From fa82afb7fecf79135896ed48078110128c5e329c Mon Sep 17 00:00:00 2001 From: Adithya Nair Date: Wed, 3 Jul 2024 19:22:10 +0530 Subject: [PATCH] layne: init --- .sops.yaml | 2 + flake.nix | 22 +++++++++ hosts/layne/default.nix | 28 +++++++++++ hosts/layne/hardware/default.nix | 29 +++++++++++ hosts/layne/hardware/filesystem.nix | 44 +++++++++++++++++ hosts/layne/network.nix | 27 ++++++++++ hosts/layne/programs/default.nix | 17 +++++++ hosts/layne/programs/neovim.nix | 8 +++ hosts/layne/programs/starship.nix | 8 +++ hosts/layne/programs/zsh.nix | 10 ++++ hosts/layne/security.nix | 9 ++++ hosts/layne/services/btrfs.nix | 6 +++ hosts/layne/services/default.nix | 3 ++ hosts/layne/services/ssh.nix | 21 ++++++++ hosts/layne/wireguard.nix | 42 ++++++++++++++++ secrets.yaml | 76 +++++++++++++++++------------ 16 files changed, 320 insertions(+), 32 deletions(-) create mode 100644 hosts/layne/default.nix create mode 100644 hosts/layne/hardware/default.nix create mode 100644 hosts/layne/hardware/filesystem.nix create mode 100644 hosts/layne/network.nix create mode 100644 hosts/layne/programs/default.nix create mode 100644 hosts/layne/programs/neovim.nix create mode 100644 hosts/layne/programs/starship.nix create mode 100644 hosts/layne/programs/zsh.nix create mode 100644 hosts/layne/security.nix create mode 100644 hosts/layne/services/btrfs.nix create mode 100644 hosts/layne/services/default.nix create mode 100644 hosts/layne/services/ssh.nix create mode 100644 hosts/layne/wireguard.nix diff --git a/.sops.yaml b/.sops.yaml index dc73336..0edc748 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -5,6 +5,7 @@ keys: - &host_rico1 age1829x4l8vdhcn97af0zq898tupll0smrqywxka4pswkt6mtn8qp7qqnnnl4 - &host_rico2 age19uy6xerll6st3s3ftfpy7075m9eetm2288l2w07k7ek6z2l3ef6qfw34cf - &host_wynne age1jyaf9rn5d5pqjh60shs2q5hs98fwugak8z6cs6qs7yuc3wntugmsumxmv0 + - &host_layne age1k2wpm88wms6hx3ldvu0n2je7pag9fexs9eq0e8hlkfcs2dx9eg9qlkf95d creation_rules: - path_regex: secrets.yaml key_groups: @@ -15,3 +16,4 @@ creation_rules: - *host_rico1 - *host_rico2 - *host_wynne + - *host_layne diff --git a/flake.nix b/flake.nix index e57dde7..f55f632 100644 --- a/flake.nix +++ b/flake.nix @@ -173,6 +173,28 @@ ./hosts/wynne ]; }; + Layne = + let + hostname = "Layne"; + system = "x86_64-linux"; + username = "adtya"; + in + nixpkgs.lib.nixosSystem { + inherit system; + pkgs = packages system; + specialArgs = { inherit inputs username; }; + modules = [ + { + system.configurationRevision = lib.mkIf (self ? rev) self.rev; + networking.hostName = lib.mkDefault hostname; + nixpkgs.hostPlatform = lib.mkDefault system; + } + lix-module.nixosModules.default + sops-nix.nixosModules.sops + ./common + ./hosts/layne + ]; + }; }; deploy.nodes = { diff --git a/hosts/layne/default.nix b/hosts/layne/default.nix new file mode 100644 index 0000000..f8be441 --- /dev/null +++ b/hosts/layne/default.nix @@ -0,0 +1,28 @@ +_: { + imports = [ ./hardware ./programs ./services ./network.nix ./security.nix ]; + i18n = { + defaultLocale = "en_US.UTF-8"; + extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + LC_ALL = "en_US.UTF-8"; + }; + supportedLocales = [ "en_US.UTF-8/UTF-8" ]; + }; + + time.timeZone = "Asia/Kolkata"; + system = { + switch = { + enable = false; + enableNg = true; + }; + stateVersion = "24.05"; + }; +} diff --git a/hosts/layne/hardware/default.nix b/hosts/layne/hardware/default.nix new file mode 100644 index 0000000..b5079c5 --- /dev/null +++ b/hosts/layne/hardware/default.nix @@ -0,0 +1,29 @@ +{ lib, pkgs, ... }: { + imports = [ ./filesystem.nix ]; + + hardware = { + cpu.intel.updateMicrocode = lib.mkDefault true; + enableRedistributableFirmware = true; + }; + + boot = { + consoleLogLevel = 3; + initrd = { + availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "uas" "sd_mod" ]; + kernelModules = [ ]; + systemd.enable = true; + }; + kernelModules = [ "kvm-intel" ]; + kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; + kernelParams = [ "quiet" "nomodeset" ]; + kernel.sysctl = { + "vm.swappiness" = 10; + "vm.dirty_ratio" = 3; + }; + loader = { + efi.canTouchEfiVariables = true; + systemd-boot.enable = true; + }; + }; + powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; +} diff --git a/hosts/layne/hardware/filesystem.nix b/hosts/layne/hardware/filesystem.nix new file mode 100644 index 0000000..80ddeaf --- /dev/null +++ b/hosts/layne/hardware/filesystem.nix @@ -0,0 +1,44 @@ +_: { + boot = { + initrd.supportedFilesystems = [ "vfat" "btrfs" ]; + supportedFilesystems = [ "vfat" "btrfs" "ext4" "exfat" ]; + }; + fileSystems = { + "/" = { + device = "/dev/disk/by-partlabel/LAYNE_ROOT"; + fsType = "btrfs"; + options = [ "subvol=@root" "compress-force=zstd" "noatime" ]; + neededForBoot = true; + }; + + "/nix" = { + device = "/dev/disk/by-partlabel/LAYNE_ROOT"; + fsType = "btrfs"; + options = [ "subvol=@nix" "compress-force=zstd" "noatime" ]; + neededForBoot = true; + }; + + "/persist" = { + device = "/dev/disk/by-partlabel/LAYNE_ROOT"; + fsType = "btrfs"; + options = [ "subvol=@persist" "compress-force=zstd" "noatime" ]; + neededForBoot = true; + }; + + "/mnt/system" = { + device = "/dev/disk/by-partlabel/LAYNE_ROOT"; + fsType = "btrfs"; + options = [ "subvol=/" "compress-force=zstd" "noatime" ]; + }; + + "/boot" = { + device = "/dev/disk/by-partlabel/LAYNE_BOOT"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-partlabel/LAYNE_SWAP"; } + ]; +} diff --git a/hosts/layne/network.nix b/hosts/layne/network.nix new file mode 100644 index 0000000..d15c672 --- /dev/null +++ b/hosts/layne/network.nix @@ -0,0 +1,27 @@ +{ lib, ... }: { + imports = [ ./wireguard.nix ]; + networking = { + nameservers = [ + "2620:fe::fe#dns.quad9.net" + "9.9.9.9#dns.quad9.net" + "2620:fe::9#dns.quad9.net" + "149.112.112.112#dns.quad9.net" + ]; + + networkmanager = { + enable = true; + dhcp = "dhcpcd"; + dns = "systemd-resolved"; + }; + + useDHCP = lib.mkDefault false; + }; + + services.resolved = { + enable = true; + dnssec = "true"; + dnsovertls = "true"; + domains = [ "~." ]; + fallbackDns = [ ]; + }; +} diff --git a/hosts/layne/programs/default.nix b/hosts/layne/programs/default.nix new file mode 100644 index 0000000..00dca37 --- /dev/null +++ b/hosts/layne/programs/default.nix @@ -0,0 +1,17 @@ +{ pkgs, ... }: { + imports = [ + ./neovim.nix + ./starship.nix + ./zsh.nix + ]; + + programs.git.enable = true; + + environment.systemPackages = with pkgs; [ + sops + age + libraspberrypi + raspberrypi-eeprom + ]; + +} diff --git a/hosts/layne/programs/neovim.nix b/hosts/layne/programs/neovim.nix new file mode 100644 index 0000000..a70af6e --- /dev/null +++ b/hosts/layne/programs/neovim.nix @@ -0,0 +1,8 @@ +_: { + programs.neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + }; +} diff --git a/hosts/layne/programs/starship.nix b/hosts/layne/programs/starship.nix new file mode 100644 index 0000000..3de1b05 --- /dev/null +++ b/hosts/layne/programs/starship.nix @@ -0,0 +1,8 @@ +_: { + programs.starship = { + enable = true; + settings = { + add_newline = false; + }; + }; +} diff --git a/hosts/layne/programs/zsh.nix b/hosts/layne/programs/zsh.nix new file mode 100644 index 0000000..53468ac --- /dev/null +++ b/hosts/layne/programs/zsh.nix @@ -0,0 +1,10 @@ +_: { + programs = { + zsh = { + enable = true; + autosuggestions.enable = true; + syntaxHighlighting.enable = true; + }; + }; + environment.pathsToLink = [ "/share/zsh" ]; +} diff --git a/hosts/layne/security.nix b/hosts/layne/security.nix new file mode 100644 index 0000000..b2d7da4 --- /dev/null +++ b/hosts/layne/security.nix @@ -0,0 +1,9 @@ +_: { + security = { + sudo = { + wheelNeedsPassword = false; + }; + polkit.enable = true; + rtkit.enable = true; + }; +} diff --git a/hosts/layne/services/btrfs.nix b/hosts/layne/services/btrfs.nix new file mode 100644 index 0000000..dc00c6b --- /dev/null +++ b/hosts/layne/services/btrfs.nix @@ -0,0 +1,6 @@ +_: { + services.btrfs.autoScrub = { + enable = true; + fileSystems = [ "/mnt/system" ]; + }; +} diff --git a/hosts/layne/services/default.nix b/hosts/layne/services/default.nix new file mode 100644 index 0000000..680b32a --- /dev/null +++ b/hosts/layne/services/default.nix @@ -0,0 +1,3 @@ +_: { + imports = [ ./btrfs.nix ./ssh.nix ]; +} diff --git a/hosts/layne/services/ssh.nix b/hosts/layne/services/ssh.nix new file mode 100644 index 0000000..7cba6eb --- /dev/null +++ b/hosts/layne/services/ssh.nix @@ -0,0 +1,21 @@ +_: { + services.openssh = { + enable = true; + settings = { + KbdInteractiveAuthentication = false; + PasswordAuthentication = false; + PermitRootLogin = "no"; + }; + hostKeys = [ + { + path = "/persist/secrets/ssh/keys/ssh_host_ed25519_key"; + type = "ed25519"; + } + { + path = "/persist/secrets/ssh/keys/ssh_host_rsa_key"; + type = "rsa"; + bits = "4096"; + } + ]; + }; +} diff --git a/hosts/layne/wireguard.nix b/hosts/layne/wireguard.nix new file mode 100644 index 0000000..5e45d9a --- /dev/null +++ b/hosts/layne/wireguard.nix @@ -0,0 +1,42 @@ +{ config, ... }: { + sops.secrets = { + "wireguard/layne/pk" = { + mode = "400"; + owner = config.users.users.root.name; + group = config.users.users.root.group; + }; + "wireguard/layne/psk" = { + mode = "400"; + owner = config.users.users.root.name; + group = config.users.users.root.group; + }; + }; + + networking.firewall.trustedInterfaces = [ "wg0" ]; + networking.wireguard = { + enable = true; + interfaces = { + wg0 = { + ips = [ + "10.10.10.14/24" + "fd7c:585c:c4ae::14/64" + ]; + listenPort = 51834; + privateKeyFile = config.sops.secrets."wireguard/layne/pk".path; + peers = [ + { + name = "Proxy"; + endpoint = "165.232.180.97:51821"; + publicKey = "NNw/iDMCTq8mpHncrecEh4UlvtINX/UUDtCJf2ToFR4="; + presharedKeyFile = config.sops.secrets."wireguard/layne/psk".path; + persistentKeepalive = 20; + allowedIPs = [ + "10.10.10.0/24" + "fd7c:585c:c4ae::0/64" + ]; + } + ]; + }; + }; + }; +} diff --git a/secrets.yaml b/secrets.yaml index 8c71dad..73d7e38 100644 --- a/secrets.yaml +++ b/secrets.yaml @@ -17,6 +17,9 @@ wireguard: wynne: pk: ENC[AES256_GCM,data:50L8Rru7pVWa+19qltLynzYwh37HK3IbnjfBtf6REb7KpSTWvmK48JVchxw=,iv:PQylNCEGiyBIk/NxFSAFqrzCu5st9dkshQ6jyRt7yKs=,tag:ddhaCFCBQVxrPaqaHIvg2Q==,type:str] psk: ENC[AES256_GCM,data:cbO8D/kwhdsiYAqXAbdud0Bhm/tpmwcpdCmKcsvsnUFjy2fO9dYrd0/KbSA=,iv:oByAtlZTY7+taMoniU/dIecZG8XoHWwKVBHGri4xUv0=,tag:8vJm4n/8/jxHtS+E+iVvLw==,type:str] + layne: + pk: ENC[AES256_GCM,data:tmuYhe/7n65asRwmXXk7ZeYeS8SDovkLpaysXTmNvL+40IZw71Ju1lpJIrI=,iv:B4fhKqOkLwTWBpHD557Xrtn5GgTJJpWlFYCzNU1/Ipc=,tag:HBFGG35FB/UWkuVQWqo1EA==,type:str] + psk: ENC[AES256_GCM,data:5psT1pbRMDCBXHYg4z5zqsYTmgQgg0Df+xEtbEhf1YBzl6qEYyjLDhvpvaQ=,iv:wH9CqNBmLjlGlDPFZtTQ+tCVYBTkhLfwLc2nWNhlYCM=,tag:YWtFcx4YD6gh5qDnIYshfQ==,type:str] frp: token_file: ENC[AES256_GCM,data:y8QgggTJaQ2STMGNGT0RagUhBgA6H20plzEwd9jNhdXl1098URUV0288YoTnQcc=,iv:/BYWC2WYvXrlvNc97RJTfhf1IratSRU0vHcaxLXJ+V4=,tag:PlStSrzm09fW442uBHAiUg==,type:str] sops: @@ -28,59 +31,68 @@ sops: - recipient: age1w5rvr4nl8xvjjxpct4e2a2eajvm79v4r9nyxrcn40fm8d7h9l9cqkk0jtt enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMSW1zTkFrQVhOdVZkcFBI - OXJCODR6Tm16ZWpqSFYrWGFpZkZudWl4OGp3ClVlb1Iydi82VzEzMUZQSjhrYkh4 - aXdHZUVJK3lKbWk1SVRYWEpJUnNOODAKLS0tIHduMStCYVJ0MXZETGtFTEJXZHFm - elpscXhWcTh4OUs4anIxcFNENWNVMUEK6Pq9ayvzMq8kld55Glqu4qTDgEn/lhEk - 3OV2VXMw4ipR8J0gYw+z3PvepxJIDbblNG2VGXLQg9AGOiHSKDAPIQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhMWpGcmtXcVp5dmxSUWQ0 + RTBQd0RxNVdPODQrOVJOTjNiTkh4YjNVNzF3Cm5YUkxoT3ZPUmV2Q2xwbXBsSGl0 + c2drMXY3UnE2cHJjSjdHdW53TWUzaTgKLS0tIHJSdmQ2ZXF1NnJqTGtCUER3NEtY + ejBNdEltL252RXN6M2VlZ3IyNkgyMk0K76RGGt1tXnm76nm/k6V3OObgDEnQG0eP + DDJKBQiUOqFan5Yu83CgkOFpFw+2eMFw23RFDoLmCMi8/dqAbQAqvw== -----END AGE ENCRYPTED FILE----- - recipient: age1mhks8qmhjrtc2u5ufvp3pv2hn7tkadvmscnp7wd0ywmnse0szctqsnpy0a enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDaVVFekhVUklrOUxHMzNh - dm9ENENPMWJIUVVxK1UvblVGKzJ1TXZETzJBCnVuRllDMkxOcjliMG1ZZ2VXZEM5 - QXRQZGVhai9jcFlYK0RicjZ2UWZQMDgKLS0tIFFPZjlHbjFoUjcrbWoxMFVndWJW - TTJtTVcrZWhYaHNHUUVXRExISWh4QzAKbHhOlpdhsGyFMndkN5UwWvrGiOvl09dp - 1xS9ymEq+yTP6DsmF+wDOr4/cRRolX8ynYuieeAUc0mr68aBzcjcxg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4WEl5MDNuY2VvRTh5eU5N + dFZsOEVmMklkZ3lHSG9SRTdzeTFmdGp0YURnCkxjOWJrRTA4MWh1Y0UvVDNMSFov + b1Zmc2R2MkNTUDVmVlU5c2J5Q0R5OVEKLS0tIE1HYk1veEg1NUpkQzZmWE5NeVM2 + Rk5sYy85VkhLb1hpRXB2M3Ntb1BocWsKy82qsGfMLs8HSJ5yHm0TmxQQL+JYNXDs + KjUeabcRK5Y5tE/z/axYAFz+y9ib7gfVQ7O1rb7Wa78OnxbeZxZYTA== -----END AGE ENCRYPTED FILE----- - recipient: age106k9u5ns9h7smh3gqc40k9fft5emknvq669qdv8a29ak3ah4j38s5ng2gt enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwdHpRN04vN2V3ZXpvQm9F - cHMzMjlWVVJXeVZBVWxWbXo2ZHcrVE9xOTBNCi9wdTdtY2ZGQ1Z3Y3BXd1IvSWhk - QTlvZWM1Qk1pK0hmYmtRYlkwZGFHVmcKLS0tIEV2djNaN3VjS1pyeE9reTIwWEkx - UEh3c2IyL1pLRXZmaSt4TmZHYi9UWm8KX3iBWz5EpXyJJPOrcrjDqtNe8uTPpvSx - THSITlihwTMuTm/38lO/FlaPn8HnygJD/rb0QPGrqM8Byko8RNXC7g== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1QnlsNk03OFpEUzgzNVRD + RTJzR3dPV1hRTTNxeWU0dDA4L2lEZWQ4ank0CkdmdjM1SytORWg3VWUvdEtqQkRZ + NzNTWWd3bzhncFFpNC9WQ3RMR1ZGRVEKLS0tIENmSWNibkxXS3p6NTVLczVrZDQ0 + ZVFSb3JMNHZPWnFuRTZteXJPK2x1RDAKgcCvJcOerFinIkxZMscYpIzm2DRR/Iqe + hkzGGyiL++jb5pii9FjOk0IyWmRajWxSopbixNF0EpFZB7SvuywM6w== -----END AGE ENCRYPTED FILE----- - recipient: age1829x4l8vdhcn97af0zq898tupll0smrqywxka4pswkt6mtn8qp7qqnnnl4 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLMk1iOXc2TWNvUDBJb21G - OGYrUGpiRWhhK2ZkZDB2cTlVYndoOVVrTkZNCkVxejVldUkvelhNK1kzSUNpQ01q - MEdrV210R1c2YUhrbjJGNmxCcStyNDAKLS0tIGthZ0FUdlZMd0xla3dVOEJDbWlw - KzY3MEg2bGd2RzQvdTB2Z21ka3NjakEKDBzzhXsjq3ZSc+P8ukwdgGU5iiA9FZ3l - yH0gaQgliBR5/KUHAoyPf9ksPxn8XVMlTvDMv1OZv2W5X3LkAWe9GA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzcGRmZHJYU3BxRUNZcStS + Q3RQcncxWjNOcVgzOGFuRDJDMGRKUXgxZld3CnVvY0ZFSHp4Q01wQlpsWHBOeGhs + TEdudVg2RVRLT1A0VngvbFlORXg5U2sKLS0tIFhkVnkzaVdxWlptTDE0N3cvZ3Ft + Zy93VlBLOU9lRm1JU2Q1WUNOY0UwYXcKRXB/cx+C1RI/KTPhBSAX6WYJfTZeT0fJ + i9syUWhIxpozsaXhN4wRw3fdQCFtDI8zXqqqpWoV9Pc3mU1SakWI+A== -----END AGE ENCRYPTED FILE----- - recipient: age19uy6xerll6st3s3ftfpy7075m9eetm2288l2w07k7ek6z2l3ef6qfw34cf enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvV2xyNXR4RXRtSU1vMVZG - RWVSdUQvYjlUUi83K0JMUDJZSlE0bDFhaW13CnhKbFlXaGRrOHVTSmV2ZGlNUy9t - akJCZ2E4Z1JsNmNoUjRyQ1BrSjgxUzQKLS0tIFBFdUZQWUtHczd0MjZGblphVG9P - dVN0THNhTmU2cUNESmlKS2NuLzBPcnMKa5C1EBeB9bMgUi+vzZOLi0zA2idZ+516 - 9lC2DAEI1ZkdeDhiRO5emj3/isrtbs0ODk9zC60lc7nHE4PrpreYCg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4RkE3dGVBUW5zTmdnSGd1 + ZkhDVTFNSkFQUDZvMjdObXdOTk1BMDBFM0FzCi9hTjUwdmQ5dytmUEdlN0VJRzAw + NWs3b2Z6L21QMTVZRGM1dm5GS0ZmdzAKLS0tIHpsbGk2N1RGRmtZMTR2MTFYTWRs + Z2d5cEczcFZUZTVGUFdiY2hKOEV5T1kKoJm8Y0yqY/Zxu/WMlnGsLZNEeAnXPLgz + kKmcVecpz/mOJ4rrnx+PsrPLhnL2ZW5ZavcmMaUJy7QNZ/XBgEZhCA== -----END AGE ENCRYPTED FILE----- - recipient: age1jyaf9rn5d5pqjh60shs2q5hs98fwugak8z6cs6qs7yuc3wntugmsumxmv0 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFYmdnM2J2eDVkaGJlRnkw - VjlTaHNuOEVmRFpNV2hIbVBoZWFWZ3Era1VnCklOZFRVVGpTUjNuUGVoL3hoZFV6 - bFRXS29xNXJSakJ1cVo3ZERvZ0dqR0EKLS0tIHhjS0xOWFpEMTRHSGQ1cGYyYlZX - eWFtWnBOeDd0ZzBkZXU5azR4aGNEVmMKCgMM4bWM/QLrFivkYlPbeQwX1+2mdF8a - JeMYwo6CJSCGQsDmlomYmhE5ezxI+FNoFjTH0+gMcMvgDmNyHJE0Qg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYV2NNOFAvOWlESGJRN29w + cFBTR0JBY295c2drbm1LSVA2MXhGNDcrcmlvCk1WU3ltMmJuOXdYVkJacmJmeExH + ZU1YSnhDaXVqa1ZmcmdIYXJKS2o5VjAKLS0tIFlGVHFJTC9hQy9EWTJhWU4rdkdS + S2ZBMDNpMTdTQWtzc1o0dm9JRnU4SXMK/jC+w8/yeGuFOyWzDnPJI19+oNleiwDw + qtRbjD8+hCTDPUB78nZYSEKVWB4lcLEhT846W8V8xF4vM+EyCEbiHw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-03T11:30:10Z" - mac: ENC[AES256_GCM,data:9EpPVfpoJGt+3xejSjKxpuKDuiaWMVjK8tpDZPEXXmCfkVb9vuV/YRknu1BrPSTFCLb08JtBIF0Ip9WKcUk/u7gR+NKkdQW3QgilkNdxwUDnp4399GpJ6JfbdFIscDAuf743QDx/iSxuZjNVwjBXGPN/xWlnZ10/hxuWdqcc1eY=,iv:i7YBsoRMLRR3kJgYcbgo0T0GLGPXsA3vVPVEBWZHb3s=,tag:e1bdGlASOSbSm14f6NmfHw==,type:str] + - recipient: age1k2wpm88wms6hx3ldvu0n2je7pag9fexs9eq0e8hlkfcs2dx9eg9qlkf95d + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzUCtlRnRtK0tZOGpQOTlk + MzRaRFhXV2kzUHVYYlFQcm93UVllVVFyY1dVCmFLNlRvNjJBaW5GWmJ6eFhsWmtY + N2trOERxTmNHWXUwNk9BcmVleEpXTVUKLS0tIFYzL005bDZaUVVQWW1nd2JKWlFk + YzdpTitkMHh6VUFtV2FodVF6OWJkTU0KBjC+esgHZ8hTWXwZ+cy4++jLP+gsruHM + fmRDhvQu0MNHkjQ8q4VmwRVl10uc8CyTDFTuyDoAhvmnzXHtrg1wpA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-07-03T13:51:56Z" + mac: ENC[AES256_GCM,data:y/hxvGH/43Dy9p0ZTzU5QVRekOkl4Zl9aHErfQm6Php0M5ED+wXYoNePyM3TKe5oxJRqR4iWHAeP3T0j3FUzmmvB2Io9U3C5qKkysUbWES5t/UHGmtIlFuXsJ0ET4YnbRh80Kdje++Q8KK3wHrzaAM0aqebZzxipU1fZ8NItvQo=,iv:9jw61oPYxIOzJ3Vc4HNyB2ZBoassa3w9QdUTk7sLKUk=,tag:yOBQIxd0hWDTu0aNUxQDbw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1