From 7d34b4d0da3a26457ae83a35a0792163fe6415ed Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 2 May 2024 13:21:16 +0200 Subject: [PATCH 1/8] keycloak: init --- modules/keycloak.nix | 27 +++++++++++++++++++++++++++ secrets/quitte.yaml | 6 ++++-- 2 files changed, 31 insertions(+), 2 deletions(-) create mode 100644 modules/keycloak.nix diff --git a/modules/keycloak.nix b/modules/keycloak.nix new file mode 100644 index 0000000..9073914 --- /dev/null +++ b/modules/keycloak.nix @@ -0,0 +1,27 @@ +{ config, ... }: +let + domain = "sso.${config.networking.domain}"; +in +{ + sops.secrets."keykloak/db" = { }; + services.keycloak = { + enable = true; + settings = { + http-port = 8086; + https-port = 19000; + hostname = domain; + proxy = "edge"; + }; + # The module requires a password for the DB and works best with its own DB config + # Does an automatic Postgresql configuration + database = { + passwordFile = config.sops.secrets."keycloak/db".path; + }; + initialAdminPassword = "plschangeme"; + }; + services.nginx.virtualHosts."${domain}" = { + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.services.keycloak.settings.http-port}"; + }; + }; +} diff --git a/secrets/quitte.yaml b/secrets/quitte.yaml index a8aa30d..5689f1c 100644 --- a/secrets/quitte.yaml +++ b/secrets/quitte.yaml @@ -2,6 +2,8 @@ nextcloud_adminpass: ENC[AES256_GCM,data:v6FYsO/RklPSz5uf6aYQDhdudHb0962I1WxJM3V hedgedoc_session_secret: ENC[AES256_GCM,data:WFbqr6VX12rpiPuIPlQnwOMdHM1B0yk2PYuuanbqREE=,iv:Iih4/GNs9qN+AM6fdaTJLmmPQIzxIwXHUZttP1Up6qs=,tag:IVZQId4yxbePVQqJB9+3iw==,type:str] nix-serve: key: ENC[AES256_GCM,data:GptsUgeXOOrwJctoMZ+mWXcw9DwJ0f0LOlLyMlH/877N4uA5/NtNKIaFHl3z2GWPRBnDLBzDEO1Q6EDuWbakr+Uq4zTJm2MOV6Qf4kM0BlNpXGIdjvh7tD2La7GV4ID+CT8U6p0E,iv:3A/Yy4PHsq9VdhW4SKIYdpd1enQ5cDiKLk5S9VrH0b4=,tag:WZzbct7LZmOhEvx9KVQ8WA==,type:str] +keycloak: + db: ENC[AES256_GCM,data:DVf/pVCHHUed2cQleECk0paBTZ/6Q3NE,iv:j3sWWNL0dqPJBLUx10+jJ7QvdAHvGM55KKDwG2aQEs0=,tag:6VTeE+Prsm+LPemzbEtVYg==,type:str] dex: environment: ENC[AES256_GCM,data:XpwG/q68wEis4lfrO9wKmKhXDAqzUaMSQHc0lA+Q5TDOzCdseQms9Y51qHD/IxVIcpx14W/hJxuD9jXas8/arD3ZUJ/sUYWDBqAVJGclMz9UjlmJip8Auoro4KIHjOfbO5asGJvStQZ2/pEwcjwwXOp27pMIIrJY6FiKy8ak+QWCLgRYYcosbohUOk9B15i0GvBUbeOX3SypHdNGg59yRnDBl5n9Jf4R0pugaL27zVCCTtFQIv2gQekkGOy62sx5DEocHM/IAHpD36/UerfIeAMZXYqFwIVWlcW4E7NsU/+QTFhtGrK3SdgBdZwFTxBDErh7PfzRS+eRB9eePO5G+Ow27PBOH/JLdy+N6zVB4tOjiNcBCIIzifpWozcxiHHqATUzN6cA85Pnb6icaAXA+pUk5Y7KTRvDqtZnRGraXkvfy+3fNgWFsErphLNIrHrVfOKxZHnF1myDltlre6BPoKoTH0T43CUriv8u7Z3sw/HziU991u72ZxqwBzWNEc6cYsSidKgVMWYcGyXX9zOl+nsRnIuEX5sZFB2z/VXqiuJoP8+agaUgKIU4eLtltOk=,iv:/it0Kg0+2BpdiJFI2GBiC2VJgeHC/GbjniDKVqL1xSo=,tag:Y06ICn5wHGV3jUZTRt1k4w==,type:str] portunus: @@ -48,8 +50,8 @@ sops: c2lzVGV6WnVQT1pOTTVwRUxlMWZobWsK0CrDl2ELoYOTrMt3uN3mgBSyaYqOQY4I vBK12PV9FR9GFpKN4kGB03PZ0gV0N1zlcCHpnPCUuHwbCvvF2+vCag== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-03-21T14:49:39Z" - mac: ENC[AES256_GCM,data:UOSGdgzqdp8G9e0SfzUxUDWPfv5a6YXhPy2//4njeFQwBmBFs/2d1jtn7CWr7y/1WcbuCjr03SudfO/yquNiELZqfIi41b0Qu6PplQE5khQR4RT7jpJ8b7HGmAnvAxhM5X835cXntU7FXna+1QWwzIKpPGVtKQ7m36CbgSgY2Gw=,iv:sRCLtoxeYaNS0Ga+ncUWxPh0MsqJUfHpamHQpGrm7lY=,tag:vLsJYdmKCNqOr5y5ZYVaDg==,type:str] + lastmodified: "2024-05-02T11:20:32Z" + mac: ENC[AES256_GCM,data:0GUoloHyDEnX/u7SWSSwT/WA0rOJIidtYMFmVkTO3xkWHZqwILDhvW93hGoxDqTQle/MIXcN20nD3530DfhODLOWEfOuiYEJstR9Zx3LIa9MdJgjFj777zEhqfQ10oQ6VbQEmYNBX+7GvXNMbwFYQMU9xTggF0DGTCr+KPjSJ44=,iv:DHdAZQYMGLOGBN5D6hd/WCvNzkS1x9eQMFCBNJZ05zo=,tag:vNQTRueukDtg9g/Vgp0huw==,type:str] pgp: - created_at: "2024-02-29T15:23:23Z" enc: |- From bdc6185fce20f73d9eb92ca5342d3e8feaa94504 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 2 May 2024 19:33:50 +0200 Subject: [PATCH 2/8] grafana: fix root_url --- modules/monitoring.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/monitoring.nix b/modules/monitoring.nix index 5aa664a..af28b88 100644 --- a/modules/monitoring.nix +++ b/modules/monitoring.nix @@ -11,6 +11,7 @@ in inherit domain; http_addr = "127.0.0.1"; http_port = 2342; + root_url = "https://monitoring.ifsr.de"; }; database = { type = "postgres"; From 993a5543963a5a465beb2247724ae41c7078c578 Mon Sep 17 00:00:00 2001 From: Jonas Gaffke Date: Sun, 5 May 2024 09:40:31 +0200 Subject: [PATCH 3/8] sops: decisions env --- secrets/quitte.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/secrets/quitte.yaml b/secrets/quitte.yaml index a8aa30d..f8b8d4d 100644 --- a/secrets/quitte.yaml +++ b/secrets/quitte.yaml @@ -19,7 +19,7 @@ postfix_ldap_aliases: ENC[AES256_GCM,data:beJTXpJYlAz4vyv2rAyuMtU2gkwf4JNnsFAG0o vaultwarden_env: ENC[AES256_GCM,data:JFySiTHahlUFsM+FcuSJPnGYMijphrnZpFFdoNe7DYxWjIgPRWdfH9WC/a5GsK2xCJXllXAASHNxgkYRrdPw2KaCiUR/QhAjtUmyv2NsIBcMYStafDUEK9emddR+ACedScsgS0FtP8f3cz1enTBi+DkYgL8lMAoCw5p8vMRyE9mVOLpTUDOO7T4=,iv:992REuXzHAxxhy2BbeCGNhTZkn8eSi8N2RyBXqqy7U0=,tag:iP5AFQqzoR66AkTGfYAUZg==,type:str] directus_env: ENC[AES256_GCM,data:TzZhYDS+ix2kY6gVZj98E2W7IbqWBpwUCz4n9UUyLI2jnySnjD+AJZ8WM/r6LEGFYAdBAsuynRqui2k5OuaZhDhjm9acaH7DdCiuslvL0V7vJS70GDjBFzAQglqM3w2uqsfqDSs89FpuuvkGRBLrLeXIg5wmkx21wQA=,iv:jcLNwjbgFbgAXBlnjoLV9EXFI+il/hRpd+Cc/D/wUMo=,tag:Vp5uEqnZC6L+CfNFbxNw/w==,type:str] strukturbot_env: ENC[AES256_GCM,data:klTFgdNvdMYA++GsmqEHdhklZ5JUreP2Lh+5E0mj5iH7F8Run6/gAdHBJpCWEe2Q3o6RdZduy+kCXzJWznkLbEASxgJNcAWdFq2CU4ov0Z6rGS6i/X376Yc6I7oYLfQSd58r8Q/rhFl2qXkCiSGJYNvo6vGh6+b/TdTABwAnvj/k81n2SsSpoMOu9/1Pyop7QNVMuAtXaE/sca1KPtU/Yg3DrKczxKzKppReafIs7ICI/760N/H0Wwh6rtw51mfQxxOW9UpPXmnEFI8b+07pVsgNoSbzPCMaAoxf6LFnTnqtFRNS0N7rX3DrP6GSv2A8Bwm5of0sLhIm3gAAQ2iXp2di+BOi7uRqFVtNZ18XGPil8FVEkeIFdmhjCJAOJRyuANl3JsaqRk4lT1qMglyjHtCodP5rvVe+pALzpihNPIQPy0Tes2GOM4Q6ww4UxZrgevNHz7CnEMSEPU8Hjb63UkZTZbj2HxF8,iv:a2NyivM34Z/V/ir+NzsXNm73sp6uASYDiqDOG2ix2JE=,tag:buP1Hcvt3dEW249BWNBKkw==,type:str] -decisions_env: ENC[AES256_GCM,data:yuxfgdEGYGAqrKqQ6TIKcRXMBluOKeCz8hMXeLxFRXKx1cKn11fGvS7LCtRoFTeHUvBjzb5VLdQkjb6OFYT35Ck7GKk5ZceN,iv:B7brAFVed1Ck5jCqp0VvnYHD/rtDbyYv9/gWx8Kwfpw=,tag:ki/dhuiK4QWxfRqOQR7Otw==,type:str] +decisions_env: ENC[AES256_GCM,data:JOi4V3TOH/qcDwcEeyrFrmfQlQpTOhX6syXOZv2K3Qo3poRLTLgNVEX0bWMIsSr5ACIvfoi8yMYOePJj2wOZoewqJw/Tr+4reGwHmMfgAxfZhD/ykFOBIGGdqEstAT335q8+T/xOkv7+9M8wWbmzFeQC7M9XdmoVBIVkTEuZb9OpCp91WEY8h1/2LTwf9+hGKNVZ4LkfbrLRed1RyWLjW0JD5kJebRJvSC5qnOhv4nz4iGAECl+1DokNWHrvFJGOm47f1uXtXoBXVnaXhhrkZ2j9r7nUpZpCITeJH5x8beJc7drmaoQs3PlLTcaKEeujNtwknYnBC4eUXx+78phYfA==,iv:pqIMRbNOIlK3ddUMpn8qDKz4tGFyAU6DyIzfuIkxSwc=,tag:ZterxIhIxeYLPiYsewVzBg==,type:str] course-management: secret-key: ENC[AES256_GCM,data:zMoIj8gjNmLdSbQmFo8n1pDIKaUUMzPfVoKkPlqNtm4=,iv:AM5wwvAFXKVss4N2/lK6bKYHV/4Bv5EOz2MVTxAPF1w=,tag:ARzQUVVjz+HhUT+JAISHkA==,type:str] adminpass: ENC[AES256_GCM,data:EariUHHtWirIXuRARj7lEneAOlKcjca9T+J0oH2xPv99w4ac1cRrvEVD,iv:cjC/+AnZdwWXkJOIAE36Hk/if4fqofVFf0H8WkHkRY8=,tag:M+s4hPzSp8eR76M/7TKXPg==,type:str] @@ -48,8 +48,8 @@ sops: c2lzVGV6WnVQT1pOTTVwRUxlMWZobWsK0CrDl2ELoYOTrMt3uN3mgBSyaYqOQY4I vBK12PV9FR9GFpKN4kGB03PZ0gV0N1zlcCHpnPCUuHwbCvvF2+vCag== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-03-21T14:49:39Z" - mac: ENC[AES256_GCM,data:UOSGdgzqdp8G9e0SfzUxUDWPfv5a6YXhPy2//4njeFQwBmBFs/2d1jtn7CWr7y/1WcbuCjr03SudfO/yquNiELZqfIi41b0Qu6PplQE5khQR4RT7jpJ8b7HGmAnvAxhM5X835cXntU7FXna+1QWwzIKpPGVtKQ7m36CbgSgY2Gw=,iv:sRCLtoxeYaNS0Ga+ncUWxPh0MsqJUfHpamHQpGrm7lY=,tag:vLsJYdmKCNqOr5y5ZYVaDg==,type:str] + lastmodified: "2024-05-05T07:39:57Z" + mac: ENC[AES256_GCM,data:N4xRSkLgkdGRqHQVALMPM1n7P0je6l32ek7h0hYDanNQL9lurjA3SNCb0HUl/nWBSWdYqWgSYosnuzLuaq/6zDaE7T+3gUazXZ8A2qeBuzLUbGiH53lql3OwKZPtme1+ZMtM1EG+2wgGOdT2CXjlVWEY+9a3GaL/d0lHyJWwHjE=,iv:LCd1Xi8AE+7LVkBP9W+mfp4nfbsQ3fH4dsWKN3qw7uk=,tag:yVE1nCjvboApqDoMboRHng==,type:str] pgp: - created_at: "2024-02-29T15:23:23Z" enc: |- From 7630dc44949fd7ddfcad74abe6d140aad8b61314 Mon Sep 17 00:00:00 2001 From: Jonas Gaffke Date: Mon, 6 May 2024 11:08:41 +0200 Subject: [PATCH 4/8] decisions: use newer image --- modules/decisions.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/decisions.nix b/modules/decisions.nix index 8427375..29ebeb3 100644 --- a/modules/decisions.nix +++ b/modules/decisions.nix @@ -6,7 +6,7 @@ in sops.secrets."decisions_env" = { }; virtualisation.oci-containers = { containers.decisions = { - image = "decisions"; + image = "ghcr.io/fsr/decisions"; volumes = [ "/var/lib/nextcloud/data/root/files/FSR/protokolle:/protokolle:ro" ]; From 81ac3b4c0d45713a28dfcea842b334e3e52adf30 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Mon, 6 May 2024 11:12:19 +0200 Subject: [PATCH 5/8] ssh: disable password login --- hosts/quitte/configuration.nix | 9 +++------ modules/core/base.nix | 8 +++++++- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/hosts/quitte/configuration.nix b/hosts/quitte/configuration.nix index 0e2d288..2d7faa1 100644 --- a/hosts/quitte/configuration.nix +++ b/hosts/quitte/configuration.nix @@ -21,12 +21,12 @@ boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.linux_6_6.override { argsOverride = rec { src = pkgs.fetchurl { - url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; - sha256 = "sha256-Y55QBg48jyPtAXyxDP6sxrqI/1WDgSu3aFm0zGoSgpE="; + url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; + sha256 = "sha256-Y55QBg48jyPtAXyxDP6sxrqI/1WDgSu3aFm0zGoSgpE="; }; version = "6.6.27"; modDirVersion = "6.6.27"; - }; + }; }); services.zfs = { @@ -53,9 +53,6 @@ value = "10000"; } ]; - # Enable the OpenSSH daemon. - services.openssh.enable = true; - services.openssh.settings.PermitRootLogin = "yes"; systemd = { services.nix-daemon.serviceConfig = { diff --git a/modules/core/base.nix b/modules/core/base.nix index 53a5d38..b3f19c0 100755 --- a/modules/core/base.nix +++ b/modules/core/base.nix @@ -29,7 +29,13 @@ }; # Enable the OpenSSH daemon. - services.openssh.enable = true; + services.openssh = { + enable = true; + settings = { + PermitRootLogin = "yes"; + PasswordAuthentication = "no"; + }; + }; programs.mosh.enable = true; # vs code server From 5930da6bdfee3c475d13f39b38ddf4d8975c9835 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Mon, 6 May 2024 11:13:49 +0200 Subject: [PATCH 6/8] ssh: fix type --- modules/core/base.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/core/base.nix b/modules/core/base.nix index b3f19c0..5f4e7b7 100755 --- a/modules/core/base.nix +++ b/modules/core/base.nix @@ -33,7 +33,7 @@ enable = true; settings = { PermitRootLogin = "yes"; - PasswordAuthentication = "no"; + PasswordAuthentication = false; }; }; programs.mosh.enable = true; From 4fa9a2fe7de8f8750ac00b2917e376343f3c518b Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Mon, 6 May 2024 11:21:12 +0200 Subject: [PATCH 7/8] treewide: cleanup with deadnix --- hosts/quitte/configuration.nix | 2 +- modules/monitoring.nix | 2 +- overlays/default.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hosts/quitte/configuration.nix b/hosts/quitte/configuration.nix index 2d7faa1..6f18e21 100644 --- a/hosts/quitte/configuration.nix +++ b/hosts/quitte/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { imports = diff --git a/modules/monitoring.nix b/modules/monitoring.nix index af28b88..ed68e37 100644 --- a/modules/monitoring.nix +++ b/modules/monitoring.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, ... }: let domain = "monitoring.${config.networking.domain}"; in diff --git a/overlays/default.nix b/overlays/default.nix index d5d37e5..7240ef2 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -13,7 +13,7 @@ in }; })); # (hopefully) fix systemd journal reading - prometheus-postfix-exporter = prev.prometheus-postfix-exporter.overrideAttrs (old: { + prometheus-postfix-exporter = prev.prometheus-postfix-exporter.overrideAttrs (_old: { patches = [ ./prometheus-postfix-exporter/0001-cleanup-also-catch-milter-reject.patch ]; From 5294cd68f86369fa07ee260afc1c8e74b9938a3a Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 2 May 2024 13:21:16 +0200 Subject: [PATCH 8/8] keycloak: init --- modules/keycloak.nix | 27 +++++++++++++++++++++++++++ secrets/quitte.yaml | 8 +++++--- 2 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 modules/keycloak.nix diff --git a/modules/keycloak.nix b/modules/keycloak.nix new file mode 100644 index 0000000..9073914 --- /dev/null +++ b/modules/keycloak.nix @@ -0,0 +1,27 @@ +{ config, ... }: +let + domain = "sso.${config.networking.domain}"; +in +{ + sops.secrets."keykloak/db" = { }; + services.keycloak = { + enable = true; + settings = { + http-port = 8086; + https-port = 19000; + hostname = domain; + proxy = "edge"; + }; + # The module requires a password for the DB and works best with its own DB config + # Does an automatic Postgresql configuration + database = { + passwordFile = config.sops.secrets."keycloak/db".path; + }; + initialAdminPassword = "plschangeme"; + }; + services.nginx.virtualHosts."${domain}" = { + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.services.keycloak.settings.http-port}"; + }; + }; +} diff --git a/secrets/quitte.yaml b/secrets/quitte.yaml index f8b8d4d..de196f8 100644 --- a/secrets/quitte.yaml +++ b/secrets/quitte.yaml @@ -1,7 +1,9 @@ nextcloud_adminpass: ENC[AES256_GCM,data:v6FYsO/RklPSz5uf6aYQDhdudHb0962I1WxJM3VGc0af6s/fEz2j+UTu,iv:WzS+jU7qmNQbd1RWDempdu4nv0ytWeybF/PKoc4mvTc=,tag:1CF3ZnQNDLv11j7UoyYsjg==,type:str] -hedgedoc_session_secret: ENC[AES256_GCM,data:WFbqr6VX12rpiPuIPlQnwOMdHM1B0yk2PYuuanbqREE=,iv:Iih4/GNs9qN+AM6fdaTJLmmPQIzxIwXHUZttP1Up6qs=,tag:IVZQId4yxbePVQqJB9+3iw==,type:str] +hedgedoc_session_secret: ENC[AES256_GCM,data:WO3j/Sp0LHyNC51jdzChKB46KLU7l57TBVNL3v92sjs=,iv:HVizKMCd+d9cTQEzRncRpv9scldg5Nn2fBRz0D58OOg=,tag:8HZttVgZs4Ah8JWTDaTySA==,type:str] nix-serve: key: ENC[AES256_GCM,data:GptsUgeXOOrwJctoMZ+mWXcw9DwJ0f0LOlLyMlH/877N4uA5/NtNKIaFHl3z2GWPRBnDLBzDEO1Q6EDuWbakr+Uq4zTJm2MOV6Qf4kM0BlNpXGIdjvh7tD2La7GV4ID+CT8U6p0E,iv:3A/Yy4PHsq9VdhW4SKIYdpd1enQ5cDiKLk5S9VrH0b4=,tag:WZzbct7LZmOhEvx9KVQ8WA==,type:str] +keycloak: + db: ENC[AES256_GCM,data:DVf/pVCHHUed2cQleECk0paBTZ/6Q3NE,iv:j3sWWNL0dqPJBLUx10+jJ7QvdAHvGM55KKDwG2aQEs0=,tag:6VTeE+Prsm+LPemzbEtVYg==,type:str] dex: environment: ENC[AES256_GCM,data:XpwG/q68wEis4lfrO9wKmKhXDAqzUaMSQHc0lA+Q5TDOzCdseQms9Y51qHD/IxVIcpx14W/hJxuD9jXas8/arD3ZUJ/sUYWDBqAVJGclMz9UjlmJip8Auoro4KIHjOfbO5asGJvStQZ2/pEwcjwwXOp27pMIIrJY6FiKy8ak+QWCLgRYYcosbohUOk9B15i0GvBUbeOX3SypHdNGg59yRnDBl5n9Jf4R0pugaL27zVCCTtFQIv2gQekkGOy62sx5DEocHM/IAHpD36/UerfIeAMZXYqFwIVWlcW4E7NsU/+QTFhtGrK3SdgBdZwFTxBDErh7PfzRS+eRB9eePO5G+Ow27PBOH/JLdy+N6zVB4tOjiNcBCIIzifpWozcxiHHqATUzN6cA85Pnb6icaAXA+pUk5Y7KTRvDqtZnRGraXkvfy+3fNgWFsErphLNIrHrVfOKxZHnF1myDltlre6BPoKoTH0T43CUriv8u7Z3sw/HziU991u72ZxqwBzWNEc6cYsSidKgVMWYcGyXX9zOl+nsRnIuEX5sZFB2z/VXqiuJoP8+agaUgKIU4eLtltOk=,iv:/it0Kg0+2BpdiJFI2GBiC2VJgeHC/GbjniDKVqL1xSo=,tag:Y06ICn5wHGV3jUZTRt1k4w==,type:str] portunus: @@ -48,8 +50,8 @@ sops: c2lzVGV6WnVQT1pOTTVwRUxlMWZobWsK0CrDl2ELoYOTrMt3uN3mgBSyaYqOQY4I vBK12PV9FR9GFpKN4kGB03PZ0gV0N1zlcCHpnPCUuHwbCvvF2+vCag== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-05-05T07:39:57Z" - mac: ENC[AES256_GCM,data:N4xRSkLgkdGRqHQVALMPM1n7P0je6l32ek7h0hYDanNQL9lurjA3SNCb0HUl/nWBSWdYqWgSYosnuzLuaq/6zDaE7T+3gUazXZ8A2qeBuzLUbGiH53lql3OwKZPtme1+ZMtM1EG+2wgGOdT2CXjlVWEY+9a3GaL/d0lHyJWwHjE=,iv:LCd1Xi8AE+7LVkBP9W+mfp4nfbsQ3fH4dsWKN3qw7uk=,tag:yVE1nCjvboApqDoMboRHng==,type:str] + lastmodified: "2024-05-06T09:24:11Z" + mac: ENC[AES256_GCM,data:yfIPRbPOMLbO70u4+/BENICJL2w1PSfWTEwYx4d807ZoKJFp/urHetRgSpkZuRy+MgooetNaHqQdR9y7+hv2L4rUqn8BXRvZCLSbrsUhoeszyYUgzbWFprDDJGpkpOc5RfBjOKCFckr05gc0Gdfh0Fg77dzOOzJ15B3TflGiLqY=,iv:J5q2kGzAQoHc0fcJgyeBY+LXudW9HS5Kc59IVf1w7As=,tag:aVFQxKXi6sdwmw+P3qvY+A==,type:str] pgp: - created_at: "2024-02-29T15:23:23Z" enc: |-