AtaraxiaDev/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: AtaraxiaDev:0d155fa5531f687cae0a9bdefe2a0757b9b8903b
Branches Tags
AtaraxiaDev:master
AtaraxiaDev:dev-v2
...
compare: AtaraxiaDev:130b1e9eb35dab486f9e501f76bd521b99dfa265
Branches Tags
AtaraxiaDev:master
AtaraxiaDev:dev-v2

7 Commits
0d155fa553 ... 130b1e9eb3

Author SHA1 Message Date
Dmitriy Kholkin
130b1e9eb3
fix: nixos-vm evaluation 2025-03-10 20:07:01 +03:00
Dmitriy Kholkin
d87b988a06
fix: disable cSpell for vscode 2025-03-10 20:05:31 +03:00
Dmitriy Kholkin
a066ff0960
feat: add remote hosts deploy with deploy-rs 2025-03-10 20:04:25 +03:00
Dmitriy Kholkin
f2de87fcea
fix: remove srvos from flake.lock 2025-03-10 20:02:46 +03:00
Dmitriy Kholkin
040502a480
feat: add backup with rustic for redshift 2025-03-10 20:02:17 +03:00
Dmitriy Kholkin
3f16fdab87
feat: add marzban, nginx, ocis with secrets for redshift 2025-03-10 20:01:44 +03:00
Dmitriy Kholkin
bf9584b0f1
fix: exclude secrets from yaml linting 2025-03-10 20:00:57 +03:00
10 changed files with 349 additions and 58 deletions
Show Stats Expand all files Collapse all files

3
.vscode/settings.json vendored
View File

@ -21,5 +21,6 @@
}, },
}, },
}, },
} },
"cSpell.enabled": false
} }

23
flake.lock generated
View File

@ -1280,8 +1280,7 @@
"nix2container": "nix2container", "nix2container": "nix2container",
"nixpkgs": "nixpkgs_8", "nixpkgs": "nixpkgs_8",
"nixpkgs-master": "nixpkgs-master", "nixpkgs-master": "nixpkgs-master",
"sops-nix": "sops-nix", "sops-nix": "sops-nix"
"srvos": "srvos"
} }
}, },
"sops-nix": { "sops-nix": {
@ -1304,26 +1303,6 @@
"type": "github" "type": "github"
} }
}, },
"srvos": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1741567682,
"narHash": "sha256-N2LArmDeNL06fLHvLmbNMG3L2fEi62+Ra4X1NkPKsKQ=",
"owner": "nix-community",
"repo": "srvos",
"rev": "4b726f14b80473a05302cdcd70d3043a183c5276",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "srvos",
"type": "github"
}
},
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,

117
flake.nix
View File

@ -55,7 +55,7 @@
outputs = outputs =
inputs: inputs:
inputs.flake-parts.lib.mkFlake { inherit inputs; } ( inputs.flake-parts.lib.mkFlake { inherit inputs; } (
{ self, ... }: { self, withSystem, ... }:
{ {
imports = [ imports = [
inputs.devenv.flakeModule inputs.devenv.flakeModule
@ -109,37 +109,104 @@
name = "nixos-config"; name = "nixos-config";
packages = builtins.attrValues { packages = builtins.attrValues {
inherit (pkgs) nixfmt-rfc-style sops; inherit (pkgs) deploy-rs nixfmt-rfc-style sops;
}; };
languages.nix = { languages.nix = {
enable = true; enable = true;
lsp.package = pkgs.nixd; lsp.package = pkgs.nixd;
}; };
pre-commit.hooks = { pre-commit.hooks =
actionlint.enable = true; let
deadnix.enable = true; default = {
flake-checker.enable = true; enable = true;
lychee.enable = true; excludes = [ "secrets/.*" ];
lychee.args = [ };
"--exclude" in
"^https://.+\\.backblazeb2\\.com" {
]; actionlint = default;
markdownlint.enable = true; deadnix = default;
nixfmt-rfc-style.enable = true; flake-checker = default;
ripsecrets.enable = true; lychee = default // {
# statix.enable = true; args = [
typos.enable = true; "--exclude-all-private"
yamlfmt.enable = true; "--exclude"
yamllint.enable = true; "^https://.*\\.backblazeb2\\.com"
yamllint.args = [ "--exclude"
"--config-file" "^https://.*\\.ataraxiadev\\.com"
".yamllint" ];
"--format" };
"parsable" markdownlint = default;
]; nixfmt-rfc-style = default;
}; ripsecrets = default;
typos = default;
yamlfmt = default;
yamllint = default // {
args = [
"--config-file"
".yamllint"
"--format"
"parsable"
];
};
};
}; };
}; };
flake = {
# deploy-rs nodes
deploy = {
# default settings for all deploys
fastConnection = true;
remoteBuild = false;
sshUser = "deploy";
sudo = "doas -u";
user = "root";
# nodes for each system
nodes = withSystem "x86_64-linux" (
{
liteConfigNixpkgs,
pkgs,
...
}:
let
# take advantage of the nixpkgs binary cache
deployPkgs = import liteConfigNixpkgs {
system = "x86_64-linux";
overlays = [
inputs.deploy-rs.overlay
(_final: prev: {
deploy-rs = {
inherit (pkgs) deploy-rs;
lib = prev.deploy-rs.lib;
};
})
];
};
mkDeploy =
name: conf:
pkgs.lib.recursiveUpdate {
profiles.system = {
path = deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.${name};
};
} conf;
in
builtins.mapAttrs mkDeploy {
redshift = {
hostname = "104.164.54.197";
fastConnection = false;
sshOpts = [
"-p"
"32323"
];
};
}
);
};
checks = builtins.mapAttrs (
_system: deployLib: deployLib.deployChecks self.deploy
) inputs.deploy-rs.lib;
};
} }
); );
} }

16
hosts/NixOS-VM/default.nix
View File

@ -5,12 +5,16 @@
}: }:
{ {
imports = [ imports = [
"${modulesPath}/profiles/qemu-guest.nix" (modulesPath + "/profiles/qemu-guest.nix")
"${modulesPath}/virtualisation/qemu-vm.nix" (modulesPath + "/virtualisation/qemu-vm.nix")
]; ];
ataraxia.defaults.role = "base"; ataraxia.defaults.role = "base";
boot.kernelParams = [
"systemd.setenv=SYSTEMD_SULOGIN_FORCE=1"
];
virtualisation.memorySize = 4096; virtualisation.memorySize = 4096;
virtualisation.cores = 4; virtualisation.cores = 4;
virtualisation.resolution.x = 1920; virtualisation.resolution.x = 1920;
@ -19,14 +23,6 @@
"-vga qxl" "-vga qxl"
"-display gtk" "-display gtk"
]; ];
users.mutableUsers = false;
users.users.ataraxia = {
isNormalUser = true;
extraGroups = [ "wheel" ];
hashedPassword = "$y$j9T$ZC44T3XYOPapB26cyPsA4.$8wlYEbwXFszC9nrg0vafqBZFLMPabXdhnzlT3DhUit6";
shell = pkgs.bash;
};
users.users.test = { users.users.test = {
isNormalUser = true; isNormalUser = true;
}; };

77
hosts/redshift/backups.nix Normal file
View File

@ -0,0 +1,77 @@
{
config,
inputs,
secretsDir,
...
}:
{
imports = [ inputs.ataraxiasjel-nur.nixosModules.rustic ];
sops.secrets.rustic-vps-pass.sopsFile = secretsDir + /rustic.yaml;
sops.secrets.rustic-backups-s3-env.sopsFile = secretsDir + /rustic.yaml;
services.rustic.backups = rec {
vps-backup = {
backup = true;
prune = false;
initialize = false;
pruneOpts = [ "--repack-cacheable-only=false" ];
environmentFile = config.sops.secrets.rustic-backups-s3-env.path;
timerConfig = {
OnCalendar = "01:00";
Persistent = true;
};
settings =
let
label = "vps-containers";
in
{
repository = {
repository = "opendal:s3";
password-file = config.sops.secrets.rustic-vps-pass.path;
options = {
root = label;
bucket = "ataraxia-rustic-backups";
region = "eu-central-003";
endpoint = "https://s3.eu-central-003.backblazeb2.com";
};
};
repository.options = {
timeout = "5min";
retry = "10";
};
backup = {
host = config.networking.hostName;
label = label;
ignore-devid = true;
group-by = "label";
skip-identical-parent = true;
snapshots = [
{
sources = [
"/var/lib/tailscale"
"/srv/marzban"
];
}
];
};
forget = {
filter-labels = [ label ];
group-by = "label";
prune = true;
keep-daily = 4;
keep-weekly = 2;
keep-monthly = 1;
};
};
};
vps-prune = vps-backup // {
backup = false;
prune = true;
createWrapper = false;
timerConfig = {
OnCalendar = "Mon, 02:00";
Persistent = true;
};
};
};
}

2
hosts/redshift/default.nix
View File

@ -8,7 +8,9 @@
imports = [ imports = [
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
./backups.nix
./disk-config.nix ./disk-config.nix
./services.nix
]; ];
ataraxia.defaults.role = "server"; ataraxia.defaults.role = "server";

83
hosts/redshift/services.nix Normal file
View File

@ -0,0 +1,83 @@
{
config,
lib,
pkgs,
secretsDir,
...
}:
let
cert-key = config.sops.secrets."cert.key".path;
cert-pem = config.sops.secrets."cert.pem".path;
nginx-conf = config.sops.secrets."nginx.conf".path;
marzban-env = config.sops.secrets.marzban.path;
cfgOcis = config.services.ocis;
in
{
# Tailscale exit-node
services.tailscale = {
enable = true;
useRoutingFeatures = "both";
};
# Empty ocis in front
networking.firewall.allowedTCPPorts = [
80
443
];
services.ocis.enable = true;
services.ocis.url = "https://cloud.ataraxiadev.com";
services.ocis.configDir = "/var/lib/ocis/config";
systemd.services.ocis.serviceConfig.ReadOnlyPaths = lib.mkForce [ ];
systemd.services.ocis.serviceConfig.ExecStartPre = pkgs.writeShellScript "ocis-init" ''
${lib.getExe cfgOcis.package} init --force-overwrite --insecure true --config-path ${config.services.ocis.configDir}
'';
# Marzban
sops.secrets =
let
nginx = {
sopsFile = secretsDir + /redshift/nginx.yaml;
restartUnits = [ "podman-nginx.service" ];
};
marzban = {
format = "dotenv";
sopsFile = secretsDir + /redshift/marzban.env;
restartUnits = [ "podman-marzban.service" ];
};
in
{
"cert.key" = nginx;
"cert.pem" = nginx;
"nginx.conf" = nginx;
inherit marzban;
};
virtualisation.oci-containers.containers = {
marzban = {
autoStart = true;
# Tags: v0.8.4
image = "ghcr.io/gozargah/marzban@sha256:8e422c21997e5d2e3fa231eeff73c0a19193c20fc02fa4958e9368abb9623b8d";
environmentFiles = [ marzban-env ];
extraOptions = [ "--network=host" ];
volumes = [
"/srv/marzban:/var/lib/marzban"
];
};
nginx = {
autoStart = true;
# Tags: mainline-alpine3.21, mainline-alpine, alpine3.21
image = "docker.io/nginx@sha256:e4efffc3236305ae53fb54e5cd76c9ccac0cebf7a23d436a8f91bce6402c2665";
extraOptions = [ "--network=host" ];
volumes = [
"${cert-key}:/etc/ssl/certs/cf-cert.key:ro"
"${cert-pem}:/etc/ssl/certs/cf-cert.pem:ro"
"${nginx-conf}:/etc/nginx/nginx.conf:ro"
];
};
};
systemd.tmpfiles.rules = [
"d ${cfgOcis.configDir} 0700 ${cfgOcis.user} ${cfgOcis.group} -"
"d /srv/marzban 0755 root root -"
];
}

14
secrets/redshift/marzban.env Normal file
View File

@ -0,0 +1,14 @@
SUDO_USERNAME=ENC[AES256_GCM,data:4QMSmmaPB10=,iv:KveMQ+EdfltGzQRRA+cm1MaRlsLypOhlWHdCumHLQS4=,tag:v30WjSutCxO9LDv3wFZHMA==,type:str]
SUDO_PASSWORD=ENC[AES256_GCM,data:IPJGUQiB6jMObUsUdw==,iv:N9cw9aGkmgIYmmrNkQYQ5PFdrmYKC8Tdgr4yb/96U5A=,tag:/yYIC/rKCttSgBBGvjCe2A==,type:str]
#ENC[AES256_GCM,data:P0rsl7K5MZceskgE/JrUlB7vTlKh0kP5Al1lH1CBUZKeVVGdbfW/VOy6CkNo8QuOUQqkzWocH0TNKzSEBw8et6s=,iv:uxHc50I95zeI/jkC60HOfzgftDBxdQM1/wqb8emrTSc=,tag:JaeHm9KAbh/KS+TIRrfWlw==,type:comment]
#ENC[AES256_GCM,data:u8NnWvULwXIg0mqTlPoOlpBgWn6LU+zsrd4P,iv:MxUYe7rI7u98wnKD1ichiYeTw/o5+E2c+22qTXRZTSI=,tag:DgkxQNi6EItuRl+av6rH3Q==,type:comment]
SQLALCHEMY_DATABASE_URL=ENC[AES256_GCM,data:bQJGB/c/pTuAPev2zxcLu1cNg2TmlHH9iY2kQH4qfqRwh/Fcjg==,iv:CeQZ8qcNLiVgtGI/4Egod6VaXamCfAKHi4jrgzXKl9Q=,tag:VX0J3r6RjnS5utJ/UDK1hQ==,type:str]
XRAY_JSON=ENC[AES256_GCM,data:28Wkv4CG4hpG9h51d2ge3AUO2MdVuRBjPuw1bxFwYqhT,iv:MooWqI5QCmk0JXWdKxA40UIFaaIxG3EakMQ1jBH8TVI=,tag:Fmnqdg9mvRVvm/0O7VNFGw==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxV1VPQ2V5WjltK0JDUXhU\nWENHRUxFS0M1RjJjekNYeHlSSlhmNmE4eEUwCnpMWStLd1B6Q29DWTJLbURGdTJk\ndHY0RHFRRmFEaFNpOUxROTVWK0V6UmsKLS0tIEI0blZ1SlhBV3lpdGlGTWtWd3F1\nK0hNQjFDMG1sTWJCNFp1OE1kdlpydHcKzjus65hl6IVKdgS18xY20dgG+Blm15NE\nwf31QfHahDdY4r8DviX2/algiELvbTWNBicDOjvoiyhItPRX+9nN3Q==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1n0prg9vynuwc56gn0xfe5qde8wqcd4uzg5ghhhetu2024ckvjyvqxf49el
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUbmlBd3FJcjMyVldhL3BG\nc2s3YnlCenRNdXJ2VVlnU0lTZUU3MUh1TVZFClArSlM5Ylhya2JHT3RQQkZFRXVH\nblgwR0dJdmdOTUxsZERBc3pYbld0NncKLS0tIGc3bTdxbGg5cGdYYThwMkR2RlRF\ndTlNWGhoeXBueVZtbjdYS2JCVVpwSmsKzujU4pXFhI3Sa4TSYZRgkMpOqdKN7+jT\nTi8zqO0oRQAMnIAq+AYiMDIgi/ngiAxo5HeTIM2wZ7oRX6XsPZKH/w==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1d4mqql020mpne9r3vtt4l9ywfzfq7zpa3mad33syxln2kldkjsxqgju90f
sops_lastmodified=2024-02-27T16:26:33Z
sops_mac=ENC[AES256_GCM,data:bWpVRMOaYvvOFMWksVXSPWmG5l/XDCSnnLovuf1cgn98yabzbYheBchhb3sgM3PWG2P/NwnxM3krVPdUMJ7vQVMp5uAph53rVRdmgUDXAEaRGkRzR4nAIi8eDKc1C/a+ifxNjsi2VOS0+rSdWOtUa1jdQx23tvACz1NXGw3G7SI=,iv:s6vfppM8PRA+ryzMvDSklH7HwgbDjCyK0/QHp+/2UNs=,tag:OwtdXGrP9XAREPbvbxqWUw==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.8.1

33
secrets/redshift/nginx.yaml Normal file
View File

File diff suppressed because one or more lines are too long

39
secrets/rustic.yaml Normal file
View File

@ -0,0 +1,39 @@
rustic-backups-s3-env: ENC[AES256_GCM,data:XTUTtAmjBiy5mdlwT53Z9IDycs0s069182Emd0M6TSpPScqce3kxoN+hH8vgaOLU0b1jF3d9pkO0PpwfnUr2IkMpTd7ZKHeqHbYzS4gpKFnkQMhDexHLFBrQIfBrTbCGzspl83q5ksU9ENuY+sdkKXBhn99ja2mAFdfOVyNRttVNwKuv5/e8Bh0ySyTkogOgLyttLWo+pqKuvBP96BvSLOiGqfYBMgZU6uncg4YbdmOWPnvnTRPWHwIAyyXOSv56Sw36XfBkCBhZk2fmDRVJyRkuFthkhb6b2LkxhWFofilJupGTaQUHuZ3Efq9+eS5n1zOnudL7Gp7MmaQ4Hz3tQnzML16pJW1UcyT11uvWl8Zz5h+VlwJAfM7VNVaOs2FjEEy5imcUWurhIgRcrKHYc3mKNk5XYuvCI93aX9/LKEyeGQ==,iv:sPwKIYu/RyZQHYmz7aSYFhmx2ZqlH+RHRbdkOHGCa1s=,tag:eD5vRFkwEw4i97UQyRk6Hw==,type:str]
rustic-postgresql-s3-env: ENC[AES256_GCM,data:m0G4G+i3fJo34rUGnQ0HOsA1GlOpLnJXDJltXFM5URUFaK1Jh5pGnOsYAiU2410enKafdf5eneW31j9r2GWmEFOoX89+yLmQxe22YnfLcFfaBdskVeaz/6HY2FK5euwdy70ZPNb05uYaS1QXPABJCS8p2APjx9bcz4MPSGgN6Ed/h7NdEU1FXgEfQZj9cysoVN9Qf3zYP4oqTBFVq11bV1yj0dsBMxHmY92aAdwUJWqjk4w2vi90zYxWNYk5PzNCh7qURtfmfNTHfEy55umbDayWjxZAsNgGOtxUsArUNSIU12GeBx7VCxepbNbDiej9fNnNqYvYnRspscag5w0oHSPa8a/qPY+R/imKqLU15xCG2EfnBm310zPyI9o/lgiU9Ua8z4cfuU5FcKr7ICIr5OdupiWy6aC1KYhkBZVViXEz3A==,iv:Hu9Bbynj5D9k2Rj0NWYZuuHQzcrauGyMmPex+T+VKIg=,tag:IAXAGK//SW890ZBKkUr8gw==,type:str]
rustic-minecraft-s3-env: ENC[AES256_GCM,data:04sIa/w5exYkgUrAiaBuPJ8JaP8pNmAgbbToO54v1jHPCBmcuSLw1ncUi/jqUtJBTvj+8WRYUxe0a0ssPid28N8229yv1IbhDxvoosJj43SEnmbRtgegHLnrtLdd1y6cL6tDj/e2qFgC1LQvnPmkKe9YThyGAc4=,iv:WE1XNQTZGKhw7yN4THL4/gA1CD9oSmJ0TtCtxOcOQbE=,tag:7rHN2i7GGawhHY9ZcjuqIg==,type:str]
rustic-nas-pass: ENC[AES256_GCM,data:uDiQQRxlpBfbwihXDR32aGjP41iZ,iv:qx6FJEllahkP9BPYFFfv9LHnnVTOl6B7Jv9OSfNkPok=,tag:MBUT77ccG/acr/U/X2zrCA==,type:str]
rustic-vps-pass: ENC[AES256_GCM,data:LMdVK6j/TV9JLAxwWUtIfF//nf6r,iv:PjOYcNeLjlRx6uoZo+jr0oA9N60NJNNPloc9fc44raw=,tag:AjOzsfVIhDCb5a5D3yIdUA==,type:str]
rustic-postgresql-pass: ENC[AES256_GCM,data:oUHakvIPSwkNy1lkQ4k14+CWIofO,iv:v3EFeZCkFyeY/ADK8vqYvAD0XDmnQFIq6XGd9B8jvXY=,tag:6+kGWMq+9iVLSf5p/TIp8g==,type:str]
rustic-workstation-pass: ENC[AES256_GCM,data:dVuq75mlHStFO+k97yV0kUUqFtjF,iv:p2ApGtzHO9XUQJnnSyIMs1Cr6ODIt6RnBf2SXNrRbTk=,tag:b8WRap8QUtQrsYXVYdeRUw==,type:str]
rustic-minio-secret-key: ENC[AES256_GCM,data:Jkn0mHcLFWS/euPCYtEF3hXN4Jx8PHZHA3RtZiMshuZdZTv0Y+tHteZB2i27Ka+u,iv:R2FEEhe+EoqFDQYbLJ3hrb+ENVvsP2c++WA0z3QQrxA=,tag:bifjyNyNouUhFGV6SpAg7Q==,type:str]
rclone-s3-sync: ENC[AES256_GCM,data:oBDntYhuThzmImRgpBSsgqDwXs4+wJxAOZKH3vlKfH+9CXYNI1ks92t8Ywr/wltikvXiVbKuztY7Iuqe4Mkl0K9onYYcmrMDqyuLXRV/WPXNaAwyOyFUS17dxcqoyG51T0zzb1l4LH+GTrLw7m7RD7y7XFU/uidAUuBnQHAQpu8xRI/5PLcSaae+KfmoJGpZBX4BawXMHzRKKo462Muw/1FbBQpC0ERvTd34oSke32+Ni3MNdg/nOVyczYIQ+TPNhtgiSNXFJFPaXWMrIh29jhyJv7M2k4nYzNzb3A2miGCxWRDNy7bxZTDeVLgJUZT3KJNyb8BGLhu2v54WSbm01I1pP+//xYSZI0JER4fCZpdGodr2TV6u7YOyVxa1pZ7C7O9T/dd2O9NbgQY1Azc9MhiIXZnT58j72SNvhDNtCloM50R0LYmagCj2alP3Z4W7L+BdtaU58hWFCM2P8EIYbPkz8wK4/i1XARvZU9i+cRWZCoKi+yi0cV2yKOYlFEW0RmO9G3rC6a31YITwfpHhQw9IFuZXwdwZdf4OIuw12BIXfeUQJWqIl4QRSnOSzCggSZngwhoq/r46Oh2Jn9xXuVO6Hlod8pGyxKovO9bGQl3ioIU/KAhKp88k/BDS7YM4HhAEPNjvsSZgRGf21G7Z4ypi6a2grMTGgIKbOA3KEe2CKrSEVq7JRF5m1uAPJ2zrgbBrSwI0qkhGfn+SERMVtyzkIvTQkEQJ/g==,iv:jWhHLIccl1Pgr55xEMd2ED8FS3pvRjnuugMJ0sHnuW4=,tag:upgyBz2AA2zhidFIkcVrpw==,type:str]
sops:
shamir_threshold: 1
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1n0prg9vynuwc56gn0xfe5qde8wqcd4uzg5ghhhetu2024ckvjyvqxf49el
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxeWJOVEFXTXJrcGYyWWlp
TkxrTmpNanR5QmVaYUlKV1JXYnh0L0ViRmdvCmtTR3hUUExkejBkcVNuYUpqRjdZ
dlQ4SkRyL2txM2FSK201SU9adUQ2NUEKLS0tIDN0eDRLZGZWMnFUQWFjZnpjWk9J
VjBGTVZpYm1kOWw0aGlNaURvb2Q0aVUKPZ2BkHEWV1qsOcEIvF6iiLV0ZSJ7kGT3
B7LZx44DUIFuwEXzmnzKf6BkdFNpCqSqWODxTYHm3UcHU2qshux+0g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1d4mqql020mpne9r3vtt4l9ywfzfq7zpa3mad33syxln2kldkjsxqgju90f
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMMzFGQ3pzbTNoR25pOTRx
QUk3TzgzeUhCNzg2ODg2SENZbkJpTDREK2dzCnZQdkxMQ1RhaFdCZDlZellYd25K
RTBCNDJWUFoyZTJ3dWtqYlJFSU5uc0UKLS0tIENKYmlKUjB2ZjFmZzZpQ3V4dDQ0
eklFdUdEOWlnWndpai94QnFUU1F3NmMKVOQtq31dODV1rK7hZMfw295OkQeXq81u
VBQVVcYaup6IynBuQYE9eNL5euMwsV/pCv9N+PC3J6WdhdK336ZCDQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-08T15:01:54Z"
mac: ENC[AES256_GCM,data:euc66CxC9LHiJYKiMaEWunIZCHd2ZGl1YcFIJWmv2/x1pMRSnQ85yCL5Fpu8crjaayDYGJJVmMBVeU8trmaoqzYE1pWtUSIQo2QligJ1k8T5erdakSwv6keHrxczS1gEkS1Ygl6xieZUY5mcwY1Wyz7ZMeAeiIpIaraSf8Uydu8=,iv:OMGVEmOHnJbFzVpfCtvt3jrw6vP5dCib/HfcKpbSZ7k=,tag:wTtzNCE6BB3S7x2wWNYq1A==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1