DZWS97IVIEc0cefhfSJlrS - UAEqsrW6JBRWIa6S9Kgisq9dUcVbOOqRKlb/okKCtH1WZqscoYncYKkx9+c2Ho4O - VsJwTqpQInePhh/ZAWyTEmFA1wVW6SlW4ive7YKYSOGJ - =Hct/ + hQIMA7e/7FWhF8G/AQ/+N67V0kqN8E61cfJPQwQRd9AoY19SMnA0j0CjITpPn53X + icBTkR8yroe+q84dlcK6pUzNJbvmB+4llsI60ov+aTLBOI5k0fYEWzyYm4w2Bi69 + kc2HUIusYKdpkwl7hExAD5Pz/N2P/rOv4CULVcVV2VEnRp8JMo/iaSzsJK+BIx4r + vK3dJE7gf47JD2yzz8Odv6A4ebCEgwZwCGKug4HKc5gfd18/h+gVksH3IJGQAsO1 + B4kRsHQcXZ+cL2ruUoBVzXcmGDW2UNNAr3oTj70ZncdjGpYO2SYPIwfsuhu+ZUsX + 0P275n0MJ3rY3nm61kSt9W8uSL76WqvLySucdqUnGGGztVqixpFw6Hj//IjoBBtK + EarKgVZl4CwIKLsI+wMGxhbc0sc+Udzo4oqD7uMWxB7TNplRrftO1M6uE56njvXp + Y6OFncUMKgGh3y5206DK2uTCfqr+afn3cd77gWwacLyKCsp1ZaivKC5EdJ41T1qm + 0D47+Y9BU1pkjq4NvfWSQdZtyH4XXK4gK/SJlykRYqyrQw6MGu6VgBm60iGtUurn + yTaRaxQXYKqARhEsQH4SB0yT27qUwxHlJCxBRJUJKVhVvB8osE1slSoFgcqyGdHa + ghGIEv8vJbeSl6yM9rEp7rG6avnRnYU/3+8i8lp72Fmjf/KRsssTgb52+gTX0sDS + WAGhGww57vUr+avhBvDNb6VUgwnE23Kxbhl75stvE+SICB0xSXFgC4ruE+uGRNb9 + rL3YAp6fo5e6Xeo9P4YSWoN6gq+qZZ47/NpSa7M4GYG9qewnc/aH8uY= + =8XjO -----END PGP MESSAGE----- fp: 5722867ac621fd15d2dfc7eab7bfec55a117c1bf - - created_at: "2021-11-18T17:04:36Z" + - created_at: "2022-04-20T10:24:31Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA08iR6pPqR4EARAAo5uxvZWUM6wXXHH78E0E8vOeeLSJCl6SuEpffoW58JjQ - hiKo7rVDXXN3SNCyLJO/a9HX5Ky/Og49E68H40A52ATjz9RA9gUSncoMSpdcmDK+ - d54eofepP7TtX8qaPOLS3fhc2BzKRYJCl2eY9jbANp26VxHa3yM3tRzl61bofPhz - +1QAOsBjOIemmKR/WE9cFLE4wnnz+6kcV33URdrr9iB1lIC3l5h5l5zOvvMFxGCg - 9rp/8HFqyGeRU0tTrMgA872XbdxiW8rDtHHTYUqzvskk2AZazl/M4BZQ3PI0DvcO - GMNSP1RQI4symALKQeKtIk8DDfXa5oCRBkS3tVGqK6YAWhbDJZEIOvmclM762qQ3 - xA3zIulW+QBhUWI/FhYaOphTfoD4EDXNv80EZlsQtE2xxpX36SmvNO3q4EssUNYV - yHGuEuZ83oVytzQJl9XuSpN/RVoLb8+rdV6Z4nZBt2Caa1PMu3WjzS3bDuAnDRJP - GcERazZ1TnZEct3fqdtaFQ7WBV4xza/jB3kezVsj9QpzkmmqmqYBnYc/M7soNPUH - D+cE0M8ZFbEdVwecNNkPO+9gQ5lSC5wFdzWWCzaKYTc+95542Htj/M6SuMYHPrv3 - t/hwgl2VTI4vLQoWfqyypDbluSuo/A+F6njfo26HQXKA+D/G0CKwEXvxckmtAEPS - UAFxh6TcFmGm3lsbUczVr2K6CEzQ+fj8i/lEuelQ0meONx+QnUJukuXPOpdbRAlg - 5U+svyKFP7xAfVt0ZTUPGwsX0BOdc4Ro35xIk4Eu7Tyq - =Gnlu + hQIMA2Wa+H/09asCARAAx71YUAZpKJjSYvMfm5mHxIoVqmH5IYaGqka91eNiMzzd + zU4imIBMGCMVhYr0OHvJHfEHAU6QF7ediQeNqe0/Rl5prnTcpENKUTovJzgi2IVS + c8lqw0Vqiff+/bPHRhwKrauaPFWHOo95sb/VxmpJIF92hME86F6bkSq1B2YAvIvD + Xs8l7M/CztDNVQEjdrM8yenvxweuZXayMcrgd4iMuBRUfzyU2e8ID6mg2zPgAhtl + 5uAutfyjgGs/spEHlg/9/7dLIuykMJDWj2w4AIby+cvAXNZvgd1kH1QPqzBOALcp + Uz/oFxV2bC56wI/ztzG9k6Lfh2yjvFHMmdXpvXx2gjgaMDkowzmHpfY3JHULQOJM + q39OCOYn0isK+7mUQMZv2h4bde2mue5Tlld9beQMgfEUCdkBezv6FChY3OtJk/Fi + yjQR+GO5u+wyE5iToIXa4ZenUChyDBaoI1lIfUKTvPV9puW1wIhOqdvwtnAKfInk + auIL/6zKfuEB2RF14hXw0rtO2Z6K70kjasMP6x06+MhNHpxiGfnGWNQ1VIl/oT36 + dy7P+8S9md/XoEy5PAPj5lCNZaoJs9vMLGYn9XVaYewk8iQYU9S2f/pcI2RZ5Reu + aM7iHSMx4BpL2/anDmHzIZDT3i8f216AFzFfSb6Cb47qhIfssqSXf0rCgyQLT4nS + WAEFJ7bMObVVllFYDf35I4yEjfGJXZ7dz1qe8xK26N9h6BZy6EO04BstsWCPndmn + WSmErrM+m83qkJBM1iRo3Xs/f0s3V1KklvyC4lB4/LxvKpb6UyZ0Vd8= + =dKDR + -----END PGP MESSAGE----- + fp: c7ebcb8e935bda9466e98b1a659af87ff4f5ab02 + - created_at: "2022-04-20T10:24:31Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA08iR6pPqR4EAQ//WX7S1Xd8B95K+KkqKGeSwz93oC5UyIf23GN6qkz68Drp + bqqvbb12mlvAOYrsQcAMpBbS1QnZds7qxwylbybTNFmb1bJNMuI3saOrwfX9BbkB + R1ccv02kL3RYvRd9iPyTOfhBvWpAw/jcr0yEQR0ZqQjmhqX++yahekwQkhQYOeqY + jxKSES3smd7C3KAnOTSQzhzY3yNaZ/6aVLYU/pnDrRkVPD7YgsP6k+oT1CK1IhHt + BC3LXS4Nhws2v05F6SuSoMEGgtPWjC+tlI/uY9qVdC+T82cXM0pX6ttG34R/1+gJ + 90CFRc4jNw3tBHRzOwxycagZfvxjgao5i/ncP60TOAUYeBYuK1RGiNE0ck3i2h84 + YGFps92oYkrbVVVt6BCAHCB4qh6E1BKAG3PDWw3nTa25EE7zqaHqyajnsOrnNlZH + mgnvDMU9oiJcStV5O2DZlc2sVRk0XLL7wR07IeSFFMS/F6cROsHtH8R717obh26f + IMO7uZ8YKihdMUAZT7TQRLzTij/oBJKWjkM2SQy31Rx7+cIpS821BSQcXcYPyCM4 + hlf16Mw4N1T7WEg0PU0WzqkJuD959UuuGZ8/eknkIxUXeninL7S1OSwUHl3yYb77 + goiTAT29yn8WTg9YI8r2wkJCTcyKxSAtSb6EaFKhcSzJXkoVG9gTDemP4NJFw3jS + WAFZCBLhj7DTz6zu4ysLC+3pdEFHHbMlIraFcWExbqRcBWhHD+WM+ACfuR+U+nGJ + RKWKP/+Ujyo5KCPBLm2zX2xnfdGko0bGeOwbMty1YUct8l+iszMZ11M= + =5cRi -----END PGP MESSAGE----- fp: 298092af3b4de6f5a6cb51a14f2247aa4fa91e04 - - created_at: "2021-11-18T17:04:36Z" + - created_at: "2022-04-20T10:24:31Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMAwsjrCcjwd5TAQ//YeCBQ5SR+bl2WXoUY+xJ1UIfQTihZ9nrSEmkiiOxVnl2 - 2yxMKeBGYWsKHy7MHsPL2j7Cj85bOStX5/bkkLVyI3T6un+PNGrSnyZVS5WuuUP2 - HNvHZsaIZ6YKXoAVvw9iUOUpYKSkKHHDLugMIlmCbaK4/o/RKNeVJCfoN40jfNyS - eVmdkXrPltJk9BV/tzkhAWX70MV90m8TZUl9/zfv0zykgjg2lt/UvXDk+uB1uW3A - xGHOSqRO6mS3LAOMeF3tQ9OfRmxg4c3GAN1U5+oPlKFAoRe+O+riPYhcKx1/OPYo - tOASUWP6NPn01YCr4hCwtk5Ar9+QSIgTk/Pz1mKaLaG6IG/1HMCLySeJxUBinLWo - QMODXl3eFKqEmimNcdNiY1uB6Ie+o8+ITw+jyHiA9UpurWPvRdnNTyms2xyNBP4N - +Zx9TRGz0UkoOXsdOrXsz2fgf3pUOClXxsimoP9hxkeQNzL8LCYWB5IR1Mb0ILsc - w8CdfA3uboyFw5QbGv+yh37xEgvMrcI2cFUEJUqd2XsLD+l1ttivyqcrWeO8OMeZ - jVc1m7f0/9T1YunY+eBPYA6JLUfE1kygUQwSvcV3mx5fB1mapcYel4F8a+K0FSaK - ti1SHr69WNoimOpiEfBcWjEXgpszGGVPib3XQy17gdfz3RVFj6t/Za0dEcHa4iHS - UAHmHQYaCIfNv88LgdK5ygLqfNhTkAeA6oHmPc+Nrpic/DktL2v2cCAHVPeQ9k6q - 4DrHjGcklenTxF8B7LtTDjHyymD9rrvglXOBec2eTxhH - =Xekw + hQIMAwsjrCcjwd5TAQ/+IQ3EuGOfmQx6gq7bQgCSkzVBc/bKbKnvtAcfUdH0xt0K + hYjfhQp9gtPsE9JhNNCqDjBqgCEvi4JM7vuH4oOcaEliH14ZvsT1S+JopnBvUYTz + W1vmKoJpHR0xq8rrBC1oZ6JSfP5Jp+mfKichIELmXGDKMQaIKubQOIFe29OJcDOM + Cl3uy+hsK/27L8s3wvt3kWQSI7en1kLCE/8fiEVRzPgerVbcOPiVRQVfpKxiPuH/ + Wx2d72+t9OMKRkrH4hUYobyqkQcSAP3vuOMNKmTOmTsJtExuVW1O45Vw5vLdhkdj + GX/+S2vpxD9ZBZAQT9m88rPzVbpyB2VhFTLuzo33VtyphavY2+6TNWG2hiCZz8f0 + pBJcyDjUDmAXXcu0Aa2d67oMowlXqoadQuLCSChd+fhN750wUdUdARkuEzKSMdTs + OROw+jTYVshJL6amhrUimiiFgW8k5kfEgYYXawRn8KyW7DmgaL+56+5H4AvgUZn6 + 2cQyeGGCbHbAK+MsxKTRb9qDYf4Eh0U7qan8ZIHzwhVuioTdDRAHlAqXYu9zCPND + +HWvvi6hh3zVJdUeRO5ffi2/1+wcXkCJmSfy+3picKPdAC/Yqwv0cdCmym+o7NJ3 + bqRIO6e39PQTAgSeUP4Wu/8rVEvaeuu8kHfJ7V0gGhJ+xjlhDNKjor+OgxbIrtzS + WAE/cotF0Nixof0uH0nBTubAQHTNYqNdhNSD2eKDLHLzFH4qzV1L4JjbJKC5+ICQ + rzus7kBX4cU1VhBQWJyz76KK1bOUJJOSF8oXn+j/FHRiUAejL1qq2zY= + =3Ys+ -----END PGP MESSAGE----- fp: 0ebe388f6827fe2eace1055d0b23ac2723c1de53 - - created_at: "2021-11-18T17:04:36Z" + - created_at: "2022-04-20T10:24:31Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA1Mb+sNWuPcSAQ//R8nXGQx849vilQzI50s/82YtSigHXh7d318K/KRVUR2u - wkXZmP2+VvJr+kkhInyqo+gH84WmBgD1hshsiCHdTSQoue7OWw1QWBoTziGQmNN7 - cf+LpdxX87Jpmf0KFWb+USu4T67amGn/XPFi8LWzCvwDDbYyCumURAdxCb2lGrqg - CC379/YujqDbaP8X1v7zyJrK5uo/jsKsj3XzHPTFvJXMV59QIwfmeT+ejlMBxRHs - nx+yZ8UVE1ndSZ/M2vyaQ15xNYNND1/529tSktm19KZWg1hIU9+iWsbU/4fc8Dqc - 70pTVIAewh+2mu4wUfaycMbJAWM2vQMlsLvHnPN2pL/VBLVPj7lvLgP5uCA0aJQ7 - EuH/DLOuBM52QprDAispcMK0l1tN2P6r21B9EdWWZj6AOzRoQhAcR0rZmYBIEXiY - dxspSjVuBtSYYBE1lIUkwP/GusH/+zApQ2ugvdlkyw1m2l3T6zJAiXc5YAaQDWGv - OTl7WG/5iRtTaDSmSZovvDmEjPHMXF5eHtUKhgB5HastcbuoC0hxdsHR8xsDvFla - nBhv5NpDUib8kwMnGvHuyrX9wpOUEESheFmsVl8RFurbuRT29La48LC/uC2BZgaa - QGQ+yfyEJsm7THalDQll1ynIpstkr9jyJifQq9cqefF6K+7ONyYW+Wwx6BNLsmjS - UAHL5JM6o+NQkbr0e9KOdoS4kr+Emh8DGC5uiCwW+0OWrVs/Vt0+4iJaCywycQyY - /Zx2l6lGqcKExo+2jqtzo29k4FJ9SiwJK25IEhvB2n1p - =20Q1 + hQIMA1Mb+sNWuPcSARAAmiA6yZIWxqNqcsDPk9VE4E93FuUnfTQc5BjYxAxz+PE8 + mqN2073NkSJYcU+BylhSImBVEagO4Qdo8jucwC3FMz7UWyDN5wS4F7Oy1gPepuvl + nem4Zr6dwi4CSpOwwgIt/KrV7RdY+WMKEv3HSvvOaMTSMXPPdSNfw7PIEraj2ppw + SRX8qsKvvquayyrrm+42clq+XdxEtkfrUv+GTtv+OKWBMGGJZ79laiymvwR1ezgN + qDHjVAzHzMGLuICaeUyYC36+H6OCR559K2Jzi+eD8UJyaTsvvdcTjntr/hm5EdQM + f3QnteKnxF4qdrpu5+VOPrLc45kZYsHWDbc2ZsbeivS06WDRRo05Sz31xhJp9v8q + PQm/VlTFhgL7SpFeRJ3QDhTUpfZToT4qk7h70Wx36nRKHUZ7fri8C40+SQUTqo5E + aM19t3/zsgpwZbs4KTm6GlcjeAFBsUXn/UqOAdtnnvh78+UE7nnY2TwVPqGK3jPv + HeBvd2UQSzjv7IvTeknqhfPsY9qWIdYPTzKZo4fJAgOJFm1TzqFlfAKcbcVzUk13 + YDDDBjFzTjSCVL9oBX29+XqO+NI2JGqWIgf22o8gErA8r3EpkxxK77rFnSEvhH/i + QLvhMb5NMbgJjI452GUAMMboipzPTAz/i6gJQX4Hv8cBDLghrINL7+39VCRmkEHS + WAFTDyXC5oIfc4nKzBo+V4jL5f9zKOfMyJsD2QSvMOpSu0TeIzjJ+27bmDRqRIVH + qXBitvvgE2Z3+Vsgo8TGhqPMEmhkE25l+0XllVj6uIgn5zILv4QFrPY= + =n8Is -----END PGP MESSAGE----- fp: 95233a9c933a7ff9d7a6ca9a531bfac356b8f712 unencrypted_suffix: _unencrypted - version: 3.7.1 + version: 3.7.2 diff --git a/secrets/desktops/gmailctl.yaml b/secrets/desktops/gmailctl.yaml @@ -1,3 +1,4 @@ +#ENC[AES256_GCM,data:SIWCzClUMNen,iv:UCYKLRkRfGs7VJ+IjCYsZkUAFEfLfvjYLoROxStOPyI=,tag:S5Dz7YlaPpvIhZV2vAWHJA==,type:comment] credentials: ENC[AES256_GCM,data:XWjOPnpTlHBcy131G6FCjUoeAWXJSiGjL6jLxdqG1mC8jA1fJ9c3qQNncfm4WduocnlIH+/fnQCPKhqbDfwp+OTkc4vptz8Pk1afQWZXr9znvyAZ3jlrLoXzf5IgukK1VjgKN+x5GbZ1nJaSPT2UjKoVoKN4Ug4gOurWwQ1mkSB51BLZ9M5fA0xRRXTDJr1Z1OwQeoVYXxh1BgfbR0C73I7+S39iw0mdg0898fwJSlCu3D03TyBfODJlSdjt8TJnsRaHOfQga8EcGEIhPH1I9tkfHK8hhL4EXnCPueroZatkPqXlWqcrYXa/ZzDvH0KOvhzeimLBQLBOuQdvLeXywtdbpMoZX9ElMdEzQvbQZgF54ZTZCwg+DZAnvauqeIg8lcNM3it2LP7g7uMZgSsZuJFPAD/kk91w7PUk0G0/2pknO8NU4dtglbt1coe8pXfKaSDGO/tk/GLHC0aYmwGyinXD4W0Jw7MvCC6qKo9bRK3yp+RSrNhNe7ELHHc3w6QT0R2TgOenmZqFuhhCY/vCZOCJf/JCt4AMsY9q14/I4gZqkQ==,iv:a+p2dWL3Aksga1swgNA8FRRSA9ynZyVmx5mDWfyAPTE=,tag:sSUF3QHqslKAMqifVdqWng==,type:str] oauth: ENC[AES256_GCM,data:9TS9UPrchjS59VQGI8u8rkNzPCQ1FA8KYRzlwmeZsiGUON45ftFr8vymaoE7Sj9raNTxBxY2IVmEgH1MZOt9YF+rn8dh1ZtmgwQK8dzHU6xZqV46EzQ66VBVlhOJHAFTEdF2uDQ3TlMVVH2FbOkj8tlYrlEh,iv:HgIu4Ii6ukKMvpr/PiZ9ecwz2zVqfcJOEj6mir43jVo=,tag:3HKVTYR3P8s+6qMo09hTnQ==,type:str] token: ENC[AES256_GCM,data:ZdTDQNzaXGBoKYYXeXFgJiGJ2lqlm4D9RU7bLe17l+gYyOoURjW9IOtMJ06QMPbPOOrokW55bQ7WPV5W4ywAMkUDSYQhE+q5xz4dCQCsIvEovBgeEYxbBlDrXyU0DPgHgI2c47gylKXBVIC0obWD5qgqW2pC5T+QE5r9xszVGSBlUOkEOQHnR1QKy3gS45EVXSr1RMnII9pVfRNzRfd1dw7oyshN7JpocTcYwbr+xxRs5hx3Y+5AWbzVpuIyzBT5S7w1eDkK1O3OnDt5KRgMiswDLmZ2eK9B9XrAZ6lYvSNFt/cRCH1H8+Dy2UsXRmSw267JXaZjjKAyq7tKjMwuv+7Sj7rawx5K76Az4EVoHrGwX/naMdI94qZwKOX9penNJhQAh68Yp5NV6McZ85xeoWfND70L0F+f0DbNJNidnPdfXp9zDZXzW6jCWc7oGW8bbiXCvAHlGpSDI9aqsE/I7IH7eWsMn+zGdRcEsGBfUeqkJLweb5wGYRa/WYGY,iv:a7AzHmLPYRqw2OoBzOHMLI/8QKk3YQk6ACjaYKCqbhM=,tag:Jg9zOS9H1xDzQPjL6oTCEA==,type:str] @@ -7,8 +8,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2021-11-18T10:30:24Z" - mac: ENC[AES256_GCM,data:NMfyU2RPd2g/19gjIF8Z3Aa/5eKveyqeAoyIACYETGB+PI996HEnQ5GIfr2kYgzVaG5x7ctwy9mMyuv7dpLfPiz+O8D90CHzD6RChwuaW0KnHdxahi+7ALzmV+vMfc2qPS7QLdpJV5QB115F/x/SP+RRBHvfjlAqmLQ7FSJ5G/I=,iv:3gD6PLL4nGwgVdoPkjl+BvCWdK3Bw9up77PLvlqCPMg=,tag:6VY4oymPCuBG+fzgqq8YCg==,type:str] + lastmodified: "2022-04-20T10:16:05Z" + mac: ENC[AES256_GCM,data:WvgP9vmSYxVvYItFuH5nfICQUbt/ukFBpsAK49f7XIpRcCrWfvei/VmezSK5S+wWqlvSUE3mF71Huv9TMULPr4XwA91lNwGL7/6oId7mATmXLFl6aIvE84/8+CowTLSPRM2ga1yv/5R/fQiByvXXh1NAnfOn5lD2v9DXrFuyBn0=,iv:scLUebLlRhk/H0L1kbh9he99HNnD1E0z7yG13HMXICI=,tag:I32HJU3WPWVxUdDkwFU2vA==,type:str] pgp: - created_at: "2021-11-18T10:29:23Z" enc: |- @@ -66,4 +67,4 @@ sops: -----END PGP MESSAGE----- fp: b14ab1e44008e7d4c39875324d5981054462545d unencrypted_suffix: _unencrypted - version: 3.7.1 + version: 3.7.2 diff --git a/secrets/desktops/redhat.yaml b/secrets/desktops/redhat.yaml @@ -1,3 +1,4 @@ +#ENC[AES256_GCM,data:CrRF7nkOQdfAvFp7L/73cngBIEyEQg==,iv:Z9kvmN+eiWrfXxYD2kAHlVPdVy4cyR23OFWbuevFrIE=,tag:MEnpv43S4XQ0pugE2inheQ==,type:comment] krb5.conf: ENC[AES256_GCM,data:1vlBweyvciZuZ+4YywpXXrrCBy9k53gbfPOS6vfOaUZpSfBFoc8c8q0i/mUduxkW5ggGyn7l5qsJs3sL6ENTQbnKbYkFWPOGGDxk/p2oHN2QO7p+5+pcHDHo5/H7koxRdg/CZlLy9OAJYYOJEbnMMITKnojAwmHQ/ohpsk9pfr7dv5aYXy4uG6TJRyMVIPfa/G1M7JRmupaP2P8TAxxd0+irWv6TvoeVkbiyHFn/VcJVs5y3b1F5e3IKVaJJuzWcFjP4CBW1aRq545VMb4rYVPe2VfBvD6WSsNwPHUHAg/hcfkH8lNrGMD1e2vBX0SQUQvATtERSrKyRbGUejopIcKcsE2TgAB+k4tY0g7iTzArR6vAr9EMZKZ/v9KxcPXrRxyxIKccv/i8znt2hOiFMnaMEg+XYGe2RZ2yXxDse6RYCrXTSX1Z/OwuM5a5vNtnI6dHJ+MtpkSeRA1YVuAFNg4w+5+NtHeZ+AVtvZAasAc42T4isYJyvZJ/lWI3fGajVG732lol5eFb9Dl/2RQ0aXmnF9/mZ6Kb5nVB6jCw1hEQ3gg/gLHYGsRvwOinJPEtyKfhuM12iL4XTqxtjWSAHfFX+KRjEW3rBnok/Vh+nrTyAnkvyzcmyLGghFF+07ArW8LOwxm/qQs1DgWrsJsq39CprWERecNPzYPCWPHUkipTk4OashpRjccqRvHYbJzbdCCJ6AisvxvYYHvg+ktNfksGwCknKYyCs57HmWK7Gj5oTnPiEOB76HnpNREQjtgziTVB845kUHZD87s3c5uAl4laCALqLnLhapgnS+kqvj5C/eaetb+KX71q8SpPIf9qeBrd/pgcw8RYvTaYFB5kzZHz83yPJWV2/DTHGciqOE8oOZjlpbCwig5t+TbOg/20oW3hHlKA1Og/q5JmwDzrUquVYWDUimv2qAcz5ww4uVkNEJiG9B0M0UwL6+FDHXra+C9ieS8dqveLE0RlgNvHOScvDrM5Fvkd3yk43DBT2nPtry0hSKK+PSvMXj2ht0JoyCPls3p8gxqhyVsB06Yo1EqgmIgl88l4fhnZq53IhU1Dw9O1+l8wP3YHwdEQQq4vRWhqBWa3dR4ZCtpaI8h1EzUEaiZZ5hMRcO53oo86JhALVeKOBiKEZcg3fkS+BKQWj39TtkQ361vbKKBFmUxBCIBMpnEWiEoPD3ebRMFfnItWj4Gj1SnMWrBD6CMmKE9XyX/3R4voSrQbqUCMMzx8RyvDQcEX1HbQstTDAwiWx5BCiY5w9+gM9livo92Qd3F2ljD/t/+pro7oKPEJAkyrv4ywykUueo0Wa9dFPuviNixjkPUJjNc0Pt6+6BeYomL7lGIIESnp1+QvTBdXXuRRftP9J5XM4Ao2/PpfIGqOH6Q9BqGvjAqjKzDX7kNebm2QbeJOC08rq/ltnQTs3FVrcNrn6IUvMnq5I+LIExye2B+uWtdfG62ip0mHFDJ1yqy8+IDOZwCRN9JFqaME1aMU+MiLdvyZB0UnIEnXW8yyUCK3A/hhPFEMeIYcbYeXlv9rd/2I2Z+B3Pu3b,iv:RwOdYwQ0JK8w/FS5wY+qgy32aZQpI1Eceerxbm30Mv8=,tag:gEQCnAXBUxmXSq5rRU5cPw==,type:str] 1-RHVPN.ovpn: ENC[AES256_GCM,data:py9YUhISFyT1kl7Ccmvfhozileh4bnV/NnKxjXiN3nlLvH7/WzyVCrJvEPddnC6+Lj6jPRavhIClxMwftsZbhuZexm+0qDf9LpLXyDg0yQn9a13XCHFypIodDGMk5MsZ2YTxqvRKjSKq6t1haC2mIQp96k3pXtrX+uyEcb4Qrt0MvWB+nIkyCCQHK7QUOy3rPptpTT5LswTj7RF+WaiGIcCTa6v5DiTu/abssoc4RJh5rZxnXhGbofUTkminnk881HQKDlPFefW9m65k7bwy3eOczzmDNAB8J3bAqpSQmlWxxRDNDd8Hlmcgo9AIaZMpxw1rkAOQporn38mtBEg0pu49NfqkCzGpN78r9Cgpm3+c2PB0VlEa30ebNQVU4tqBfjObSHxsJZbC9ZviXqh1z9h0BKsfSM5YvJNXZM6djo8yetP0NLKYQRjFCKoRK9nPLP3222lJf9jqgQeLMQypxkyffSE5sDF+ni/+qPpeVCmIdbOWz+Kins9XY2g3IFAwsk3HmnfIdb4e1eXkaewGHvsC358fLN3hLPQiUclPqw+hf92n3S7fj0irolXs/hH+tk8LmcznHvs0JLk4mDTEzRORHIwDDekt21QdaRl2PTosJ9LvTvG3s1R//oGbDw2kgxFEWWFlmt6RuVliovdBosHcy/cHsSWugL47,iv:7EXuTXKRuLYqG9lCkIjrwRAICCFf6NJZvURo5o5wHck=,tag:aUM8GNLqUdMDwo6azdDDEw==,type:str] AMS2.ovpn: ENC[AES256_GCM,data:tbpgQoSd2VTc6PiRSoGXiX/qVJvDfPQ2YdHVg6vRwT9cAKpUMRqBegTyL69WWXlWCPfrw7m838gMcPS+UklMG13TEACe19CopazrDpTgmE6JSeqnXFEz+PnIqOtCc2mpBVa3fhZrNC8k5v9bL9PYkJmF9YqixuhCOxLxfcq93Dw6DLGbwzfVNF2Wf2tFF9F7fv0xyfzHHl1kZV85JeBqigh4aFLuP71lEVxJIwSw6hDVb87KLyuvs8AAACAQwJRoelJ4VzY2haVhAH9+wmyhYAPrUGkas8X58P5uLashkvLXUOf7djlfvYXeFoKRGnNLog75hInVOsI3MnL+H/aS57a6Snlr2BJTCqQJ5/1Y2ApF0iTAxgaXMdN5fUzfY0tCHJcOhuYI8mYtd4fcKjnj1NErtH3mFJHfPUICQ6dNOBHQDlaxFDseI5IQbCvxruBItXs1utVPY1uLjA+sA4xpU3ZJIbSbLRHZOkuwO9UtxHbJbnmg6vzPZaaRFTzHcDl4y9lkZigDShwYOUe045tyZoNsS67gj9Pumw2+kUcf2x3H2aWMCtdCP01ZEhQCDztle0U548Z+zW+c3GEzzSrLODiO1xN9y3hkLrxf4MIc7gEg7tMK4bXaQr58cmakJCL+3yRkYTe+gHTUSMVwuD03j6eGbqPmh1pB0SA=,iv:fAiWR+0J5UvagXMUf1UAxgQrDIC/x5P45rP9BqGt/C0=,tag:VirUAkEOyOSpgH2yiu0f+Q==,type:str] @@ -19,8 +20,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2021-11-19T16:48:08Z" - mac: ENC[AES256_GCM,data:WozwGRy8u1Na4WbbnkbTK99LLGEhYEkwIclnrT8/mnPVhYvDnOnJQ+Hepc6rNpifILAbMnYWXTRTcaIJWMwHSAUsstHe50ixs3ClJkUx5Ot2xvtuWLNZ2VppJZKm9PBEkjbd4vEFVFNZ4GWlpexj4DPhyyAvlH3PnBuocH2McYo=,iv:xEp4W/hbzXp4wmuWFiU9Xx4SCGPGJprtNppfjTG4lns=,tag:4BVCOoA5u3RNXXSDecHDjw==,type:str] + lastmodified: "2022-04-20T10:21:54Z" + mac: ENC[AES256_GCM,data:9vVHzv00JmHgZM7cr+f0sK5QRZV/VdplEuf9txOVmcOGzFeWhtQo0pt0lQbGU9qei2yE0Ow3wNzGAx6GJSzXQFwGHZD4+v9g13NEEKi9bbEYsxdg5rvHLwiXP3qLn4KIQflANFKm4GDwnLR2UQE4oRbwTIIjbwa7Y0BELMG4nGo=,iv:oxihGsUdHohiTzJlP/EEuWjBSFaut2C7LOm+BqbUenQ=,tag:20JhpBCmq1BLNRB4JR4D7g==,type:str] pgp: - created_at: "2021-11-19T15:51:49Z" enc: |- @@ -78,4 +79,4 @@ sops: -----END PGP MESSAGE----- fp: b14ab1e44008e7d4c39875324d5981054462545d unencrypted_suffix: _unencrypted - version: 3.7.1 + version: 3.7.2 diff --git a/secrets/keys/hosts/shikoku.asc b/secrets/keys/hosts/shikoku.asc @@ -0,0 +1,28 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +xsFNBAAAAAABEADJByv8AwhpetxLm+o7EuUiE3ED/To/t2pu4HayZYFqii1nhiI9 +TFMhH2xe4PskOAzuovjvlyJrcNcsqCGs9IgLCpGSLfYHx9O1+r73kpwHl5x+3cn3 +raAHyG6W+x2PPyM2kZN2UISu3saZxyuIjCKhk2XacCVYJVoBQm+AFMwyv8mQA/V1 +C0TJzAAq8Y1xp1XvajpY/nJRX3jbFTrkn+rPVVqKB4uDduFZIDJJ2r+lPKVgrp51 +VwPOVS0VEjWNqq2kQNcnWST3JRCpBwsodByFUcAzVMMoKzFc/rOLN6W0yCnmqiR6 +p2++C6/YR9sCyZQTlp3xOvsO2q8GcR5ACX2uFnXykhk/sIkryFJVNWxFpRnTX8uL +E93NHD9slnb2reaKscpxSzO/nSAwnV/18P84oXsbbCMlhJHlhcRMpZiGokdnDCxv +hlgAVc2ToHfrrgbXxj2F5/EexRLAdqdJFeDlm6JCnwcH6OdeQkBEkphn8ivtA5x5 +iCOgFPsCnfglNxjfxMgpbqYDV3QMa68sRZHU33z3/0kZkhX+wBtwQM3GfH0ZcVDQ +6Vo955LRBf8gPRIGjAbqR+i3fw7f6OO03xmeoxbK1HmJND3hjFqIp6gmV8w/m4qf +kmv0zqR5i//MC9ln4aMo6qxGDKcZFt1pgPy05qhsjKnbCwJ8JqbGWCPCLQARAQAB +zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT +AQgAFgUCAAAAAAkQZZr4f/T1qwICGw8CGQEAAEGzEABQJa1CEw4Kfg3ix2El7gff +Pml0OzIWVpyN60oatLKTwaQEKMWFT233MruETG3f+VpjLQfRV5B2f2CjpvZYdJf8 +YcwyTehjEq/BHlJpMFzzRJoK0QUpsXu5cmQe2mgxOxGRc3i++VppX7wcTUDEnOc/ +DADJYpqhrtj5nGol3dkF7wXfs/Srbfq0avfnIQKzOsbEn6QU07zHNf7E1Y1CF2Dh +ZXjpSIdZGqcOjCxk7vL4TMMBWwqgjAKoV0Pl+zOeU09d7b42I7xy9f9HCYDrQBjg +tsiYzqQeC9x97dNTs98RgjL1TdNW2OoO3ieoN7RnpqMg1N6nBIGbPsTI6OjBf4Vh +965l3ACbEiJJjkRiWkaX/Z2OC32OlsSfmfHT402pNIat75VUDF9iidrVbEVVtM0F +aYD0RlWfZKvbo2PW27bvDg5a6oq5D4tSYaZ50P0p1r6nqh1Dk7gZCBHGrOgZXpvj +75ujczC5Z669FucQvdRPkU/lAgx3QBRxvs/8jmbDQqzgcYi2IUt1oToDMqtQLc4P +cL/YLN34CvC0RGd1OMxSOd5Z5Tob9OuKWxRfebMM7aoDJXW2lrUueGFOzJF9tGuL +ZmN84Ueh40Fm6Fkp4hXYTKpcDiyBTQfewa1JiSOkyrFLvSWeioJtBSKTflkDDvqw +YJPEC0VFJ3joQEDvAYSrtg== +=qBdw +-----END PGP PUBLIC KEY BLOCK-----+ \ No newline at end of file diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml @@ -1,188 +1,209 @@ -msmtprc: ENC[AES256_GCM,data:bhdSug7Baz5qXPZDNhHf+TG0R8jQwDf3H0dhhZ1GqWOS755hw7p8VT41OhpniIPmZ1jNO8EBQ62RdvMJIv6OcW8yV8XBXVcM1o6EHICulmMxdO9uxVCsKt9OqWWH9e+uvVbfb1z/oM0kKHIcDH0JVXI6xNCjtTvto3K8rt5bjdzF8/pU3N0xZOG2nq5rEmZlEpHIYhc6wi8Mq+tPadkXACYwHIvj/KNp7fBt6j5nNXtM7X6BCQmzDwbZMRWKHL8O9zDU5hLhoY3AY6HIiukXdd5tZmjWoDzKIINp55g=,iv:XI32dlY0j1hfHxQJUro4KOEWIk9Dn3OmEOwo/+C5k+w=,tag:pGkhNGtHf+ChgR1LXe/ZUA==,type:str] -u2f_keys: ENC[AES256_GCM,data:OB50e6OkzKBJabkN0Wi/s2GNZsiqcImpzUVwtiYl77TbVj1L5xcy3AnJATw36amiM0LWN/y9RhcVcLyjgaudcUBokUaLmee+Un7uUxP209wrrNCdvw7OtiAQ1IcVA9tTYJp23R9/ERQo6mF9y2KrbTeC4fYteod1XC1N/cObILMZTXdac9IsjCKtsNlQi0dTVG+pKqgcBvSXPMwM7O7XcBGonPz62DWsLaEyO0LdSiQ/2CGP4cCFfYg6pwQIhoKYyUb6L3Y9r/L/B+ahlPjnrdUsAdqp66lv0GslA/KQHC9z8g==,iv:c/TQ1A0t9WI7e9R05AepDQygzNqajjeoAOP10OJlf+k=,tag:0lWFFjsRh+qcl8aAlV6EXA==,type:str] +#ENC[AES256_GCM,data:UM6IqGvm+y/yi4Gr,iv:J0Mb0z9E8Ek8miFUGFWS64YC5IBMgrYY8cwwE7UbaqU=,tag:irYYDGfh2g1hFFP5EUurqA==,type:comment] +msmtprc: ENC[AES256_GCM,data:2TS9oJNhOiBpN5My73coXbwLDj+AXpkANFxNoNcpXpdUog4ZAkDsmzjnVRu4wDmJ1x4LXOpegSD9rdcyOFfVUVMhI0+rRuLXT7SGSTQhLWIEuiuEsQStcspXaFqR4ztLNJZXvCTJFmtoO0NnvTzUwSkP5KO09egU1dCGspRvOB7b6rTjRhLduS5cm43lrzEO+EW+ePT4DBbcyk87IczwwMkAVIbd7Dp1Kz6wq8OQVnmsJsBobz4fJdbnKnt8BT1Li9uA7tPN+yI4AUJcBXieoEmjx2mza8malNPCVxA=,iv:nZU6GFWzKU3r4g649RS1UNAZJYsKuBGij2/L9WMLZ+0=,tag:PS8JGpLQGb1Pdvx+f4TYxA==,type:str] +u2f_keys: ENC[AES256_GCM,data:Weu/nE/74n2kHMqx2BnMeIPdQLdC2KvsPxoszFhR24AbqAcGBRtp8chsyJGSyn0I4vauckn7Ot/Q99eYQ4jLQLzR/pEgledT3ATT6Su+DqBFxYgRErbRLwScLlcI0mPPFBKH/9nP/r4V6kvAXTfFAyoBZI/XCl1/MlbcYvpMc45n4CYjbyOtDHEAmNgX81ttWjPqHh8UkL7G2pdaiTYKbpBetkHIuK2GG4AW9KiqCfrCiaknZF2qs3ht8bycyWEXNlQ3Nn12m9n3CLiLwe1YHD/CoqG1P7QQMxgmgkYAl/NfPQ==,iv:ZA26EqT0WTiTavGVXlgJI5gUwZqKp6RreuKk3tM+ovw=,tag:WmX/AnFdqgs6mL+jcCXQRw==,type:str] sops: kms: [] gcp_kms: [] azure_kv: [] hc_vault: [] age: [] - lastmodified: "2021-11-15T13:42:12Z" - mac: ENC[AES256_GCM,data:9I9ZQXkO092cB0OAQS7i9dnBre2nW/9Usa56rSysUa9kIrkvIPyuvA4/5ON060RyiS/stE9XUUAGyPo7UoGk9V0vygrDx4BqkGtmpEOOr9hU0i+7o1L/6I/YyEntHo+8bc+p3Ojx+FZs+XAmNFl9EqF/RX82G1xNZRMDbosoO4I=,iv:0PjJjASuVuzByfFCCm+n6LyZBvs8HY1P5+SKEk9yIbM=,tag:PnPdzMSsLU339nyO6bVHFA==,type:str] + lastmodified: "2022-04-20T10:23:45Z" + mac: ENC[AES256_GCM,data:bAkYhAhnCdwaitVZvK8tneivbPNCy5eNbwDsu4xz2KNR5plekby/6goPpCX8JrIY28w8Suyi8KXJ+ENZiFtklBxJPZYrbL1JAsOEAFbLW+Lgd0qAXLgSeVmRk1LMHscwVSg84F3US2NDjJzvGHPhTHldDVFN+LXi7TxmYznWX4E=,iv:q7FvC3y4OyQbkIKCn2DMOLBdncg+s2GP0bqwocQpGsc=,tag:wcenRK72I25XnA0rvdTVFw==,type:str] pgp: - - created_at: "2021-11-15T13:42:00Z" + - created_at: "2022-04-20T10:23:34Z" enc: |- -----BEGIN PGP MESSAGE----- - wcBMA/Z3oSgzL9TxAQgAJ5XdupnjERRneoRwm8OlyxSUyx+ByGCvwwUPq9gaa5gS - wRdLaVVrOw9wF3O4fqWbrSLhE19ckoqrTxFTU9grytvWn/rJ4Q3v4VoLCAZhcRvi - Z12vbtFD4xg8hGa3tnYd3AOP4YmqqOsAKbclSOod5ZECRry0V4cImQbq3SGFNQuc - Ucc+b1kApiGF7W+icizHCst5eqWWZtLYUijdkugKSRAmXfbbGX9CkWDcAtNCz/K8 - pu3JnECg58hIBpbCMxqhjfDalYDoFFAwMkTBFi3pPFaIXPh36S0kPFHEbwD9z40U - ztJ4Sl6ooxErkyJt9xVgsXQqyjGxPQkyXQ/y/V6OydLmASMJNfIaLPBzJBaw+h4e - UlxtOs52bhGCJYHJFOe06I6CO1oQUUhcTkBRkRosCSxp54/QdFOIUxILN6FxiZG7 - BeTPxLHpC6BseV96Q4Y3v49j4nmoQnYA - =RSNJ + wcBMA/Z3oSgzL9TxAQgA0TTNGb3cAo/WNGoilgCu9YEhOtNlBKc9N1/9iskQvGui + jZdy5c3bl/O8hXK01AV5RwlLBaVnwl9GXGu4Jt+LrUKQD4VHJ7edxTLIWRidBixL + IwchE8DfDhbp4bh6YwTXWOR/M5qSRwjJWWOOg1NO2OIs1LG76NEdAM0lcpeUW9WV + Lilm8R1JdNcD2HFiAfZm2he2rDMOjv0VpuY2o5/UejcZsr4Z2ZmkX0/LIDrZzs4I + WCErY+iHMyIYQu8W9F56xVFv3EaeoxYOBwRRE0HdueURe5iVLbyNXnWpMknthEuj + /kTJjVQvKF/dw4Ejdkb1yBRGWmt+ymJYHPO00qcaBNLmATRpG+CYVeUcUPCg7CRM + YqC8zUU23V+SPLCaq6q4clL1HeKkoRjN6R/abjNc6l4U0gIZ6kHqiPL5c5rsiN5t + mOTnq8lD9psvEoJ/ZrJ8gBfD4g4cYc4A + =9JEc -----END PGP MESSAGE----- fp: 8C4E8DDA04C18C6B503BD2DBB7E7CF1C634256FA - - created_at: "2021-11-15T13:42:00Z" + - created_at: "2022-04-20T10:23:34Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA01ZgQVEYlRdAQ/9Gqq6cf7nQQroIDidFU8G6uwb1BOsluqfpFiAfP3jWsb1 - mG1nl+FvzAJbxOqGfaYXjrUWAi6P42P8akNix4Nkq9HUtAzfewTXWVuUZrx2JNLi - D/AYmIUx2qREm7gPvH3pNtRLsIMJwOAX1ozDICfprnlKQohEp65UfvHGM+L52q9N - pf6asw2HmRkUaVWihQ13hUiVkODmaDwhNSpEIrik3W+xSAG+aV9/WR4H7zR0F1Gh - 2u2Zo5aMHJ3A1GXnreZauntoVoprsHVI8Za+OjWxUesXe07RR/q6RVYewgZ3Dlzh - p10rk/inTPr5aWOQaz8poVHONY4iQDXMH5RtWgbua+FlDBNAJeoV6WAJ+ivL4PT4 - 61D/HecYdn3RvEHAjXga41Ll+C2o1TVn/DIClahjOsdhHZC1nMOgV+9VEVM+4Ce3 - /a5PXBWBw/N5a9L9F7T8YguI5tN/a1kOPzYhZo/zsGLBHFeLzTiWUGRP59G1M8b+ - vSSsc1/6PvDR5k3YFHSdRicPhFiGXNu72Kc9zSWlEq4WHh9D/VR2ObiJgIF2wqTm - 23fIQd+BLM6bQHxCQTnI3EquexrqZZyMuLEcx99AUJ74Y/XtmSrJ5DdyJCUpHhz0 - HSI5IF9/SvhNshTwK+7GjcFjAupgcbjRrgey7hzpmVmeohovfx7uP6RF0F9UngnS - UAFCNlzRuLLOBme6UuH9t9+RSiTGO42Rt0LUZuT/vdHhxxBspFVA9rw+ut61Hm6i - JhAC4JEMU6BclnjhNEbQqvxbQ6VCfgN6d35V4BvuhAoX - =KhsP + hQIMA01ZgQVEYlRdARAAjSbZK3FRdaG7+KZj2P6eF696vhm8ng7vYOq6BPb1O2hr + 27Ph8OAM6/utbo5+45QSEyjBE2CD5Mu42u6YHVMFcmhXSFM/PxZ1R7uUKJO0DO5n + NAZw2NBdHgPGTYAydW9CDlM+h/Jl2etInnTg+biPiU+TyeIKZyizbHsFfD353w/P + hEvCJmoNna/Lw5wTw779DglqC6OgkTPZO3gMZhlSuHEzMYxcUv48ljWOb4eL39vV + Pyy5W7s2oEV54iHQxZhE9WCRXWdM1zGZC0nEzS4cHmVSh/gZ+vhBJiSF8d05PLez + O0Lel6MwCvWYGA3o8IWm+z9Qxm9S3Eeqfg6Omojgw0NxD0Hbo+c6nzE9T7daFfoV + tR/Zs8A4a731ezwlB/nmik8wtqU/cTLCHnzBQbu3lo4zUxMXghsRgyuSFU0GfWFS + z2LVhpw4abf+J2PXDE6TvtT+IhTW9OCLx9L2GopBRxRuaPGDKIB5bbt5OBvYR6kB + sjzEFPaq5whmRT8NiqmlZULdIuaKZzdRv5uKvfMPEqz+SIujvW2CWG35DEmJJIyS + EUe1tCN/5kzKFa+RZ5ck7V1s6dOjGCvNjR/tNQ8L38G7uBO59HkgCC/sS7SLPpco + F7DQdsL3lz9ryiGTanVInX4BgL4pnQqI4c7wTPbuywVqJKrI8qvgTgHPS5OYX1zS + WAGYR5lytllJOjt7Eob+O4HgJkKH+Uv7CTzy9TCloCYOJiy1WK3pswaSRjlYHYlq + piHKiY3fQF5/aptOTyC+bKM4sN/2PaqxgBkNRSpw5RZauNS0wLu9EsM= + =euOk -----END PGP MESSAGE----- fp: b14ab1e44008e7d4c39875324d5981054462545d - - created_at: "2021-11-15T13:42:00Z" + - created_at: "2022-04-20T10:23:34Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMAwMoaz6prFK7AQ/9G0JScY5tbxLvcvvMu8BiF+h7LpSf495bAQ2osQmwFH10 - pAOiv85xrbYRQ+/PgCJZSksFrQrbZpTp1q4HMuYJyE3kqFOGlttIr1RzQv2uLvIF - yLuyTPt6iXyHxJMhUnWA/RRN8exVSWy/Pqckbnwob+4LaHlsExoAWcHLsLBrG74L - mfH4Z0I01VD6OvEhbIZHydtbf3R4NT6cxk2MNS5zHGNzaaMZdhQFqdEwpGxiTeiH - EszThggv6EF8NpEHh4WVd3VRxajDun5KyCqiPtzvVc/jOu/UtE5rO2irOVEKu24w - rCobMWcld0dZRcP8N1Imaw9AJRuH1SInFlCfPR9JN7/90vU/osKs+52RU499zBqq - 9u6TVlLOwzkb2ReBNOgY6K4RQdplC2VXzI6ahbJQzXd0q0zk4PoDjcev/kxf/qvj - Rw/993/Zx/HiM2On3F/99ZyBORxAgeB5RTjJ00UJCmDT7uOCGOeatYnW7uZ63YCe - uI9mGoDOkFlf9IpgcnXPFO8aEJwUZVIZ2ArUOhq8lrTUKr5Ji7ataSdF7PTdnByX - R+mjf8hHA8BTJTWHrYQa3jD4n6niMAqs6ODRR9ctsKchi9e/a/xbUeVV9i/PhZtB - 7PqTIv5goDfneeqiN4ssVLqIJqtugnAYDgfbGfbs9uMAFFgpGQ6uJAHuTOmBCR7S - UAG452MRjkaf9BTQbhpl0/wXB4cmiEagUBkmJbw1MrJSr4zYvGiIuLEAv0CAHRGI - YIhpdyLVgefuL6+sfoIIEp1AmGYZ+BFB0pDCJ+/NEZH0 - =FMIl + hQIMAwMoaz6prFK7ARAAk1KV6wqR4KeahXugKJXydFmo6Pom0Qc1LzSDJLepLecB + CmpKS4scqwhtDmoxR9du1/6raUeB5MLDk9OR0bkqSyKlRJWsxf3TowIGuszP1ljk + mSNH3f6z6SJhdRiJjQ1+WM2iVA2BZP1AZ+7eXai4xSt3cTB2kq54RJdjvHU3Vmrn + 9FfDBL1Qqx8t8Ot4ygCCPxENKx18wrP+R4758D1pklmEbjStdkckgyzsdTzTEDPv + J77pWvqxY2zhHeEXIsI51eLKgu9UcinlVUiqMATCnF1yQSwH4xC/Vb8qb2159UCm + 1XVmIsNvTamag98qhPbt/KWIEwhvjEMM9TjO9wiXVWkiItQrhEzOp1WyqCGicbFq + vGG68H280267V7vCOz99iphxsEvqtJwlqvEM8Ockj1BXkLUJLQdEWq8yhJP2XMb8 + 8y1OsXvB5BX3pN0Te75zDLqBPOQmWmrdeuBHy6J9ii349rh4w2DaZtyj8FUrk8aj + XLu4S5FUqqTRb9+ZQWN5NMvazEB/1CykybzKNrUG6gEOVPYpDVvu97FSq4eIwE72 + Df9esIQqmpMFePrrP01eQx0wYGlknUos9lTEhpSn0uIaOeh0n8rCt3g0lVdTZEcv + jj6fHet/hB0iHAmM2O2HNWoj82FwOpMz8PMSkB+ICvBNsu3/zlinvzN6hgBmMLbS + WAGf1C5Up3VICCqgyH6Bh7HV15hjbFNhnu7qW4qeJ2EYT6ik46zRqwMeRE6L0CHg + 66N5JHUEYSnd6ONBaoA4K1BnMZNJNBLlMjJecOY58GXtCFiRnmG8Cr8= + =BTsC -----END PGP MESSAGE----- fp: 3f65577842cabda3955d1f5603286b3ea9ac52bb - - created_at: "2021-11-15T13:42:00Z" + - created_at: "2022-04-20T10:23:34Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA2mSi1kI4Qy/AQ//WWdg/orsJQvaESNRW+u26aMGEfz8FGNr/I9Ksba/gzkq - VdcE5fTfnGn0d0Os48JA/kUzw68WFfZS0TKJ2eaGJpYZlpT95SgKFBEIXiIEQtPz - V4FYy03p4jlu8vg0m5xIa7ZpU47zn7JjHUVTWjaMkZl2RyCitVUOAHRff/+O4GyL - VCfhmdvyRBZtN8Ccb9+qptOtoOxzjl4iSe3WELv5QjVfTmrW63fWiD0+tn8lmvSV - 7ZXRY4cXhg5hoCeozoGGXZuFnlH+gutKPvDzfJ87wsFpI3/sdWRfO1FzYVUUt2KM - JUVux2/wSJ6fVWdKRANwIHanw4lZdFqUytfYHZiZegUih3nyl4KxY33Yyhvau2CA - qLpUMEuYaryVPheUz/RtTlib34peHuEYbpXrv4M+F/qT7g5LrxxGvXBOeRzlAHvq - 1yJ4DfT+aK72ii0/x1LL/tKxpbpUdM8hpj+GLL02ts/JMe+qLh+BpgDoHfkQWPWm - oTsmuzn5zhPsbzbHyyQD5/3f7esPBy/+cgOgi7YFH4j5QFUWR2Ou3OlL99tES/qP - ui3Uq9ukflS8TjVxJkNwHwSI8z7eiFRJr9K2r/eHKWXDW1dQPRbnBPt+gNQd1IAU - VpXCqitJgD6hxaoasS0w20dM4Y2NkpBf2N8EjSRahassRTvqmfbgoQeblnrc123S - UAGm3ORsKJshhcSZencoCjgHbYblzJTB4Gnjkwey/t8q8Z1q6kUgpuTjgJBTD+7l - G2x2J3uvBHvWZBagl4agK7+ZtxrbQFa8v8QPkRFld851 - =45Aw + hQIMA2mSi1kI4Qy/AQ/8DZr1T7Q6iqCw3BFYElrHfJ+3uhMQ16IA3wqS/kpy/ZM2 + lJj3My1f7ePIChKzGwP3tE+UTH/8pMqbN1mkQ4lyT69KcPyMLxbz0NNpFhLqhteL + KsJt8iAq2VkDZuIVgdrEtvBypYSZ5lCSayyvGr+5yBuJGPbN4RElYUXGHjJPL1D0 + E/9/ho0Tod8MKmXZ0wD+p8duYu1FUyo1jXztuvtaawR76UjgRYzRWmpN+bYcDGIG + 3pvuOaBEk7eTeXP9EIV7aFIPdRSXiJFfO6IdMhTAU6NLMiGRzJmz4GlpWWCwxNGl + 9wn9gHAyjfAqAhbeODVM3cJgiHKjGKcob2zozP+jLgmsY1UBMZ9XUkZsCk3Ouc2S + 8f+zqr8Rm3VhlMd3wbpLQ61rmryRPul2mwV+ixb0g0z+GZMW9DxzthWkcAmtQObX + wSCNyG+YRk/rwdar+HQJ0TGLk2sicbIdCuCLMimTV4C7WHWbWQ/pjDDq4W3ToF9C + ZGNeDDq/Cbp+kkphqfI8VvS9B+GxAJBmJzo2VQzWwGDA2FTanH0RILbeGhSOA0ze + GxCb9pG44AZOsJs30mo1ikq0A6YnSIt6hEWTc2oa/n/HDCH9szKjtg8VMeGpVkoq + bngJrceRCBVKphHxPjcCdCer57tA9VNXyY8AFTLhzA3owEcbxqs4yFVpNtayP/PS + WAGYDli2j7l82jSVrnhsrt5Bry+7V87g0JnmecRfvhYhbkXdSZntxfk2YdG+fZIq + 2Dc5w1U5tLXB367uEwEZC3Djg/NDGUshJidwrGxhhGIaSCe81UmswDY= + =BmJ+ -----END PGP MESSAGE----- fp: 8b80ab02638ab9c34f6c21bd69928b5908e10cbf - - created_at: "2021-11-15T13:42:00Z" + - created_at: "2022-04-20T10:23:34Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMAzHwOG8g8+TsAQ//VDWojM3bb8ImIrILcNcxJ5gnVtufR77n+PlFNcRmQ3Wu - 6+rHKn9SMNhwKPeyjjNzLON+xxyFJLc8Q9IV4ATNZCHt0RKj9+6fiFw46Fw1MzKN - 3OcOOrQiCoW2XQtPj1J+vAqGYarXcMlAEaovuOACyWhOgkAlSaOBkps/zKQFpDbr - zKvWoEs2aMRzCs4vhoEDjHN4KCcA2jVnvJvdz1qsqAmG7jMB+HcgFjXmChpzJ976 - EBU1DXsi9qAa0dIulj+rJKg0GFX+uzfp4jDNjuPevIhuEoqkRTBtfy3+9lq7ZPPN - 9Igmn6oI1vxNK/qFE/8LHhTcQWL1aP93vNGgAxSgxiqUNjSNBUSg+lxEA+AbhCSA - qvCP8hmBatdZTTLI3SS5r6p8S7znw7daBZ+teBU6W1IOxYZzwCpgnFFWSqdUKlmL - OmyrUtWqzGmVnCBRfM17D2/diznSW8JNAn7Nw1QTTnuD0uKdPRDiogywJ0BjO2FW - l/QbCd4uSmJ57x3recb8JIr/S4rtbLHSv2U78O2Njp227o6DSXRD/IkVI82/hbu2 - FH94HAoOUDveraPjmPyzE+gzl4mD0fQXX4sFY1zFLtjB3txP7yab7rhxxmiiAMM8 - APgcQOXp3zYTXvH4TcENG6Nn71L9Cew5cOcmoWpAVxjtxI5EUBYm2MxhX8nRMWHS - UAFakSAP5qYpk7Ov+nPQCM8rL942Aus85D6NJVSfNl6D+pYt1ZgDLGZw9FBkVLnn - fYamc+bewl9WmsCI4BqMPCSVEHg/jUZN61mG+kNWtmUo - =e0r7 + hQIMAzHwOG8g8+TsAQ//QIUN2X/+Dqfcfcjn8cW/Ft/RXBdlzfk771JGLg1NJwSY + ZLfKh8Fyt8T/2uruQsyK4L4QgwTF4Z1j4xyc/2nqsOT3lR9sxhNIlufOmG0Rv+gl + 1tWerR45OWVQSvSLsurri9NI8b6OS1d+ldab0KIfLZlV6UPMxRgJQlbM2UTA4GME + n7YR4mnfheuE3qXgIXKDHBOQFjQN8yws1I+znoA+MvDQPBpsPmcdlV9gHv7lqM9i + MnQCIpqeCadrJjoCd9JGrYNeLa4XJKJqIC2tqQ37t0fnSDZij7hT4oiyyiZdRgTN + lLFKOroFVsqFy6Wb7ytTOLdrEWsralmRyy/Vw3Uf+PquYDSSwRxRXUiMzfW8lVXE + OOH0xjZ3u+nhCRKiNWcoXTa8Oh1ZwzIrJVRJosYCSPmXJzJrKJGsW+4lLdE4vUn5 + 7gApKl/5Qto0kwDdEers7gF41Mo+JpI0C+jhyPWipLlW4fgDTPf502i83GUVDEHc + N1rmexuH0Zibv9xfkM7inMOC1f/ZrdnDcherhu2jSZgQ1pU/galKxzUlCtJc998A + iUmARKTwwzl61WQ7ev7a2VeeXEXXVsRCplLmTS4hyViUYte1HM8iMvIwGONJDF0r + 6i/VwEngJfk6ZEnGKodSa9LpSPDNZOLh5vssW4IZvWyBi+jFV+E/D3hajkggWD3S + WAHhtTIF9MXF2b+xzsq4pJE79qq6YJaXUxI44VO42caxyNjj9i3S1EbSboufsxAp + MkaA+ne28hVX0W652L9y8DsenzXttFIV6hglGUbpRVIv9v3my8vOofo= + =ikmW -----END PGP MESSAGE----- fp: b8b02c0885a74753f8fb53f031f0386f20f3e4ec - - created_at: "2021-11-15T13:42:00Z" + - created_at: "2022-04-20T10:23:34Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA7e/7FWhF8G/AQ//e1diA1bktZ1sFFEAOtMN44F6o1zujmIdssY9tF9yIk9I - wE1bCvXFwsCuEDcmv7foqSkHKsV5hDHmpbTCNz6qcKp2xtOvzAQZLSFT/+c6nQJm - VSwi3kElcs6QElss0oYVKUGM6hvwRQGa1gT55HDcxDPU0uStwse7TO8hbSO+4GsY - Ip38bogSZLKkWUORPIOgdYgzeesI6ufb7dOSZEWLVl+YneQw6U2nAdSOfQ6gkwad - 55xOVkvftnKCTpOZ56uo+x2qJYzQsmnGg3ZvGPzVg/Unt7110P7cn1f76yhplV16 - F/80998LM/Ojvmo5mPPGjNY9kMNwYeForHB8SPrHw6FUDQ8mAEh9pTQSgDVmOVuM - +dDYfF7Fjw/FR8wYPDCUilsbZI4E2sP/cm8NOLIqpk2O0QuLmdqS5Uyj+TIVPOWR - gpZiwCUml9dSHQqIzMBSmDg17NxHAKNswOkyR0qJOrGRcZ6Qfc0lTJ/1e7l8uOHZ - 15vWeYNNIKAuYpv3diAFg+VGTmz1cIUDdrICnyxIboH/exDgyNmtgdbykaEAQVx8 - ZKrUDsQb4dIdzZOu1+wvvOm4gro74SRlGvM+YJM8AOphmS5QnfOWOrhLOEkbQmrH - C10OWfLNYSzZYSWgBHL9F+S35uYkZguRJxciD4+4t8XMZ8SdQABs2HJFnMs+p9XS - UAE9XRaaAC43si+f0ERPKCbxz93rh5Ln/5VfTyRYl8YR0P2e5smUIS5B0dJxuoYV - hGZLpkG4ulEpUMa/f10bVo5zQ0PHAnpEoQVp5asgViDx - =aVVh + hQIMA7e/7FWhF8G/AQ//aktv3/oFzeuFrsf08VaTxVFmiTmmphEqM63cdSj1swL4 + FdsyuYu+LQoQPfiBM6RhE4/3Qncwo+6bXyUQ7JoKkD0yHIVc59pnMGGPA1YGeCNt + vcmTu50n1yEy1tXTgyDnvZPLzFZ/xaPMnJ+FPF3rGmLuOmHbtPQdlg3uTiUUSz09 + fXBUyGuYuLLTxejgv8kZoq+U/LUMVC5mEV+Hg7MSKcCKSh1XEMIel2KRP0sAbpwB + 9fsMPNlv15cW94qIO0pw7NXP2tayMGqENurm3/sFlmVsRkYt20uVGKhLPYeQjrPS + oq/JceaWddi0GFVQPeluKd8kJZdFy/mf5Dd3g91SGr4vNgVWlss6kSeSTjUnPkql + wFaXaQih558mBaSe7lnZ6vt53F9jyRWQWvEGf9mEwcDhyyVyAsvEOlYPodwvQyCr + mOZJDS4aqZ15buH3AX60UMzMroElPgG6QTQ3Mze+H2m93JehpL8sZPOULnlcSS3Q + Ueg4m1G2Xr6KB/isnxAwqJtf+K9pWl8w2OUrMsUOzB7e6C1z0IFIugQr77/ZTWQk + v/OwANwLmKj48uUJfFA55y+N9AF6OL7LJapVj+H0vt3XLZJZreB5ZuueUGR5E6Im + jG7GXk/zwR2J50kMqTrV9GcmY8zG1ldM0fMhHT1t72aYmKuVVbghcP/P2acrk4nS + WAFBUv2jHLdqui0cyeewCLgQACu3WozHvRnkJgbSTEkUAzfqhGE/xiEOq783yolr + a4fgy6iemqDRS3Bje/7SPue2NXclWscGi+R2fuPA6q8Jj/NZikf+BNo= + =g/e7 -----END PGP MESSAGE----- fp: 5722867ac621fd15d2dfc7eab7bfec55a117c1bf - - created_at: "2021-11-15T13:42:00Z" + - created_at: "2022-04-20T10:23:34Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA08iR6pPqR4EAQ//QtQjSEUlK6Smv5FClkFdRzV4t5rVvKK0ucHTYGIqhJ+4 - 8wxVmRAlHqBwnn5IGFfDZbrcwm87KcckzpZ/NgKkKizg2cRMACr8hO8JR5koYVm8 - NODi2bLJIrL64rxjfzAQitrD/G7Ux1TFBUVEb528VJ7I3I3WhSSlzPRuLzKuQa2p - NUEETkP+lbTxqjSPenwG3nFIMAuXTqm7mtt7ZnmK/capKVgVEl9OiKhsNdPqEnm4 - i2x+iymzb4f2PSpHRjjTrzXjIW9PyYxpw3pIlXE5VM8syADZbFTmbEfWziWxM/R1 - NlTveC5PIrpfBooIvBtOQXs8yHm7x7Gv/dA+8P2qnMSYnZBiKWaK8aV6b9ukb/pf - Ones88pJT3/VpcefACdsli7LXkuSTV5M+1914O0vqFsHFaBL1Khg0X4NJSQibZtO - 5rKcwQNBL0FHpQgtZdaQYq0HzW6hcUu590lZNb1ZLbl+wo4PNWDGH1KiCXMTTOPh - LALajNi17S/vthtsDiagqSD81ccu9fYT26m8fEtxarNfzxzlck9F9Jp8NmXxKJQ2 - oEvswase4TbkDsiVSbHl9vCkgzoGUuzPOFDawkryjhIrHEET4kQ95GIN6p0K9tzm - QVbh2UBHZVRCAC7rHuC9j3ZhhVc7KZHDLJp7odWOSFLg+uK8zQS/mBH8rK0N85nS - UAGeMUpL8T028KN2n+DYKT+sO/FlgYRUXijRxArM49MIUWpcZH5X0CGA28fSDe+F - 0jYAHoy+bJ1KP91xjfLgOoicGZHDBQRd5oz8Haf+5ddA - =chQw + hQIMA2Wa+H/09asCAQ/+Pg/orl4p9q1dBy3SDBjG+5L7lKxpPLZlxCrflo+P1gvs + N1EF/J3jaB5G7TYElRWaI22zOLYrasDobl0k4ODuiYbBoU7xGejdVLn6T6nmZGTA + K7mN4mAC0QJ2BNmQ3ETOMNfYJlUvWSAP6aiFVyDZMWAXQSXLXmsr4KkiUsFLKqmr + BnXh38WO4OChjv5phdPG/5ExBLMBtSsm0kTPsMrAjdNxQFvwiWSL6nsarYldIEDL + dX1MH+6Z0Smk+Ys949eTPh0t6Gl1LqIlMUO5rWfobigZxAWgcqS61kXwqABkyspr + k4JUrry9cQqbKufgim/ZnjLHBgp1mAV29i3xMpuR9phKCdV/NPGCE/neRAsqZvxF + lWJ6sAcRq8ZNg5suN4cy5vNvUjLLXT/YSPHpMvVq/QmO7etofQqnq8JOrno4wHoD + i47/jO40rv88qch1xwRg9um6R74IeQhk//FDh6+/4PHU0Ss9KnMYgPiKBI7R8Bpx + GS8L8p46zyiSLUXXLNuH+6Z+UHLZwrwp/lMxDpoK/XxA1jqc5252Jy4xCf5zbtYt + ajVTgOtHXsg1aDMLJk+Fj5i8HVTM0j1VPqqCzb4xv7tfd9OgRKn4gKy1Hl1EKlYJ + fvmy7zt4PpzGchuavaWT2YWCqw1oXblnc8CID+M2yNDBSPhftP9PnhV9x3Z0oe3S + WAFQQf2/2Ia+uv0BWZWdhNhZuY7hjQpTSRUfDzZrpxicYMOp9x4U89ShRfjRxwMF + 5V+bW9jNPKh7jIV+Ox339YT7Jng6wSErIR5xDDfq0Ne0rHE0FnRZwCc= + =sQur + -----END PGP MESSAGE----- + fp: c7ebcb8e935bda9466e98b1a659af87ff4f5ab02 + - created_at: "2022-04-20T10:23:34Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA08iR6pPqR4EAQ//foJ0/yDUKjt6IeuQaEUtuOOMt2Gu+pZffbIcvFhBYGXs + vDkJHN4KyW1l8LMIfoKyjuDVkTUwCXGYuEMjYMag9vVAssTO7x9NUyb0aVPe/x3U + UJCY6zieNnflH67rGQcKtjs59QF/nrQkozU8ksjODxTxUlVgVE63NcZXwXx8Jk6A + LIZ/Yo6EW1Hws6UPJVdSsC6nryxtZfHLNi1LCMtwwQJRAg3PEuV+pQzAUvr+tent + t5CAQyZ5r+fg+zDVloPH4CgLaeWe37W9JkPa19H8Izeqv0nuOfdIdadFnEcWKM5Y + V1m3TA5GtQQRJfnjtaqh8u+L6cSMB9ZMMNZ6O5R8j6wfrIfyG0k5yNkU6MVlueib + kHwK/W2gbWKl4IGDsnrZnAhjnYMM9k2lwv2wU4H7ISkLHU3GJ56TcV7iZo7KSibF + G0+gHghDiZ8O2L3Y9FrXc2dRvks74UpNuuiRBeSumw2J3PArnTCkEXA7u2yHgVHc + h4L11MvXJy9wr6mFT03FgsVZ3P/22/mU9bJPfhXljWg4IEVvq551/AfI5OXC11VG + /EeRVIJO4sdgfmzFn2lNHTIIaHd5mdhypQrO614j27I0L3w62cjhzNzVEcqFFXui + V6Jg0MPdLvyYeJy/KJ22Pt6qLlqi869MlCjT3wuiLaNEitfvdN94a4o+Kh444JXS + WAH0ojlMifpiqmMvnIktvfabzTjX3nBjiBhyex5ggJwa/qhFRYGQed1JwZ58eAxx + uHvB02HwbZngtrisBbDKrvv2pyMu0BYkMxjMlQxh0Z5L5OudIr8dzHI= + =B/H0 -----END PGP MESSAGE----- fp: 298092af3b4de6f5a6cb51a14f2247aa4fa91e04 - - created_at: "2021-11-15T13:42:00Z" + - created_at: "2022-04-20T10:23:34Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMAwsjrCcjwd5TARAAhwTe2eo6BoMUa89bUUREwtyH01X2wS283Tq079G2xZkG - UBAIXTdZk2nE/M5TNF5b8NBoar+FRRdGMePgSd+HWqrVTb1WtL3Xh9bhS4/PdUjL - BeSGPz2YVfNo47+vEN4ta41Asdkt2+ZrrqIcnAxYQI4A6/YbCvXK5BDuc7Rs4rVc - T2d3WXngrJE7pgjukPq7CHN7MpHiPNSvQzLLnY5TpjOBV8yEzjTPhhMRdIqLY7FT - KXP5OEdyh96xpndGT8KSrWPrVlhpYZ6P2M/WK+RBQ5E+N81ruJLkKGCMuwntCf+M - 3RuyF+yP5v4uUpOLoDI/4NeCxT1AL5jJzU6J0zECT8gliE40I04bXgYrhaQ+TODU - EoNWDIf2LsBPOodK9iFUfEvu5RkMv/T7vZ38tPp9+ecBaKg6guZiflblbqlFcsJx - 1NP9pz6bPUgZXhkAagr7QOW8sE0Drau/ojyHpzg+tavnl5Pn/ICz6jSerunIy2I9 - PyIRK1LGLFcvdrn1LJQRVnicGESu4YNxcdUEXHygwKsHSePjXUG7vc/8LQl7m413 - M5o8wuf5pCnvNRhX191X2zRTqNMpulF/QBXYEIbUua/fiC/9wyY/Z+L7ihjnlJu+ - ltBQ5/q5vnnsqMA7dDq+Hax4qMAwLpeiRXb8TkxwFs4H0dr3PFikPeAXGbtBoB7S - UAGRSMG/8ZRH2K96q2w5rrdUIHIzaz2Vq/oAzx0pHmbJn2Z5+YJBkDMgmhqok6/R - M6mLqqdZ426g8kOyB+JPMZ4QPUYBEPgWXrW/6GPQdJxr - =TfvC + hQIMAwsjrCcjwd5TAQ//cBdMIwyAJIl8/NIuJOvIJO8oQ4188ZpkKLdEHNcXvnpb + Vh5mFUi1Mc2yKcUc8zlEsE/CXhXhSPTvYMVgmZp47QCdh9U123f/MWoz/fQWdf3e + Nyen93cqaezyK0sTpCwAeQ1Gy2/F+Cw0aEyOWEfgCpC+f30AyIGxhkErkzXiffIi + PljvP6Wo9PpzQzWK7JESUAgAMwtUJuk6hd12Kd1Ajg4SlqZbSAyqTim3K53qJVhz + ZktnB1pLpYzF+zxnHGP57ZyxTVK+LlAJzqOtSiDa1axNTHw4FbCbxLv1KAMdNHJf + xcKdEDm+2DS/F6pX+Tl/5A2YwpQaeR/oRBMV9e4DgCX7mVKsEs0a0GXA5zvBkayF + Z8VEDUgVHENd2e1idwoSo+XaiToYxCgSw6FcrsIWbVegMeIAHSRv6d/+oe/scdUv + Viqs2IWOQVV+EiE/bttIHFLDtifDye3th0bC7n9uq99brt3PKD/jK9lA/XGk0I7b + gX22guZrKeHWJPWfREyoAIK+04rfhhwFIwNO/qe5wjfTEait2IgSSDtUNwqZdNOD + cmvBr6jUy788hCJpaXDttVcmYy/qY6ssaPfiNkVYub0p7dIas66lz8e+Hb+1eJTu + ac7DUytVU5SnOf2I0BI6W2Tez2GYyMG6lJm4eq/xqsDp9csGZ7xr6Ed1H8dtkXTS + WAE9jjItHGKSSHPLLJqBIJzU36xMlVW52KAslDlqJrQm/UZ2uAK/52zxwiow0kyB + EiZcKKIzDtSj82G1mvfoFJ7Z24BhP8F47giLklxfTlvZHVFwRm8YWQw= + =6GPc -----END PGP MESSAGE----- fp: 0ebe388f6827fe2eace1055d0b23ac2723c1de53 - - created_at: "2021-11-15T13:42:00Z" + - created_at: "2022-04-20T10:23:34Z" enc: | -----BEGIN PGP MESSAGE----- - hQIMA1Mb+sNWuPcSARAAscdaM+mK6Zf0GCXqJBewD3I9HPbiMKlF4wpqIXjw0YRM - TAQxSRGGknDJnNcLReaFnBwC4++e+RyfsPJ4c6YGab39v8JtnglC2hMMxQWpVtcN - bZRKWpSgJwL9QE3bzGHgDNPL2ey5jWfNyg09X0HO3ibCIBwSfMG+BA0EpszXOA5w - 3ZuiSq+WtpczAAnO2qVcxWoM+rw4TSzjE9Hciund2IRvAAXen3R7jR0i2G9K4sDE - 961VqJEfXXcGUaIEsJtAWVvv13DmWwfX0lDB98YwH+lH7WGQsYwIJVjiArx2rulT - +NnrM9/hLJnRcBWFiZ4XFgVSwpUgzA6OgwQKX/DGJEa3iEGl+P3hSaqbeJnV3/aK - 3sjlYaJXCrqwsaTLLXVyr4W7RhNISrN7rFIv1TB213mO/VJeoFka/tRvqIPv6pbV - nKx7wPShZKVjJO8+pPaz06hAg1EbsPN8NkZQAaYbzcBtqHhulxhHYhS8GvwA96cM - ttvqHgPfh0xxIXkXFFW0W4lQ2XOggJDZIqwnOLk/m1hskpkGEy9Oo6b8SMdi9hSd - hH2rYjWSMbZMBC1Ahy8M5X+fPeC2Bq9EGMz5jBlEIT4I7SyiYSdLzE2azXMEB4/+ - VdIPJm+CeMWQBSJMku1Qy5HTxtbeV2acR97h6MuhEiatoPdOSTja7FWeXvvvfX3S - UAFpUBeTAV/6WMoKZyBxtuiEXSEfXBUloWvvPqXT1BF+9SkpJ3y4Xk6KHZOX2F72 - ms+FNB39Z/wydgSJd161gYYzh8QK2UGaRb0/FvkGlJSs - =mtXD + hQIMA1Mb+sNWuPcSAQ//S9UzurAcbVWzqQs0Ensak7e4N70rTjBN8Ia7r7yZAvIz + FKRquwGd+Kzsr8LECiP8p1z8pkSyc+i+EPe6U9UgQNdXCACI6hBQG+Y+blbGwxye + ypc8HMcB/bf/s36UvNoMdq6FtyGEuYvQau7+vTn1F8felmR/RKDUGMgor5bH951t + jmri168mJP13N1faL9K90wavS6IFSpgKCpd0osVH2Bmp5hWIhg+Tq1BPsfYm0ElI + zgUks+/n0tu1m61wUGbs+aynLe0jPiQ/Zuu/T9c2OmGL7cLqwL11VqtxdTyOAWxJ + Ain0J1n4zGorSLB5PY5Kb9Jhh39MHHFCMQ3vzGcmT/s5ywjGV5LaUZrLa5CC5R2l + E9yafG7OPxgJt8XODclEKoxSHVzPStbFIJgQaHgXS6Fc8tGTRvb4rwdGidqoBAzv + 03bsJf4VPqEKHDVkdkCL0KKovpdWKtaZk8epsr7HpFDudHZ6zmbOq+FRuOMd9JOB + 9+uGE8OtKjYSb7wFat6QU8R9F3ngPtGjbKTfnp5nDBf6I5uP8FiK7QjZFwIRASLX + kBu+n+PZugdEy5RQg9wrU3E1kElXbQKybNIqndq28HhZ25sZeckKNTecPRzBpdLL + ffUHtcWs3wfRfz+BgiuSjydRF+2mf4gdmle5sjgyH0ecZHgrCffinb3E2eDnRubS + WAFPL3cjt4RqXG1HMYlKpC4GjiG4xl53NYo2jYlzJ0CyjTQMg1VZUHvEQX5Mu50e + Z3cj9FbLeY1e+QQtKxGAmy+gPILHIAUu1v8rykhk3vhz5dgzZ1mvmps= + =tUZn -----END PGP MESSAGE----- fp: 95233a9c933a7ff9d7a6ca9a531bfac356b8f712 unencrypted_suffix: _unencrypted - version: 3.7.1 + version: 3.7.2 diff --git a/systems/hardware/lenovo-p1.nix b/systems/hardware/lenovo-p1.nix @@ -1,11 +1,11 @@ { config, pkgs, lib, ... }: -let - sources = import ../../nix/sources.nix; -in +#let +# sources = import ../../nix/sources.nix; +#in { imports = [ - (sources.nixos-hardware + "/common/pc/ssd") - (sources.nixos-hardware + "/lenovo/thinkpad/p1/3th-gen") + # (sources.nixos-hardware + "/common/pc/ssd") + # (sources.nixos-hardware + "/lenovo/thinkpad/p1/3th-gen") ./thinkpad.nix ]; boot = { diff --git a/systems/hardware/lenovo-p50.nix b/systems/hardware/lenovo-p50.nix @@ -1,10 +1,10 @@ { config, pkgs, lib, ... }: -let - sources = import ../../nix/sources.nix; -in +#let +# sources = import ../../nix/sources.nix; +#in { imports = [ - (sources.nixos-hardware + "/common/pc/ssd") + # (sources.nixos-hardware + "/common/pc/ssd") ./thinkpad.nix ]; boot = { diff --git a/systems/hardware/thinkpad-t460s.nix b/systems/hardware/thinkpad-t460s.nix @@ -1,11 +1,11 @@ { config, pkgs, ... }: -let - sources = import ../../nix/sources.nix; -in +#let +# sources = import ../../nix/sources.nix; +#in { imports = [ - (sources.nixos-hardware + "/lenovo/thinkpad/t460s") - (sources.nixos-hardware + "/common/pc/ssd") + # (sources.nixos-hardware + "/lenovo/thinkpad/t460s") + # (sources.nixos-hardware + "/common/pc/ssd") ./thinkpad.nix ]; nix.maxJobs = 12; diff --git a/systems/hardware/thinkpad-t480s.nix b/systems/hardware/thinkpad-t480s.nix @@ -1,11 +1,11 @@ { config, pkgs, ... }: -let - sources = import ../../nix/sources.nix; -in +#let +# sources = import ../../nix/sources.nix; +#in { imports = [ - (sources.nixos-hardware + "/lenovo/thinkpad/t480s") - (sources.nixos-hardware + "/common/pc/ssd") + #(sources.nixos-hardware + "/lenovo/thinkpad/t480s") + #(sources.nixos-hardware + "/common/pc/ssd") ./thinkpad.nix ]; boot = { diff --git a/systems/hardware/thinkpad-x220.nix b/systems/hardware/thinkpad-x220.nix @@ -1,13 +1,13 @@ { config, pkgs, ... }: -let - sources = import ../../nix/sources.nix; -in +#let +# sources = import ../../nix/sources.nix; +#in { imports = [ ./thinkpad.nix - (sources.nixos-hardware + "/lenovo/thinkpad/tp-smapi.nix") - (sources.nixos-hardware + "/common/cpu/intel") - (sources.nixos-hardware + "/common/pc/ssd") + #(sources.nixos-hardware + "/lenovo/thinkpad/tp-smapi.nix") + #(sources.nixos-hardware + "/common/cpu/intel") + #(sources.nixos-hardware + "/common/pc/ssd") ]; boot = { kernelParams = [ "i915.enable_psr=1" ]; diff --git a/systems/hardware/thinkpad.nix b/systems/hardware/thinkpad.nix @@ -1,9 +1,9 @@ { config, pkgs, ... }: -let - sources = import ../../nix/sources.nix; -in +#let +# sources = import ../../nix/sources.nix; +#in { - imports = [ (sources.nixos-hardware + "/lenovo/thinkpad") ]; + #imports = [ (sources.nixos-hardware + "/lenovo/thinkpad") ]; boot = { blacklistedKernelModules = [ # Kernel GPU Savings Options (NOTE i915 chipset only) diff --git a/systems/hosts/default.nix b/systems/hosts/default.nix @@ -0,0 +1,34 @@ +inputs: + +let + inherit (inputs) self; + + sharedModules = [ + { _module.args = { inherit inputs; }; } + #../modules/minimal.nix + #../modules/security.nix + inputs.home-manager.nixosModule + { + home-manager = { + inherit (inputs.self.lib) extraSpecialArgs; + useGlobalPkgs = true; + }; + } + ]; + + inherit (self.lib) nixosSystem makeOverridable; + # inherit (import "${self}/home/profiles" inputs) homeImports; +in +{ + # naruhodo + naruhodo = nixosSystem { + modules = [ + ./naruhodo.nix + ] ++ sharedModules; + system = "x86_64-linux"; + }; + # shikoku + # aomi + # wakasu + # sakhalin +} diff --git a/systems/hosts/deploy.nix b/systems/hosts/deploy.nix @@ -0,0 +1,16 @@ +inputs: + +{ + nodes = with inputs.deploy-rs-lib.x86_64-linux; { + aomi = { }; + sakhalin = { }; + shikoku = { + hostname = "shikoku.home"; + profiles.system = { + user = "root"; + path = activate.nixos inputs.self.nixosConfigurations.shikoku; + }; + }; + wakasu = { }; + }; +} diff --git a/systems/hosts/kerkouane.nix b/systems/hosts/kerkouane.nix @@ -64,15 +64,27 @@ let in { imports = [ - (sources.nixos + "/nixos/modules/profiles/qemu-guest.nix") - (import ../../nix).home-manager-stable - ../modules/default.stable.nix + # (sources.nixos + "/nixos/modules/profiles/qemu-guest.nix") + # (import ../../nix).home-manager-stable + # ../modules/default.stable.nix (import ../../users).vincent (import ../../users).root ]; networking.hostName = hostname; + ## From qemu-quest.nix + boot.initrd.availableKernelModules = [ "virtio_net" "virtio_pci" "virtio_mmio" "virtio_blk" "virtio_scsi" "9p" "9pnet_virtio" ]; + boot.initrd.kernelModules = [ "virtio_balloon" "virtio_console" "virtio_rng" ]; + + boot.initrd.postDeviceCommands = + '' + # Set the system time from the hardware clock to work around a + # bug in qemu-kvm > 1.5.2 (where the VM clock is initialised + # to the *boot time* of the host). + hwclock -s + ''; + # START OF DigitalOcean specifics # FIXME: move this into a secret ? # This file was populated at runtime with the networking diff --git a/systems/hosts/naruhodo.nix b/systems/hosts/naruhodo.nix @@ -1,8 +1,9 @@ -{ sources ? import ../../nix -, lib ? sources.lib -, pkgs ? sources.pkgs { } -, ... -}: +# { sources ? import ../../nix +# , lib ? sources.lib +# , pkgs ? sources.pkgs { } +# , ... +# }: +{ config, lib, pkgs, ... }: with lib; let @@ -20,8 +21,8 @@ in { imports = [ ../hardware/thinkpad-t480s.nix - (import ../../nix).home-manager - ../modules + # (import ../../nix).home-manager + # ../modules (import ../../users).vincent (import ../../users).root ]; @@ -41,11 +42,11 @@ in }; fileSystems."/boot" = { - device = "/dev/disk/by-uuid/0101-68DE"; + device = "/dev/disk/by-uuid/2294-77F4"; fsType = "vfat"; }; - swapDevices = [{ device = "/dev/disk/by-uuid/aff86817-55ae-47ed-876a-e5a027b560ba"; }]; + swapDevices = [{ device = "/dev/disk/by-uuid/c00da13a-39ee-4640-9783-baf0a3d13e73"; }]; networking = { hostName = hostname; @@ -105,7 +106,7 @@ in ''; services.hardware.bolt.enable = true; core.nix = { - # temporary + # temporary or not localCaches = [ ]; }; diff --git a/systems/hosts/okinawa.nix b/systems/hosts/okinawa.nix @@ -0,0 +1,30 @@ +{ lib, pkgs, config, modulesPath, ... }: + +with lib; +{ + imports = [ + "${modulesPath}/profiles/minimal.nix" + ]; + + wsl = { + enable = true; + automountPath = "/mnt"; + defaultUser = "nixos"; + startMenuLaunchers = true; + + # Enable integration with Docker Desktop (needs to be installed) + # docker.enable = true; + }; + + environment.systemPackages = with pkgs; [ + docker-client + git + vim + ]; + + # Enable nix flakes + nix.package = pkgs.nixFlakes; + nix.extraOptions = '' + experimental-features = nix-command flakes + ''; +} diff --git a/systems/hosts/sakhalin.nix b/systems/hosts/sakhalin.nix @@ -15,8 +15,8 @@ in { imports = [ ../hardware/gigabyte-brix.nix - (import ../../nix).home-manager-stable - ../modules/default.stable.nix + # (import ../../nix).home-manager-stable + # ../modules/default.stable.nix (import ../../users).vincent (import ../../users).root ]; diff --git a/systems/hosts/shikoku.nix b/systems/hosts/shikoku.nix @@ -0,0 +1,137 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + hostname = "shikoku"; + secretPath = ../../secrets/machines.nix; + secretCondition = (builtins.pathExists secretPath); + + ip = strings.optionalString secretCondition (import secretPath).wireguard.ips."${hostname}"; + ips = lists.optionals secretCondition ([ "${ip}/24" ]); + endpointIP = strings.optionalString secretCondition (import secretPath).wg.endpointIP; + endpointPort = if secretCondition then (import secretPath).wg.listenPort else 0; + endpointPublicKey = strings.optionalString secretCondition (import secretPath).wireguard.kerkouane.publicKey; +in +{ + imports = [ + # (import ../../nix).home-manager-stable + #../modules/default.stable.nix + (import ../../users).vincent + (import ../../users).root + ]; + + boot.supportedFilesystems = [ "zfs" ]; + networking.hostId = builtins.substring 0 8 (builtins.hashString "md5" config.networking.hostName); + + networking = { + bridges.br1.interfaces = [ "enp0s31f6" ]; + firewall.enable = false; # we are in safe territory :D + useDHCP = false; + interfaces.br1 = { + useDHCP = true; + }; + }; + + boot.binfmt.registrations = { + s390x-linux = { + # interpreter = getEmulator "s390x-linux"; + interpreter = "${pkgs.qemu}/bin/qemu-s390x"; + magicOrExtension = ''\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16''; + mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff''; + }; + }; + boot.binfmt.emulatedSystems = [ + "armv6l-linux" + "armv7l-linux" + "aarch64-linux" + # "s390x-linux" + "powerpc64le-linux" + ]; + + # TODO: check if it's done elsewhere + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # TODO: check if it's done elsewhere + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/73fd8864-f6af-4fdd-b826-0dfdeacd3c19"; + fsType = "ext4"; + options = [ "noatime" "discard" ]; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/829D-BFD1"; + fsType = "vfat"; + }; + + # Extra data + # HDD: b58e59a4-92e7-4278-97ba-6fe361913f50 + fileSystems."/data" = { + device = "/dev/disk/by-uuid/b58e59a4-92e7-4278-97ba-6fe361913f50"; + fsType = "ext4"; + options = [ "noatime" ]; + }; + # ZFS Pool + # SSD1: 469077df-049f-4f5d-a34f-1f5449d782ec + # SSD2: e11a3b63-791c-418b-9f4b-5ae0199f1f97 + # NVME2: 3d2dff80-f2b1-4c48-8e76-12b01fdf4137 + fileSystems."/tank/data" = + { + device = "tank/data"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/tank/virt" = + { + device = "tank/virt"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + swapDevices = [{ + device = "/dev/disk/by-uuid/a9ec44e6-0c1d-4f60-9f5c-81a7eaa8e8fd"; + }]; + + programs.ssh.setXAuthLocation = true; + profiles = { + home = true; + dev.enable = lib.mkForce false; + desktop.enable = lib.mkForce false; + avahi.enable = true; + syncthing.enable = true; + ssh = { + enable = true; + forwardX11 = true; + }; + virtualization = { enable = true; nested = true; listenTCP = true; }; + }; + services = { + netdata.enable = true; + syncthing.guiAddress = "${ip}:8384"; + smartd = { + enable = true; + devices = [{ device = "/dev/nvme0n1"; }]; + }; + wireguard = { + enable = true; + ips = ips; + endpoint = endpointIP; + endpointPort = endpointPort; + endpointPublicKey = endpointPublicKey; + }; + }; + + # Move this to a "builder" role + users.extraUsers.builder = { + isNormalUser = true; + uid = 1018; + extraGroups = [ ]; + openssh.authorizedKeys.keys = [ (builtins.readFile ../../secrets/builder.pub) ]; + }; + nix.trustedUsers = [ "root" "vincent" "builder" ]; +} diff --git a/systems/hosts/wakasu.nix b/systems/hosts/wakasu.nix @@ -15,8 +15,8 @@ in { imports = [ ../hardware/lenovo-p50.nix - (import ../../nix).home-manager-stable - ../modules/default.stable.nix + #(import ../../nix).home-manager-stable + #../modules/default.stable.nix (import ../../users).vincent (import ../../users).root ]; diff --git a/systems/modules/core/nix.nix b/systems/modules/core/nix.nix @@ -95,10 +95,10 @@ in nixpkgs = { overlays = [ - (import ../../../nix/overlays/mkSecret.nix) - (import ../../../nix/overlays/sbr.nix) - (import ../../../nix/overlays/unstable.nix) - (import ../../../nix).emacs + # (import ../../../nix/overlays/mkSecret.nix) + # (import ../../../nix/overlays/sbr.nix) + # (import ../../../nix/overlays/unstable.nix) + # (import ../../../nix).emacs ]; config = { allowUnfree = true; diff --git a/users/modules/modules.nix b/users/modules/modules.nix @@ -0,0 +1,4 @@ +[ + ./services + ./profiles +] diff --git a/users/vincent/containers/kubernetes.nix b/users/vincent/containers/kubernetes.nix @@ -17,7 +17,7 @@ in minikube ko crane - my.krew + #my.krew my.kss # our own scripts knd diff --git a/users/vincent/core/git.nix b/users/vincent/core/git.nix @@ -33,7 +33,7 @@ in gitAndTools.git-appraise gitAndTools.grv mr - my.prm + #my.prm my.ape difftastic ]; diff --git a/users/vincent/desktop/default.nix b/users/vincent/desktop/default.nix @@ -17,6 +17,7 @@ aspell aspellDicts.en aspellDicts.fr + desktop-file-utils hunspell hunspellDicts.en_US-large hunspellDicts.en_GB-ize diff --git a/users/vincent/dev/emacs.nix b/users/vincent/dev/emacs.nix @@ -16,6 +16,11 @@ let emacsclient --create-frame $@ ''; myExtraPackages = epkgs: with epkgs; [ + # FIXME(vdemeester) once it is fixed, re-add + # pkgs.dired-plus + # org-transclusion + #python-mode + #whole-line-or-region ace-window aggressive-indent alert @@ -28,15 +33,16 @@ let color-identifiers-mode consult consult-dir + consult-lsp corfu dap-mode dash delight - diredfl dired-collapse dired-narrow dired-rsync dired-subtree + diredfl dockerfile-mode dumb-jump easy-kill @@ -54,10 +60,10 @@ let flymake-languagetool focus git-annex - git-modes git-commit git-gutter git-gutter-fringe + git-modes github-review go-mode gotest @@ -71,11 +77,10 @@ let ibuffer-vc icomplete-vertical json-mode + kind-icon + lsp-focus lsp-mode lsp-ui - lsp-focus - consult-lsp - kind-icon magit magit-annex magit-popup @@ -96,11 +101,10 @@ let org org-appear org-capture-pop-frame - org-journal org-contrib + org-journal org-ql org-super-agenda - # org-transclusion org-tree-slide org-web-tools orgit @@ -108,9 +112,6 @@ let pandoc-mode pdf-tools pkgs.bookmark-plus - pkgs.dired-plus - # FIXME(vdemeester) once it is fixed, re-add - #python-mode rainbow-delimiters rainbow-mode rg @@ -129,7 +130,6 @@ let vterm web-mode wgrep - #whole-line-or-region with-editor xterm-color yaml-mode @@ -153,7 +153,7 @@ in ]; programs.emacs = { enable = true; - package = (pkgs.emacsGcc.override { withGTK3 = true; withGTK2 = false; withX = true; withXwidgets = true; }); + package = (pkgs.emacsNativeComp.override { withGTK3 = true; withGTK2 = false; withX = true; withXwidgets = true; }); extraPackages = myExtraPackages; }; services.emacs = {