From f829abad4365640ea207312a1eaeeec6a5ef6383 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charlotte=20=F0=9F=A6=9D=20Delenk?= Date: Sun, 24 Apr 2022 09:39:44 +0100 Subject: [PATCH] init: nas --- .sops.yaml | 4 + config/nas.nix | 172 ++++++++++++++++++++++++++++++++++++ config/nixos-8gb-fsn1-1.nix | 138 +++++++++++++---------------- config/nutty-noon.nix | 8 +- flake.nix | 4 + secrets/nas.yaml | 45 ++++++++++ 6 files changed, 292 insertions(+), 79 deletions(-) create mode 100644 config/nas.nix create mode 100644 secrets/nas.yaml diff --git a/.sops.yaml b/.sops.yaml index ebb5a6ea..4cf20dad 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -26,3 +26,7 @@ creation_rules: key_groups: - pgp: - *lotte + - path_regex: secrets/nas\.yaml$ + key_groups: + - pgp: + - *lotte diff --git a/config/nas.nix b/config/nas.nix new file mode 100644 index 00000000..7f52d8da --- /dev/null +++ b/config/nas.nix @@ -0,0 +1,172 @@ +{ config, pkgs, modulesPath, lib, nixos-hardware, ... }: { + networking.hostName = "nas"; + networking.hostId = "70af00ed"; + + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ./systemd-boot.nix + ./services/tpm2.nix + ./server.nix + nixos-hardware.nixosModules.common-cpu-amd + nixos-hardware.nixosModules.common-gpu-nvidia + nixos-hardware.nixosModules.common-pc-hdd + ]; + + hardware.cpu.amd.updateMicrocode = true; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ + config.boot.kernelPackages.zenpower + ]; + + boot.supportedFilesystems = [ "zfs" ]; + boot.zfs.devNodes = "/dev/"; + + services.zfs.autoScrub.enable = true; + services.zfs.autoScrub.pools = [ "tank" ]; + + boot.initrd.luks.devices = { + disk0.device = "/dev/disk/by-partuuid/b122f4e7-9edf-402e-87a9-b709741fe8c9"; + disk1.device = "/dev/disk/by-partuuid/6e080c43-35fc-4c7c-a749-112d5b618a64"; + disk2.device = "/dev/disk/by-partuuid/13f012a4-b9a9-4144-8888-cbb637657f69"; + }; + + fileSystems."/" = { + device = "tank/nixos"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/nix" = { + device = "tank/nixos/nix"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/etc" = { + device = "tank/nixos/etc"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/var" = { + device = "tank/nixos/var"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/var/lib" = { + device = "tank/nixos/var/lib"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/var/log" = { + device = "tank/nixos/var/log"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/var/spool" = { + device = "tank/nixos/var/spool"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/home" = { + device = "tank/userdata/home"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/root" = { + device = "tank/userdata/home/root"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/home/darkkirb" = { + device = "tank/userdata/home/darkkirb"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/569D-113A"; + fsType = "vfat"; + }; + + swapDevices = [ + { + device = "/dev/disk/by-partuuid/3b652a7e-a550-4342-a0d7-d2ae47b3e9d1"; + randomEncryption = true; + } + { + device = "/dev/disk/by-partuuid/59de36d4-6613-4b50-9643-8824e9a9b1f9"; + randomEncryption = true; + } + { + device = "/dev/disk/by-partuuid/f6260d75-2b96-4f55-ba0f-050c58b84b78"; + randomEncryption = true; + } + ]; + networking.interfaces.enp8s0 = { + ipv4 = { + addresses = [ + { + address = "192.168.2.1"; + prefixLength = 24; + } + ]; + routes = [ + { + address = "0.0.0.0"; + prefixLength = 0; + via = "192.168.2.1"; + } + ]; + }; + }; + networking.wireguard.interfaces."wg0".ips = [ "fd0d:a262:1fa6:e621:bc9b:6a33:86e4:873b/64" ]; + networking.nameservers = [ "192.168.2.1" ]; + environment.etc."sysconfig/lm_sensors".text = '' + # Generated by sensors-detect on Sun Apr 24 08:31:51 2022 + # This file is sourced by /etc/init.d/lm_sensors and defines the modules to + # be loaded/unloaded. + # + # The format of this file is a shell script that simply defines variables: + # HWMON_MODULES for hardware monitoring driver modules, and optionally + # BUS_MODULES for any required bus driver module (for example for I2C or SPI). + + HWMON_MODULES="it87" + ''; + nix.settings.cores = 12; + boot.binfmt.emulatedSystems = [ + "armv7l-linux" + "aarch64-linux" + "powerpc-linux" + "powerpc64-linux" + "powerpc64le-linux" + "riscv32-linux" + "riscv64-linux" + "wasm32-wasi" + ]; + hardware.enableRedistributableFirmware = true; + nix.settings.substituters = lib.mkForce [ + "https://cache.nixos.org/" + ]; + nix.daemonCPUSchedPolicy = "idle"; + nix.daemonIOSchedClass = "idle"; + networking.wireguard.interfaces.wg0.peers = [ + # nutty-noon + { + publicKey = "YYQmSJwipRkZJUsPV5DxhfyRBMdj/O1XzN+cGYtUi1s="; + allowedIPs = [ + "fd0d:a262:1fa6:e621:47e6:24d4:2acb:9437/128" + ]; + } + ]; + + system.stateVersion = "22.05"; +} diff --git a/config/nixos-8gb-fsn1-1.nix b/config/nixos-8gb-fsn1-1.nix index b9356409..46f125b2 100644 --- a/config/nixos-8gb-fsn1-1.nix +++ b/config/nixos-8gb-fsn1-1.nix @@ -36,40 +36,35 @@ }; }; - fileSystems."/" = - { - device = "tank/nixos"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/" = { + device = "tank/nixos"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/nix" = - { - device = "tank/nixos/nix"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/nix" = { + device = "tank/nixos/nix"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/etc" = - { - device = "tank/nixos/etc"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/etc" = { + device = "tank/nixos/etc"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/var" = - { - device = "tank/nixos/var"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/var" = { + device = "tank/nixos/var"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/var/lib" = - { - device = "tank/nixos/var/lib"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/var/lib" = { + device = "tank/nixos/var/lib"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; fileSystems."/var/lib/minio" = { device = "tank/nixos/var/lib/minio"; @@ -101,54 +96,47 @@ options = [ "zfsutil" ]; }; - fileSystems."/var/log" = - { - device = "tank/nixos/var/log"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/var/log" = { + device = "tank/nixos/var/log"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/var/spool" = - { - device = "tank/nixos/var/spool"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/var/spool" = { + device = "tank/nixos/var/spool"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/home" = - { - device = "tank/userdata/home"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/home" = { + device = "tank/userdata/home"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/root" = - { - device = "tank/userdata/home/root"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/root" = { + device = "tank/userdata/home/root"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/home/darkkirb" = - { - device = "tank/userdata/home/darkkirb"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/home/darkkirb" = { + device = "tank/userdata/home/darkkirb"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/home/miifox" = - { - device = "tank/userdata/home/miifox"; - fsType = "zfs"; - options = [ "zfsutil" ]; - }; + fileSystems."/home/miifox" = { + device = "tank/userdata/home/miifox"; + fsType = "zfs"; + options = [ "zfsutil" ]; + }; - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/8E14-4366"; - fsType = "vfat"; - options = [ "X-mount.mkdir" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/8E14-4366"; + fsType = "vfat"; + options = [ "X-mount.mkdir" ]; + }; swapDevices = [ ]; @@ -216,11 +204,11 @@ "fd0d:a262:1fa6:e621:f45a:db9f:eb7c:1a3f/128" ]; } - # Old infra: nas + # nas { - publicKey = "X6IOz4q4zfPy34bRhAjsureLc6lLFOSwvyGDfxgp8n4="; + publicKey = "RuQImASPojufJMoJ+zZ4FceC+mMN5vhxNR+i+m7g9Bc="; allowedIPs = [ - "fd00:e621:e621:2::2/128" + "fd0d:a262:1fa6:e621:bc9b:6a33:86e4:873b/128" ]; } ]; diff --git a/config/nutty-noon.nix b/config/nutty-noon.nix index 5fe33a31..0bd68aaa 100644 --- a/config/nutty-noon.nix +++ b/config/nutty-noon.nix @@ -183,13 +183,13 @@ nix.daemonCPUSchedPolicy = "idle"; nix.daemonIOSchedClass = "idle"; networking.wireguard.interfaces.wg0.peers = [ - # Old infra: nas + # nas { - publicKey = "X6IOz4q4zfPy34bRhAjsureLc6lLFOSwvyGDfxgp8n4="; + publicKey = "RuQImASPojufJMoJ+zZ4FceC+mMN5vhxNR+i+m7g9Bc="; allowedIPs = [ - "fd00:e621:e621:2::2/128" + "fd0d:a262:1fa6:e621:bc9b:6a33:86e4:873b/128" ]; - endpoint = "192.168.2.1:51820"; + endpoint = "192.168.2.2:51820"; } ]; # Build server stuff diff --git a/flake.nix b/flake.nix index add51389..09cbd3b5 100644 --- a/flake.nix +++ b/flake.nix @@ -45,6 +45,10 @@ rec { name = "installer"; # The Installer DVD system = "x86_64-linux"; } + { + name = "nas"; # My nas + system = "x86_64-linux"; + } #{ # name = "rpi2"; # Raspberry Pi 2 # system = "armv7l-linux"; diff --git a/secrets/nas.yaml b/secrets/nas.yaml new file mode 100644 index 00000000..86e2c8a0 --- /dev/null +++ b/secrets/nas.yaml @@ -0,0 +1,45 @@ +network: + wireguard: + privkey: ENC[AES256_GCM,data:rSPpluEJaBAgP/tMZ3JUzRr0wWRsTc3FKK4jWrTndRu4TiUt1lEHf6qsnqI=,iv:7JVRPV+PyhT/7WJI62V35gdvqVjvFcdMDMTS2QIoLdo=,tag:A1LGnfmGr982jpbbV40zHQ==,type:str] +services: + hydra: + gitea_token: ENC[AES256_GCM,data:59GXJ1OfQ8LZkS6+PMqebXid5CRjE8TSsC/UIAY2VEH9KOiKkFlopA==,iv:1P5t8VO+8fFqPwlsJSsLaIsOrK1Mak77qyTc/Ydu56s=,tag:2OQYZxT7dVppMP6dg/n4+A==,type:str] + github_token: ENC[AES256_GCM,data:Bhq57Y+gxd5T3DGSa7gLHjaffsCjFVHpZkk98pDfnETWfhQgEp893g==,iv:lvzMJIgAehJBwJUiT5F1xNgitexAUwimOaN7RHze/rA=,tag:YvLtT5hgdzWm3TaqrAJsUQ==,type:str] + aws_credentials: ENC[AES256_GCM,data:8aIz7zfoOzyYWIOofrw2bYLVebnQEjRuKVG388itaMBXwAGfiVIbH9H5Xhanb+NcRM5jGnnnqvQsgbRtjXrDLaLrMh8OAOyytU2EYwhV5sJebNy/M1D1OlknRDpa603JbtdgsnBvUgsuM3ta2zRTrQ==,iv:jWv30sr+J32bko4BY1FB3kDkKgsUcYsq/nxm8z04ejQ=,tag:VlAwxZIc0iCi+ofZiMrLGA==,type:str] +security: + restic: + password: ENC[AES256_GCM,data:ClbqmmRA1ls/qIjMZTgw3rVfpjw=,iv:T1rqIprLEg/BbfGBS1/PJM4xO+tm2KtdEbGrc28JWCI=,tag:1IbjQniWtawYW7jPwvsf7w==,type:str] + acme: + dns: ENC[AES256_GCM,data:SPtXYDvrUNdSMr6tjdGDfFA2WW0s51pBek7QVq0f3zwSMa+g0mok5/2p6FljFBzb3ENUII/le9/CUssqY9dZbRknuxRsfVbK167bb77Sh3aqMo4EPO88xDJ8HXpEUY0XvtGiAchsFmZB9W3cyUm3x1PJtnOuvOG9ZUXpek8kMLP/TYZCbajWhdlMXECNH7KZ9/A7SqJ6+lXPJ+n8lCj8wxkJRUrby1BXQ7VmoecWKdkRPtty/876uN4JIT4mTx4/yZErQwdkctoXqEd02F38kMDB18Ag3CBGMQ==,iv:BhwYzzIq25oFHXY9jJ5qgBBxGKPI7LjkSxyT8kwHSSY=,tag:6na225O7R9tmFn3+vV056w==,type:str] + dns2: ENC[AES256_GCM,data:aywUa/3MJC27RZ8xqq3rjOy3KJHOI+U/W3quW7CnIoLKfnWUg3pG4VaEbg0BCcqPcupq9ESrCCDkeUfnToEWf/TCSvQZNzwPmKD03hUl7d4R/bn24IPFdLiK0/i88cK3G0WB5aTkDw4wS5HWsWx6YknhxZVBNWxz5PLGF6a6QotfyY1ze8YKmb+XJYn74sPdmOk6375fHw6y7YfQqWWoOHmFW/CcI3/kH5Z/hMiVlN8XtGZ6r6A0F0/kZTq10chd3KnyhzvP26LXIHiIJ/JDJC0+kORkmO8VLQ==,iv:Yuy8YYWG4F+VgsNeP9eSdL07vIYlKzMu8ZopD7N8GX4=,tag:eUTFUrR9/sYxMa2Ra+B7bQ==,type:str] + cloudflare: ENC[AES256_GCM,data:mYIE5kUv7TV6RGnFq5kZHaUVN9+OHB6pEjx7UiC6guomHMS8dAxMXIStnbGSF8jf9i4ze0ieTCkVGZ+IHAzA63EQ6bMIvfl4lyBRBqDb/uNeXEfpi99042aj161tQwKXXKKIcGrK8SVQtftY/soEJtNTAtOIcpyqcAGzBQaAi0gDKAiv57ShM+S8/PcK4kZDeRn0YbM/GPNslPB426Y5Mwp3tBByXNcd2qeeS4vn/NvyMbOzt0BoeZ0=,iv:lOv+HA/AH+XXSxPkP8FFoqun5FrZfXtteHp8BTyYvMw=,tag:3RQV9krzev6hFLf7N+7EVw==,type:str] +email: + lotte@chir.rs: ENC[AES256_GCM,data:eHUi0h+OAG+FrJ1YhWuLzVc9uQ==,iv:nqt89BtpiqlCusfWHq8ouJImlx8qKDLoWBOZ2DqsupU=,tag:nc8FtW3AFE0cTwMNiDIqOQ==,type:str] + mdelenk@hs-mittweida.de: ENC[AES256_GCM,data:w1HnSYETkpTgCA6/T7yPbd7qKajUDxDA0cTQ3lw6uQ7EUC+zi+kbMoMuden3K4LLeHowE7/xB3sqY1LaDTnd1A==,iv:H9DYqoZkZsHJlw6bJC96KNMMpetROvTCiwV69WRQqxM=,tag:Jir/+6XTUneuJtg1L3KLuw==,type:str] +password: + root: ENC[AES256_GCM,data:BlKpcQ4LUl5C4usZyttx4akiQlbRGIxFTloCgARY2ItD97Y/dqWX9vcWv3C2RS8tY/3pD2lxVZ8ZYGixBnssW9GahwyOXkQq9Iw39C2EqDznifLsFH3Ge71LZA3lpKhPsVQCbMarMUnsXg==,iv:FlyQe0yy8a2xtYsxGdhwpbST7AfHnKEcsTqVaXvgxsc=,tag:H56MsVv3Ak3dMAm+VQq5WA==,type:str] + darkkirb: ENC[AES256_GCM,data:yWb/WCk0ZDlsgeHZRrYXng2lhD/WganyfyWMi7pJvCCUfNGgH0YsjxuM41i7DHzdGCiuGnOV59Zkgqq5qU69RVyBlJrQr0Ge3GAqpqe7l+yp1QIe2cIB5OntC15NnDFq7UcFfgEH+TSCGA==,iv:bA+nLl7qjLvnUDMvi6go63GW56C2RDi0a3HHx6MYk4M=,tag:2QVO3EeqBYIu8lECDGAlpQ==,type:str] +secureboot: + DB.key: ENC[AES256_GCM,data:ImKB+3OhsvCHcFgFoDOZSIq9ht9mt6/dIlYRDoG9pkNzmyVzCfD7lXpkRkgtphdu8XepGkJA+EpFYOGyJW4G8UiwQgqhry0H79OBSU3+D+IV/6EKE1EJ17gd8yY/SScGtpdcHoMLJ4gZ23R6kt3oFOmreLHNUrZSZ6zoPotZ4+JRCILIGe7Me6uK2jSKVthwVkcRQ5umBYID3gghMyXKRXUHvBKAKKKhHVYHlBt0aST+R1mbgWZgo93M+qCEsX+Z0Q5FICttBZiIZUpK0S/+qtlTjMg1A5W55/MtLzpL2fh6r5zPz8sSAjOZ7+IYDlLjyMZRA2BfV4SxwUyx9oJVUNccOr4B90YPWJ1R35e+LwVfF2hwqOTeZ4+yztBG+3z2QJH6D5zlddr/O27+kJZMLsy3x74Og5acxc68FiWkeJvkq6gu+9iUPUSKdaDjOxZmCMUzZaqYlYrzJRQYD1CI/3ErQF44So89BDDSdaTyDn5kC1P8Zmv4OG9YbePJ6C6h7xiP6y2GJq29gvEfun4xg5uMzSWMGCfqSS/fyJ2pponc/GIa+Mej4x/DPNdz1CsaZEs7p5CTQdmbj/TTGNDPepSAQyloHom2uaye6bZZn0/kMmU01HnXdNfq2Lm0McqzLiNeU04/TZHUMOSDJqg7GTH/oYBmo8i/ETKT0Sw0yobtJDsEtgL4xHQ70VJKKVAGGGoXTg+lCDZf4/kGkB3QPTE5tZHoLrqOnMxSbUYzHrgBhrEbfWCH97ruGHgZCWQuLi+Fo2G3xitV/o2wzNkAXXD/JzZofUNYPV9hiOe0kABjI+r8voFma54TQp0IpaITv0JHCpiVXkAlgawYYwDtJ07QA5ZB2E4/Ifza/PxBRlHu/JcmdDzc61a6WHCaLpcqf9LOcilkVbsiqiOTzCbDw3nKSyLS2dnEJyKNyrBxqk79xr2636Wml9DCfx17b3y0DCIFwBWDMh9n5K4HcMRRB6bk4RMqmMBVEphMHpb2lOjScdX4waV4vxobxu06kyG/UW/QgwHAXcmuYL1wtXZ7ue0J76DsBnKfObZvrcsBYE9T+sH7CxE2VtNovWm2BSyEHPnrKdBF03bPnnWi8dBWyaQcyZfz7m/Llh1SMVnlcobfMfp49A3HZNGgLsSFF9E1vSwJ5qpBD+p9smNdKkGh5pWFzDQeox5iQz3eSt6C/MoMg1kiHyNr4AEDKB0pzthfuhNg0RFwGcIJHotoNAXqp9+rVlOoCbzJi4Z2ssH2I942jkltw3xgmjkjbzDucpOF82YvBj7lB70nVaON5DPLpc+D/4aFzaI4qn4BGHW4L3k82DZ/cv8C+mCQYLiQGo/nBfc9m/5dAKDSHxBqur9YMXS9js3AKu/hHqalpkVEXf9HTh0MaFnf+vhV/mMeX4YP54yykc9PMbMaPxqZvIeAvxXS9aCDm6pElzkfz/ofGpAC3mZCBdinJT/OCXevKN/OOIRcchP427rdxTtkh4q7Wa6/I/QwiR9P74tofh80RZ2uI1zZLwUZ+8EyXgoiEF5bbWhblp6uFqQd3doeOGxPSw0lkVlwWUISYIqrkJvpbpffbblM63fZVdX/sxYJl+TWb/GNZdrlQ73LtEclXIonjb8Akx7uuTNDoh5WvYxautKHgixgA38SipAYKDS1uy8jvh1CjsfVu1JhlxMCbIrhyPEiB6iT2JFJy/Vrol3x3rWxVuxpWP0h7PgzeWxVVMmS0u385kvVw2vSlaFakBTw/kKV7bECq8ZEaC4MLizi2C1I5tgFG5so+BwO8MBmDSddXwUG3Pd5FRhObKpy1J7ujg99fEPwzt0wptuO6VwwMoY6VmcN2igaV09KWoKkrd3R4HBYcdJDleF5a8xxdYlm+y1Aqt7DGzLeAx+vE5b5kdRfakaACHfAeSptJGgAZmqhzR0Iz8haLM7E5nJ6saltiNCI6Ft6GcoSiXGaJT4WgluzI/mTjMLjELsB7OZ9OnfATFQzmNbLy/Ph/xUrqHx8S4lX0ub0+xxh7wn7S/GN1Au/m4mvfvcl8Vfj8s/1mOJeaCRWJTMTvsFfuh9DAsyaspNnFfOKEL3xfLcFIYJK0pWof0DGb/NWk0sFuwvY1Lq4bcBU/fnhoo1R4Cpo8ATDBpfj8GihhiIyfkFOwTjfiwx9xfRD5w+yeJtYOz5SZHjXnnuE0heYqwVREEFCNNi9Ku76KfHjmslDYTdRNvk9/Jkku7ExgDeiaNPgHRGD84IZNzbbM66UYBiKqe0K+vdAFjVL6lJ+rAOaMW/aDykemcgC9pq50lNWvKJ3VlmGGKHfA1UY+igBFymv/msPTK2g2XFLbLhM+GBUbS47oyZeRxmg1ZRV23O16hkBPRm4sVntdMm1mcp0RVfdb78LxMx6LHzuEPCK4seMH0jOC4cJbN/p8WpVbxuy9D5mPtQQU8DBGZPwBvzwJ9PXF7KeAZVPdUnEG7PVRg7rn6rtENz4oU/OPA2dT/E8Qs7Or4JbG38QuRi5f9pvtQFTQiDIV86hDr3C0X7dA+hm61THipxN7MVVLaHPeYEblWELx/ERRAwGamLW2K3pcnVmvehsi17H8h3/ufRS8aOdFpWbDNwRtP7VjURHFUDBSrH+0Ej6i9QDyWHtqHqB+KSHFl8sLeZEp4wLiCauwmICjIFxWHLb17s742BoAfqdbI49jmTJgD2aw42yn9y2QUbRlfsegMtETv9OHxYeLba0+hfhuX4ckY6njBoBDZHyCD+xYQSPQdh5zNtKHzPnrRn3wOeeTebLh8ngeNCIvZOnsfiibL4UIdUMzz1OCf6XHIpOr9hn5IYT978BaHyCzKuCAcqawoeZroOJ/e1BIBFAlJ7u2XcJbQOuIZOPX3TbiU379qBlBLPJz93YtSj11J299/MllObDqK1zmS88VC7occZcfRFG6W8B7eUuQMeNs7qghwLKkt9I55LuW5JhuBm+tpPJKmwAIl6uUC1JzOHlqkQg5xQ+oXvZ1MaH55yGL0baWPRm+WCsVQxPWjtuxjxTKsuG6bWTS+gBjB3KTnmh/Lok0ZFSbtO4wmtNxPXzTipGS3YFh9kdnOqpymmfDqMQvxIC+ADfavS04BXJJpgitIMbqOkXPfvURkKBDfsnBDl0nb6XbKBHDKkwyKi23KTxZw0YN2QYB5TbnN9JirlX29yA2038vy2XMxNgfnYi5zCfNgkhOTfknZEWDfI6zUSL2OyGI21aATH7iPjrPtM5VzwSLXQE1DAavgZdeDUUsqJykcZ/IloQEMynsYq9YepsySMmPSmEOViKyduvf68OF2+90Dt4pbhMyKh+Xr6/1sVRmJXZBoVgsx3dOO0YFYdJk0CvlSHARcskTk777nwdudW27v5stvpUWdKRJxbmys4zvfBIQAvE1OwyH03WEarM1g81PJVOZnvARBbsfr5V5AS88YWrQK83a/65YLli77Sq4sopObA3m6pJPSVevKtFweTbg5noELUMUTn5PHcXeHw8rB1k52wVLEH+P9nF6x2huJ+7M5lq/KagjcV4u/+Wg9vAmGv1DuS0DTmPsvERPD+tuzuuQ2Ndgztu6ZCcUF78khNjpqo0aKUnNIk0LEZkYG5O0dFJHSLFUFFTpT84yY9edako8/xqdf+cOmShd9k9nm9RC3zrUqpoKBhRbk6hUKFgVNZLJlbBzjUnDzmFey63xDhfXxEMH7rOkpVJfOTEO+J2v7rjQ5l0N6nz/HT9DCgskYP892r/R8ZTfqMGQlcp6G4NaXWukKDjYB0gkBGhs7wD1+zdOlhJg3K6qbCOor6xjTuvi5PywbG9tbX5PGjd16IORWZRVCrMHaBDRruWuO/rl5hmLwrcZH5fdnoSZYEXW/IkT1RSJ19ME0AAzdKfJZ+JTVy9tPO4u4lUsbwaAgskEP2YDxBG5TJDn8hFuAQZ6A70xAkZUu/V9z8dg5k0+mLQtxk50zfsXGoSS34qTR1cFJkqsgc94GfPkMhzrBR/VTczYjVsnaJWQdd0cYxzSwNuCFbyO5FVFIrREWWngPZtY6jNBbPk7OZNIBEEeMQ1HutQ1XIvVFSsK4VLWtn6nBT0GQLXHwS2aeHfjFWboR8ZLvYfU6SS4upKW3gCC2IFbQLFJhBC2gf+Nm8/SMsS1m1yVjbwi/lt7RqT+QcWQpPozWHIngHMUcIB4gHreGVagjRfnz6ukPhYyBqVbeLgpTbAmZwikvM6g8WYdFUpCotYA+GRhoGx252KQ3CAbuqp8yWaKqaf+YjmLJwAx/tmLw64ZKjM3gKE8OO1WWwnB2FrsG5glSq24W0mfxEhgDBM4BzppzfTa9MQWpmkzFeiVWINFm+QzWDSJWoGiiiEJJZEWec7XiA9d+7wJ9M=,iv:/EHZX9WAf6t+XVZA2I7vaRqwbn6Gbo3MZLlzHvvIX1Y=,tag:g3HQldZq+fTQv/sgRr5gHw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-04-24T08:38:41Z" + mac: ENC[AES256_GCM,data:kdp8U/UFjZSzx4Maxc3h+kgP9VIOGu+dk2bj9Un5QcmTzT7oOy7H8ySX0UBb8ckNHUFVnbHw+lVBuakJg0tzhsOqf4diHwmvhfiWG6EJlyKYu7CmASMce6b3/s1vORe3IzcNZI/nnBlPhhfEH3DfWR8c1kfv1HS5W3/ZrBtOpYc=,iv:mSbqH2uBNwxzHnmILSbdbfWh/VxUT1Vc4bZdUKMgRYU=,tag:ApyvCtHHXCXw4H78X/4VEg==,type:str] + pgp: + - created_at: "2022-04-24T08:38:40Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hF4DAAAAAAAAAAASAQdAA6SwJy/rqmSV9Gn94/1P5mPlXLnWspuVs09/SlwDwAQw + 77vZ+C9XfACC/WdRBdZ4VEiPJPwldyZFerwevu7azTQfNwURQtsXE2p7jTQ+nbIg + 0l4BM0nkWfmqNA7mz3rG3YJOMv1qXW5HhJN66ux+yGhA8wfEzwuk+gNJEhJtTQcX + SlzURy4A7yEt7YLp30rpPGBVj0SJZ27Eqbq0LX/gy9idFOrkL6qVQLs98tF5kTWF + =5oZI + -----END PGP MESSAGE----- + fp: 46C6A7E14BC7812E86C2700737FE303AAC2D06CD + unencrypted_suffix: _unencrypted + version: 3.7.2