diff --git a/flakes/common/hm_modules/tmux/default.nix b/flakes/common/hm_modules/tmux/default.nix index 7e3038b..6d67f51 100644 --- a/flakes/common/hm_modules/tmux/default.nix +++ b/flakes/common/hm_modules/tmux/default.nix @@ -68,9 +68,4 @@ } ]; }; - - home.shellAliases = { - t = "tmux"; - tat = "tmux attach-session"; - }; } diff --git a/flakes/common/nix_modules/docker.nix b/flakes/common/nix_modules/docker.nix new file mode 100644 index 0000000..416d2fc --- /dev/null +++ b/flakes/common/nix_modules/docker.nix @@ -0,0 +1,17 @@ +{ + config, + ... +}: + +{ + virtualisation.docker = { + enable = true; + autoPrune.enable = true; + }; + users.extraGroups.docker.members = builtins.AttrNames config.users.users; + environment.shellAliases = { + dockerv = "docker volume"; + dockeri = "docker image"; + dockerc = "docker container"; + }; +} diff --git a/flakes/common/nix_modules/essentials/default.nix b/flakes/common/nix_modules/essentials/default.nix new file mode 100644 index 0000000..e6f2ce0 --- /dev/null +++ b/flakes/common/nix_modules/essentials/default.nix @@ -0,0 +1,55 @@ +{ + lib, + pkgs, + ... +}: +with lib; +{ + environment.systemPackages = with pkgs; [ + # Essentials + vim + nano + wget + curl + traceroute + dig + fastfetch + jq + bat + htop + unzip + fzf + ripgrep + lsof + killall + speedtest-cli + ]; + + environment.shellAliases = { + n = "nvim"; + nn = "nvim --headless '+SessionDelete' +qa > /dev/null 2>&1 && nvim"; + bat = "bat --theme Coldark-Dark"; + cat = "bat --pager=never -p"; + + # TODO this may not be needed now that I am using `nh` clean mode (see /hosts/_common/configuration.nix#programs.nh) + nix-boot-clean = "find '/boot/loader/entries' -type f ! -name 'windows.conf' | head -n -4 | xargs -I {} rm {}; nix store gc; nixos-rebuild boot; echo; df"; + ndr = "nix-direnv-reload"; + + # general unix + date_compact = "date +'%Y%m%d'"; + date_short = "date +'%Y-%m-%d'"; + ls = "ls --color -Gah"; + ll = "ls --color -Galhtr"; + lss = "du --max-depth=0 -h {.,}* 2>/dev/null | sort -hr"; + psg = "ps aux | head -n 1 && ps aux | grep -v 'grep' | grep"; + + # ripgrep + rg = "rg --no-ignore"; + rgf = "rg --files --glob '!/nix/store/**' 2>/dev/null | rg"; + }; + + environment.shellInit = lib.concatStringsSep "\n\n" [ + (builtins.readFile ./unix_utils.func.sh) + (builtins.readFile ./nixpkg.func.sh) + ]; +} diff --git a/flakes/common/nix_modules/essentials/nixpkg.func.sh b/flakes/common/nix_modules/essentials/nixpkg.func.sh new file mode 100644 index 0000000..956a539 --- /dev/null +++ b/flakes/common/nix_modules/essentials/nixpkg.func.sh @@ -0,0 +1,13 @@ +# nix +alias nixpkgs=nixpkg +nixpkg () { + if [ $# -eq 0 ]; then + echo "Error: No arguments provided. Please specify at least one package." + return 1 + fi + cmd="nix shell" + for pkg in "$@"; do + cmd="$cmd \"nixpkgs#$pkg\"" + done + eval $cmd +} diff --git a/flakes/common/nix_modules/essentials/unix_utils.func.sh b/flakes/common/nix_modules/essentials/unix_utils.func.sh new file mode 100644 index 0000000..3120f6d --- /dev/null +++ b/flakes/common/nix_modules/essentials/unix_utils.func.sh @@ -0,0 +1,65 @@ +# Check if ~/.config/environment exists and source all files within it +if [ -d "$HOME/.config/environment" ]; then + for file in "$HOME/.config/environment/"*; do + if [ -r "$file" ]; then + if ! . "$file"; then + echo "Failed to source $file" + fi + fi + done +fi + +htop_psg () { + htop -p $(psg $1 | awk '{r=r s $2;s=","} END{print r}') +} + +htop_pid () { + htop -p $(ps -ef | awk -v proc=$1 '$3 == proc { cnt++;if (cnt == 1) { printf "%s",$2 } else { printf ",%s",$2 } }') +} + +psg_kill() { + ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do + if [ -n "${pid}" ]; then + echo "killing ${pid}" + kill -9 "${pid}" &> /dev/null + fi + done +} + +psg_terminate() { + ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do + if [ -n "${pid}" ]; then + echo "Terminating ${pid}" + kill -15 "${pid}" &> /dev/null + fi + done +} + +psg_skill() { + ps aux | grep -v "grep" | grep "${1}" | awk '{print $2}' | while read -r pid; do + if [ -n "${pid}" ]; then + echo "Killing ${pid}" + sudo kill -9 "${pid}" &> /dev/null + fi + done +} + +mail_clear() { + : > /var/mail/$USER +} + +speedtest_fs () { + dir=$(pwd) + drive=$(df -h ${dir} | awk 'NR==2 {print $1}') + echo Testing read speeds on drive ${drive} + sudo hdparm -Tt ${drive} + test_file=$(date +%u%m%d) + test_file="${dir}/speedtest_fs_${test_file}" + echo + echo Testing write speeds into test file: ${test_file} + dd if=/dev/zero of=${test_file} bs=8k count=10k; rm -f ${test_file} +} + +speedtest_internet () { + speedtest-cli +} diff --git a/flakes/common/nix_modules/git/branch.func.sh b/flakes/common/nix_modules/git/branch.func.sh new file mode 100644 index 0000000..03908fc --- /dev/null +++ b/flakes/common/nix_modules/git/branch.func.sh @@ -0,0 +1,213 @@ +branch() { + local branch_name=${1:-} + + # helper: set tmux window name. If tmux is in auto mode, always rename. + # If tmux is manual but the current window name matches the previous branch, + # allow renaming from previous branch name to the new one. + _branch__maybe_set_tmux_name() { + if ! command -v tmux_window >/dev/null 2>&1; then + return 1 + fi + local new_name prev_branch tmux_status tmux_cur + new_name=${1:-} + prev_branch=${2:-} + tmux_status=$(tmux_window status 2>/dev/null || true) + if [ "$tmux_status" = "auto" ]; then + tmux_window rename "$new_name" 2>/dev/null || true + return 0 + fi + # tmux is manual. If the current tmux name matches the previous branch, + # we consider it safe to update it to the new branch name. + if [ -n "$prev_branch" ]; then + tmux_cur=$(tmux_window get 2>/dev/null || true) + if [ "$tmux_cur" = "$prev_branch" ]; then + tmux_window rename "$new_name" 2>/dev/null || true + fi + fi + } + + # helper: revert tmux to automatic rename only if current tmux name matches previous branch + _branch__revert_tmux_auto() { + if ! command -v tmux_window >/dev/null 2>&1; then + return 1 + fi + local prev_branch=${1:-} + if [ -z "$prev_branch" ]; then + tmux_window rename 2>/dev/null || true + return 0 + fi + local tmux_cur + tmux_cur=$(tmux_window get 2>/dev/null || true) + if [ "$tmux_cur" = "$prev_branch" ]; then + tmux_window rename 2>/dev/null || true + fi + } + + # Determine repo root early so we can run branches inside it + local common_dir + if ! common_dir=$(git rev-parse --git-common-dir 2>/dev/null); then + echo "Not inside a git repository." >&2 + return 1 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + local repo_dir="${common_dir%%/.git*}" + if [ -z "$repo_dir" ]; then + echo "Unable to determine repository root." >&2 + return 1 + fi + + # If no branch was provided, present an interactive selector combining local and remote branches + if [ -z "$branch_name" ]; then + if ! command -v fzf >/dev/null 2>&1; then + echo "Usage: branch " >&2 + return 2 + fi + + local branches_list_raw branches_list selection + # Gather local and remote branches with fallbacks to ensure locals appear + branches_list_raw="" + if declare -f local_branches >/dev/null 2>&1; then + branches_list_raw=$(cd "$repo_dir" && local_branches 2>/dev/null || true; cd "$repo_dir" && remote_branches 2>/dev/null || true) + fi + branches_list=$(printf "%s +" "$branches_list_raw" | awk '!seen[$0]++') + if [ -z "$branches_list" ]; then + echo "No branches found." >&2 + return 1 + fi + + fzf_out=$(printf "%s\n" "$branches_list" | fzf --height=40% --prompt="Select branch: " --print-query) + if [ -z "$fzf_out" ]; then + echo "No branch selected." >&2 + return 1 + fi + branch_query=$(printf "%s\n" "$fzf_out" | sed -n '1p') + branch_selection=$(printf "%s\n" "$fzf_out" | sed -n '2p') + if [ -n "$branch_selection" ]; then + branch_name="$branch_selection" + else + # user typed something in fzf but didn't select: use that as new branch name + branch_name=$(printf "%s" "$branch_query" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//') + fi + fi + + local repo_base repo_hash default_branch + repo_base=$(basename "$repo_dir") + repo_hash=$(printf "%s" "$repo_dir" | sha1sum | awk '{print $1}') + + default_branch=$(getdefault) + + # capture current branch name as seen by tmux so we can decide safe renames later + local prev_branch + prev_branch=$(git -C "$PWD" rev-parse --abbrev-ref HEAD 2>/dev/null || true) + + # Special-case: jump to the main working tree on the default branch + if [ "$branch_name" = "default" ] || [ "$branch_name" = "master" ] || [ "$branch_name" = "$default_branch" ]; then + if [ "$repo_dir" = "$PWD" ]; then + echo "Already in the main working tree on branch '$default_branch'." + return 0 + fi + echo "Switching to main working tree on branch '$default_branch'." + # capture current branch name as seen by tmux so we only revert if it matches + prev_branch=$(git -C "$PWD" rev-parse --abbrev-ref HEAD 2>/dev/null || true) + cd "$repo_dir" || return 1 + _branch__revert_tmux_auto "$prev_branch" || true + return 0 + fi + + # If a worktree for this branch is already registered elsewhere, open a shell there + local existing + existing=$(git -C "$repo_dir" worktree list --porcelain 2>/dev/null | awk -v b="$branch_name" 'BEGIN{RS="";FS="\n"} $0 ~ "refs/heads/"b{for(i=1;i<=NF;i++) if ($i ~ /^worktree /){ sub(/^worktree /,"",$i); print $i }}') + if [ -n "$existing" ]; then + echo "Opening existing worktree for branch '$branch_name' at '$existing'." + cd "$existing" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + + # Ensure we have up-to-date remote info + git -C "$repo_dir" fetch --all --prune || true + + local wt_root wt_path + if [ -z "$xdg" ]; then + xdg="${XDG_DATA_HOME:-$HOME/.local/share}" + fi + wt_root="$xdg/git_worktrees/${repo_base}_${repo_hash}" + wt_path="$wt_root/$branch_name" + + # ensure worktree root exists + if [ ! -d "$wt_root" ]; then + mkdir -p "$wt_root" || { echo "Failed to create worktree root: $wt_root" >&2; return 1; } + fi + + # If worktree already exists at our expected path, open a shell there + if [ -d "$wt_path" ]; then + echo "Opening existing worktree at '$wt_path'." + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + + local branch_exists branch_from local_exists + branch_exists=$(git -C "$repo_dir" ls-remote --heads origin "$branch_name" | wc -l) + # check if a local branch exists + if git -C "$repo_dir" show-ref --verify --quiet "refs/heads/$branch_name"; then + local_exists=1 + else + local_exists=0 + fi + + branch_from="$default_branch" + if [ "$branch_exists" -eq 0 ]; then + if [ "$local_exists" -eq 1 ]; then + branch_from="$branch_name" + echo "Branch '$branch_name' exists locally; creating worktree from local branch." + else + echo "Branch '$branch_name' does not exist on remote; creating from '$branch_from'." + fi + else + branch_from="origin/$branch_name" + echo "Branch '$branch_name' exists on remote; creating worktree tracking it." + fi + + echo "Creating new worktree for branch '$branch_name' at '$wt_path'." + + # Try to add or update worktree from the resolved ref. Use a fallback path if needed. + if [ "$local_exists" -eq 1 ]; then + if git -C "$repo_dir" worktree add "$wt_path" "$branch_name" 2>/dev/null; then + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + + else + if git -C "$repo_dir" worktree add -b "$branch_name" "$wt_path" "$branch_from" 2>/dev/null; then + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + fi + fi + + # Fallback: try to resolve a concrete SHA and create the branch ref locally, then add worktree + local start_sha + if start_sha=$(git -C "$repo_dir" rev-parse --verify "$branch_from" 2>/dev/null); then + if git -C "$repo_dir" branch "$branch_name" "$start_sha" 2>/dev/null; then + if git -C "$repo_dir" worktree add "$wt_path" "$branch_name" 2>/dev/null; then + cd "$wt_path" || return 1 + _branch__maybe_set_tmux_name "$branch_name" "$prev_branch" || true + return 0 + else + git -C "$repo_dir" branch -D "$branch_name" 2>/dev/null || true + rmdir "$wt_path" 2>/dev/null || true + echo "Failed to add worktree after creating branch ref." >&2 + return 1 + fi + fi + fi + + echo "Failed to add worktree for branch '$branch_name'." >&2 + rmdir "$wt_path" 2>/dev/null || true + return 1 +} diff --git a/flakes/common/nix_modules/git/branchd.func.sh b/flakes/common/nix_modules/git/branchd.func.sh new file mode 100644 index 0000000..a7769d2 --- /dev/null +++ b/flakes/common/nix_modules/git/branchd.func.sh @@ -0,0 +1,131 @@ +branchdel() { + # branchdel — remove a branch worktree (optional branch arg) + local branch_arg + branch_arg="$1" + local wt_path + wt_path=$(pwd) + local common_dir repo_dir + if ! common_dir=$(git rev-parse --git-common-dir 2>/dev/null); then + echo "Not inside a git repository." >&2 + return 1 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + repo_dir="${common_dir%%/.git*}" + if [ -z "$repo_dir" ]; then + echo "Unable to determine repository root." >&2 + return 1 + fi + + # determine current branch in this worktree + local current default_branch branch target_wt + current=$(git rev-parse --abbrev-ref HEAD 2>/dev/null) || { echo "Not inside a git repository." >&2; return 1; } + + default_branch=$(getdefault) + + # choose branch: provided arg or current + if [ -z "$branch_arg" ]; then + branch="$current" + else + branch="$branch_arg" + fi + # normalize branch name if refs/heads/ was provided + branch="${branch#refs/heads/}" + + # don't remove default + if [ "$branch" = "$default_branch" ] || [ "$branch" = "default" ]; then + echo "Refusing to remove default branch worktree ($default_branch)." >&2 + return 1 + fi + + # find the worktree path for the requested branch + target_wt=$(git -C "$repo_dir" worktree list --porcelain 2>/dev/null | awk -v b="refs/heads/$branch" ' + $1=="worktree" { w=$2 } + $1=="branch" && $2==b { print w; exit } + ') + + # if not found in worktree list, check main worktree branch + if [ -z "$target_wt" ]; then + local main_branch + main_branch=$(git -C "$repo_dir" rev-parse --abbrev-ref HEAD 2>/dev/null || true) + if [ "$main_branch" = "$branch" ]; then + target_wt="$repo_dir" + fi + fi + + if [ -z "$target_wt" ]; then + echo "No worktree found for branch '$branch'." >&2 + return 1 + fi + + if [ "$target_wt" = "$repo_dir" ]; then + echo "Branch '$branch' is the main worktree at '$repo_dir'. Will not delete main worktree." >&2 + return 1 + fi + + # if we're currently in that branch/worktree, switch to default and cd to repo root first + if [ "$current" = "$branch" ]; then + echo "Currently on branch '$branch' in '$wt_path'. Switching to default branch '$default_branch' in main worktree..." + if declare -f branch >/dev/null 2>&1; then + branch default || { echo "Failed to switch to default branch" >&2; return 1; } + else + git -C "$repo_dir" checkout "$default_branch" || { echo "Failed to checkout default branch" >&2; return 1; } + fi + cd "$repo_dir" || { echo "Failed to change directory to repo root: $repo_dir" >&2; return 1; } + fi + + echo "Removing worktree at: $target_wt" + # helper: attempt a guarded, forceful removal of a directory + remove_dir_forcefully() { + local dir="$1" + if [ -z "$dir" ]; then + return 1 + fi + # resolve absolute paths + local abs_dir abs_repo + abs_dir=$(readlink -f -- "$dir" 2>/dev/null) || abs_dir="$dir" + abs_repo=$(readlink -f -- "$repo_dir" 2>/dev/null) || abs_repo="$repo_dir" + + # safety checks: do not remove repository root or / + if [ "$abs_dir" = "/" ] || [ "$abs_dir" = "$abs_repo" ]; then + echo "Refusing to remove unsafe path: $abs_dir" >&2 + return 1 + fi + + # try plain rm -rf + rm -rf -- "$abs_dir" 2>/dev/null && return 0 + + # fix permissions then try again + chmod -R u+rwx "$abs_dir" 2>/dev/null || true + rm -rf -- "$abs_dir" 2>/dev/null && return 0 + + # try removing contents first, then remove directory + if find "$abs_dir" -mindepth 1 -exec rm -rf -- {} + 2>/dev/null; then + rmdir "$abs_dir" 2>/dev/null || true + fi + + # final existence check + [ ! -e "$abs_dir" ] + } + + # try unregistering the worktree, prefer normal then fallback to --force + if git -C "$repo_dir" worktree remove "$target_wt" 2>/dev/null || git -C "$repo_dir" worktree remove --force "$target_wt" 2>/dev/null; then + if remove_dir_forcefully "$target_wt"; then + echo "Removed worktree: $target_wt" + else + echo "Worktree removed from git, but failed to fully delete directory: $target_wt" >&2 + echo "Attempted to force-delete; you may need to remove it manually with sudo." >&2 + fi + + # delete local branch if it exists + if git -C "$repo_dir" show-ref --verify --quiet "refs/heads/$branch"; then + git -C "$repo_dir" branch -D "$branch" 2>/dev/null || true + echo "Deleted local branch: $branch" + fi + return 0 + fi + + echo "Failed to remove worktree: $target_wt" >&2 + return 1 +} diff --git a/flakes/common/nix_modules/git/default.nix b/flakes/common/nix_modules/git/default.nix new file mode 100644 index 0000000..d3157a8 --- /dev/null +++ b/flakes/common/nix_modules/git/default.nix @@ -0,0 +1,32 @@ +{ + lib, + pkgs, + ... +}: +with lib; +{ + environment.systemPackages = with pkgs; [ + git + ]; + + environment.shellAliases = { + # git + status = "git status"; + diff = "git diff"; + branches = "git branch -a"; + gcam = "git commit -a -m"; + gcm = "git commit -m"; + stashes = "git stash list"; + bd = "branch default"; + li = "link_ignored"; + bx = "branchdel"; + b = "branch"; + }; + + environment.shellInit = lib.concatStringsSep "\n\n" [ + (builtins.readFile ./utils.func.sh) + (builtins.readFile ./branch.func.sh) + (builtins.readFile ./branchd.func.sh) + (builtins.readFile ./link_ignored.func.sh) + ]; +} diff --git a/flakes/common/nix_modules/git/link_ignored.func.sh b/flakes/common/nix_modules/git/link_ignored.func.sh new file mode 100644 index 0000000..0043ed9 --- /dev/null +++ b/flakes/common/nix_modules/git/link_ignored.func.sh @@ -0,0 +1,159 @@ +link_ignored() { + local DRY_RUN=0 + local USE_FZF=1 + local -a PATTERNS=() + + while [ $# -gt 0 ]; do + case "$1" in + --dry-run) DRY_RUN=1; shift ;; + --no-fzf) USE_FZF=0; shift ;; + -h|--help) link_ignored_usage; return 0 ;; + --) shift; break ;; + *) PATTERNS+=("$1"); shift ;; + esac + done + + link_ignored_usage() { + cat </dev/null); then + echo "Error: not in a git repository." >&2 + return 2 + fi + if [ "${common_dir#/}" = "$common_dir" ]; then + common_dir="$(pwd)/$common_dir" + fi + repo_root="${common_dir%%/.git*}" + if [ -z "$repo_root" ]; then + echo "Error: unable to determine repository root." >&2 + return 2 + fi + + local -a candidates=() + while IFS= read -r -d '' file; do + candidates+=("$file") + done < <(git -C "$repo_root" ls-files --others --ignored --exclude-standard -z || true) + + if [ ${#candidates[@]} -eq 0 ]; then + echo "No untracked/ignored files found in $repo_root" + return 0 + fi + + local -a tops=() + for c in "${candidates[@]}"; do + c="${c%/}" + local top="${c%%/*}" + [ -z "$top" ] && continue + local found=0 + for existing in "${tops[@]}"; do + [ "$existing" = "$top" ] && found=1 && break + done + [ "$found" -eq 0 ] && tops+=("$top") + done + + if [ ${#tops[@]} -eq 0 ]; then + echo "No top-level ignored/untracked entries found in $repo_root" + return 0 + fi + + local -a filtered + if [ ${#PATTERNS[@]} -gt 0 ]; then + for t in "${tops[@]}"; do + for p in "${PATTERNS[@]}"; do + if [[ "$t" == *"$p"* ]]; then + filtered+=("$t") + break + fi + done + done + else + filtered=("${tops[@]}") + fi + + if [ ${#filtered[@]} -eq 0 ]; then + echo "No candidates match the provided patterns." >&2 + return 0 + fi + + local -a chosen + if command -v fzf >/dev/null 2>&1 && [ "$USE_FZF" -eq 1 ]; then + local selected + selected=$(printf "%s\n" "${filtered[@]}" | fzf --multi --height=40% --border --prompt="Select files to link: " --preview "if [ -f '$repo_root'/{} ]; then bat --color always --paging=never --style=plain '$repo_root'/{}; else ls -la '$repo_root'/{}; fi") + if [ -z "$selected" ]; then + echo "No files selected." && return 0 + fi + chosen=() + while IFS= read -r line; do + chosen+=("$line") + done <&2 + errors+=("$rel (link failed)") + fi + fi + done + + echo + echo "Summary:" + echo " Linked: ${#created[@]}" + [ ${#created[@]} -gt 0 ] && printf ' %s\n' "${created[@]}" + echo " Skipped: ${#skipped[@]}" + [ ${#skipped[@]} -gt 0 ] && printf ' %s\n' "${skipped[@]}" + echo " Errors: ${#errors[@]}" + [ ${#errors[@]} -gt 0 ] && printf ' %s\n' "${errors[@]}" + + return 0 +} diff --git a/flakes/common/nix_modules/git/utils.func.sh b/flakes/common/nix_modules/git/utils.func.sh new file mode 100644 index 0000000..1ebdae3 --- /dev/null +++ b/flakes/common/nix_modules/git/utils.func.sh @@ -0,0 +1,133 @@ +# git +getdefault () { + git remote show origin | grep "HEAD branch" | sed 's/.*: //' +} + +master () { + branch $(getdefault) + git checkout $(getdefault) + pull +} + +mp () { + master + prunel +} + +pullmaster () { + git pull origin $(getdefault) +} + +push () { + B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') + git pull origin $B + git push origin $B --no-verify +} + +pull () { + git fetch + B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') + git pull origin $B +} + +forcepush () { + B=$(git branch | sed -n -e 's/^\* \(.*\)/\1/p') + git push origin $B --force +} + +remote_branches () { + git for-each-ref --format='%(refname:short)' refs/remotes 2>/dev/null | sed 's#^[^/]*/##' | grep -v '^HEAD$' || true +} + +local_branches () { + git for-each-ref --format='%(refname:short)' refs/heads 2>/dev/null || true +} + +prunel () { + git fetch + git remote prune origin + + for local in $(local_branches); do + in=false + for remote in $(remote_branches); do + if [[ ${local} = ${remote} ]]; then + in=true + fi + done; + if [[ $in = 'false' ]]; then + git branch -D ${local} + else + echo 'Skipping branch '${local} + fi + done; +} + +from_master () { + git checkout $(getdefault) $@ +} + +stash() { + local branch + branch=$(git rev-parse --abbrev-ref HEAD 2>/dev/null) + local datetime + datetime=$(date +"%Y-%m-%d_%H-%M") + local default_label="${datetime}_${branch}" + if [ -n "$ZSH_VERSION" ]; then + read "label?Stash label [default: $default_label]: " + else + read -e -p "Stash label [default: $default_label]: " label + fi + label=${label:-$default_label} + git stash push -u -k -m "$label" +} + +pop() { + local selection + selection=$(git stash list | \ + fzf --prompt="Select stash to pop: " \ + --preview="git stash show -p \$(echo {} | awk -F: '{print \$1}') | bat --color always --paging=never --style=plain -l diff") + [ -z "$selection" ] && echo "No stash selected." && return 1 + local stash_ref + stash_ref=$(echo "$selection" | awk -F: '{print $1}') + echo "Popping $stash_ref..." + git stash pop "$stash_ref" +} + +delstash() { + local selection + selection=$(git stash list | \ + fzf --prompt="Select stash to pop: " \ + --preview="git stash show -p \$(echo {} | awk -F: '{print \$1}') | bat --color always --paging=never --style=plain -l diff") + [ -z "$selection" ] && echo "No stash selected." && return 1 + local stash_ref + stash_ref=$(echo "$selection" | awk -F: '{print $1}') + echo "About to delete $stash_ref." + git stash drop "$stash_ref" +} + +# Marks some files as in "git" but they won't actually get pushed up to the git repo +# Usefull for `gintent .envrc flake.lock flake.nix` to add nix items required by flakes in a git repo that won't want flakes added +gintent() { + for file in "$@"; do + if [ -f "$file" ]; then + git add --intent-to-add "$file" + git update-index --assume-unchanged "$file" + echo "Intent added for $file" + else + echo "File not found: $file" + fi + done +} +alias gintentnix="gintent .envrc flake.lock flake.nix" + +gintent_undo() { + for file in "$@"; do + if [ -f "$file" ]; then + git update-index --no-assume-unchanged "$file" + echo "Intent removed for $file" + else + echo "File not found: $file" + fi + done +} +alias gintentnix_undo="gintent_undo .envrc flake.lock flake.nix" diff --git a/flakes/common/nix_modules/hardening.nix b/flakes/common/nix_modules/hardening.nix new file mode 100644 index 0000000..9e3ac3f --- /dev/null +++ b/flakes/common/nix_modules/hardening.nix @@ -0,0 +1,87 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + environment.systemPackages = with pkgs; [ + openssh + autossh + ]; + + # name this computer + networking = { + # hostName = top_cfg.systemName; + nftables.enable = true; + # Clears firewall rules on reboot, only ones set in config will be remade + nftables.flushRuleset = true; + firewall.enable = true; + }; + + # TODO invesitgate onensnitch usage and rules I may want. It is cumbersome with flushRuleset above... + # services.opensnitch = { + # enable = true; + # settings = { + # Firewall = if config.networking.nftables.enable then "nftables" else "iptables"; + # InterceptUknown = true; + # ProcMonitorMethod = "ebpf"; + # DefaultAction = "deny"; + # }; + # rules = { + # + # }; + # }; + + # Use fail2ban + services.fail2ban = { + enable = true; + # Ignore my tailnet + ignoreIP = [ + "100.64.0.0/10" + ]; + }; + + # Open ports in the firewall if enabled. + networking.firewall.allowedTCPPorts = [ + 22 # sshd + ]; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + settings = { + LogLevel = "VERBOSE"; + PermitRootLogin = "yes"; + PasswordAuthentication = false; + }; + }; + + # Ensure SSH key pair generation for non-root users + systemd.services = lib.mapAttrs' (name: _: { + name = "generate_ssh_key_${name}"; + value = { + description = "Generate SSH key pair for ${name}"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = name; + Type = "oneshot"; + }; + script = '' + #!/run/current-system/sw/bin/bash + if [ ! -f /home/${name}/.ssh/id_ed25519 ]; then + if [ -v DRY_RUN ]; then + echo "DRY_RUN is set. Would generate SSH key for ${name}."; + else + echo "Generating SSH key for ${name}."; + mkdir -p /home/${name}/.ssh; + chmod 700 /home/${name}/.ssh; + /run/current-system/sw/bin/ssh-keygen -t ed25519 -f /home/${name}/.ssh/id_ed25519 -N ""; + fi + else + echo "SSH key already exists for ${name}."; + fi + ''; + }; + }) config.users.users; +} diff --git a/flakes/common/nix_modules/jetbrains_font.nix b/flakes/common/nix_modules/jetbrains_font.nix new file mode 100644 index 0000000..22d217c --- /dev/null +++ b/flakes/common/nix_modules/jetbrains_font.nix @@ -0,0 +1,33 @@ +{ + pkgs, + ... +}: +let + hasNewJetbrainsMono = + if builtins.hasAttr "nerd-fonts" pkgs then + builtins.hasAttr "jetbrains-mono" pkgs."nerd-fonts" + else + false; + + jetbrainsMonoFont = + if hasNewJetbrainsMono then + pkgs.nerd-fonts.jetbrains-mono + else + (pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }); +in +{ + config = { + fonts.fontconfig.enable = true; + + fonts.packages = [ + jetbrainsMonoFont + ] + # TODO verify if these are needed/working + # ++ (with pkgs; [ + # ipafont + # kochi-substitute + # noto-fonts-cjk-sans # Or another CJK font + # ]) + ; + }; +} diff --git a/flakes/common/nix_modules/nix_options.nix b/flakes/common/nix_modules/nix_options.nix new file mode 100644 index 0000000..db45356 --- /dev/null +++ b/flakes/common/nix_modules/nix_options.nix @@ -0,0 +1,62 @@ +{ + config, + lib, + ... +}: +{ + # Enable flakes + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + + # Allow unfree if set in config + nixpkgs.config.allowUnfreePredicate = lib.mkIf config.nixpkgs.config.allowUnfree (pkg: true); + environment.variables = lib.mkIf config.nixpkgs.config.allowUnfree { + NIXPKGS_ALLOW_UNFREE = "1"; + }; + + nix.settings = { + max-jobs = "auto"; + # Fallback quickly if substituters are not available. + connect-timeout = 5; + download-attempts = 3; + download-buffer-size = 524288000; # default is 67108864, this increases to ~500MB + # The default at 10 is rarely enough. + log-lines = 50; + # Avoid disk full issues + max-free = (3000 * 1024 * 1024); + min-free = (1000 * 1024 * 1024); + # Avoid copying unnecessary stuff over SSH + builders-use-substitutes = true; + auto-optimise-store = true; + trusted-users = [ + "root" + "@wheel" + ]; + substituters = [ + "https://cache.nixos.org/" + "https://nix-community.cachix.org" + ]; + trusted-substituters = config.nix.settings.substituters; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; + nix.extraOptions = '' + keep-outputs = true + keep-derivations = true + ${lib.optionalString ( + # TODO revisit this should it move? + config ? age && config.age ? secrets && config.age.secrets ? github_read_token + ) "!include ${config.age.secrets.github_read_token.path}"} + ''; + + # nix helper + programs.nh = { + enable = true; + # clean.enable = true; # TODO revist does this solve my re-building issues? + clean.extraArgs = "--keep 10"; + }; +} diff --git a/flakes/common/nix_modules/no_sleep.nix b/flakes/common/nix_modules/no_sleep.nix new file mode 100644 index 0000000..66f7060 --- /dev/null +++ b/flakes/common/nix_modules/no_sleep.nix @@ -0,0 +1,11 @@ +{ ... }: +{ + # Turn off sleep + systemd.sleep.extraConfig = '' + [Sleep] + AllowSuspend=no + AllowHibernation=no + AllowSuspendThenHibernate=no + AllowHybridSleep=no + ''; +} diff --git a/flakes/common/nix_modules/podman.nix b/flakes/common/nix_modules/podman.nix new file mode 100644 index 0000000..0408e28 --- /dev/null +++ b/flakes/common/nix_modules/podman.nix @@ -0,0 +1,11 @@ +{ + config, + ... +}: +{ + virtualisation.podman = { + enable = true; + autoPrune.enable = true; + }; + users.extraGroups.docker.members = builtins.AttrNames config.users.users; +} diff --git a/flakes/common/nix_modules/q_flipper.nix b/flakes/common/nix_modules/q_flipper.nix new file mode 100644 index 0000000..21fea44 --- /dev/null +++ b/flakes/common/nix_modules/q_flipper.nix @@ -0,0 +1,14 @@ +{ + pkgs, + ... +}: +{ + hardware.flipperzero.enable = true; + environment.systemPackages = with pkgs; [ qFlipper ]; + services.udev.extraRules = '' + #Flipper Zero serial port + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="5740", ATTRS{manufacturer}=="Flipper Devices Inc.", GROUP="users", TAG+="uaccess" + #Flipper Zero DFU + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", ATTRS{manufacturer}=="STMicroelectronics", GROUP="users", TAG+="uaccess" + ''; +} diff --git a/flakes/common/nix_modules/remote_lio_builds.nix b/flakes/common/nix_modules/remote_lio_builds.nix new file mode 100644 index 0000000..c4731e0 --- /dev/null +++ b/flakes/common/nix_modules/remote_lio_builds.nix @@ -0,0 +1,35 @@ +{ + config, + ... +}: +{ + # Remote build off home lio computer + programs.ssh.extraConfig = '' + Host lio_ + PubkeyAcceptedKeyTypes ssh-ed25519 + ServerAliveInterval 60 + IPQoS throughput + IdentityFile ${config.age.secrets.nix2lio.path} + ''; + nix = { + distributedBuilds = true; + buildMachines = [ + { + # TODO require hostname in ssh config? + hostName = "lio_"; + system = "x86_64-linux"; + protocol = "ssh-ng"; + maxJobs = 32; + speedFactor = 2; + supportedFeatures = [ + "nixos-test" + "benchmark" + "big-parallel" + "kvm" + "uid-range" # Often helpful + ]; + mandatoryFeatures = [ ]; + } + ]; + }; +} diff --git a/flakes/common/nix_modules/tailnet.nix b/flakes/common/nix_modules/tailnet.nix new file mode 100644 index 0000000..c7cef7f --- /dev/null +++ b/flakes/common/nix_modules/tailnet.nix @@ -0,0 +1,22 @@ +{ + config, + pkgs, + ... +}: +{ + environment.systemPackages = with pkgs; [ tailscale ]; + services.tailscale = { + enable = true; + openFirewall = true; + useRoutingFeatures = "client"; + authKeyFile = config.age.secrets.headscale_auth.path; + extraUpFlags = [ + "--login-server=https://headscale.joshuabell.xyz" + ]; + extraDaemonFlags = [ + "--no-logs-no-support" + ]; + }; + networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; + networking.firewall.checkReversePath = "loose"; +} diff --git a/flakes/common/nix_modules/timezone_auto.nix b/flakes/common/nix_modules/timezone_auto.nix new file mode 100644 index 0000000..223aef1 --- /dev/null +++ b/flakes/common/nix_modules/timezone_auto.nix @@ -0,0 +1,7 @@ +{ + ... +}: +{ + time.timeZone = null; + services.automatic-timezoned.enable = true; +} diff --git a/flakes/common/nix_modules/tmux/default.nix b/flakes/common/nix_modules/tmux/default.nix new file mode 100644 index 0000000..c9224df --- /dev/null +++ b/flakes/common/nix_modules/tmux/default.nix @@ -0,0 +1,19 @@ +{ + lib, + pkgs, + ... +}: +{ + environment.systemPackages = [ + pkgs.tmux + ]; + + environment.shellAliases = { + tat = "tmux attach-session"; + t = "tmux"; + }; + + environment.shellInit = lib.concatStringsSep "\n\n" [ + (builtins.readFile ./tmux_helpers.sh) + ]; +} diff --git a/flakes/common/nix_modules/tmux/tmux_helpers.sh b/flakes/common/nix_modules/tmux/tmux_helpers.sh new file mode 100644 index 0000000..b644b4b --- /dev/null +++ b/flakes/common/nix_modules/tmux/tmux_helpers.sh @@ -0,0 +1,34 @@ +tmux_window () { + cmd=${1:-} + case "${cmd}" in + rename) + if [ -z "${2:-}" ]; then + tmux setw automatic-rename + else + tmux rename-window "$2" + fi + ;; + get) + printf '%s' "$(tmux display-message -p '#W')" + ;; + status) + out="$(tmux show-window-options automatic-rename 2>/dev/null || true)" + if printf '%s' "$out" | grep -q 'automatic-rename on'; then + printf 'auto' + elif printf '%s' "$out" | grep -q 'automatic-rename off'; then + printf 'manual' + else + # If tmux returns nothing (option not set), default to auto + if [ -z "$out" ]; then + printf 'auto' + else + return 1 + fi + fi + ;; + *) + printf 'Usage: tmux_window {rename [NAME]|get|status}\n' >&2 + return 2 + ;; + esac +} diff --git a/flakes/common/nix_modules/tty_caps_esc.nix b/flakes/common/nix_modules/tty_caps_esc.nix new file mode 100644 index 0000000..f7c1fc9 --- /dev/null +++ b/flakes/common/nix_modules/tty_caps_esc.nix @@ -0,0 +1,13 @@ +{ + pkgs, + ... +}: +{ + services.xserver.xkb.options = "caps:escape"; + console = { + earlySetup = true; + packages = with pkgs; [ terminus_font ]; + # use xkb.options in tty. (caps -> escape) + useXkbConfig = true; + }; +} diff --git a/flakes/common/nix_modules/uhk_agent.nix b/flakes/common/nix_modules/uhk_agent.nix new file mode 100644 index 0000000..ab5d503 --- /dev/null +++ b/flakes/common/nix_modules/uhk_agent.nix @@ -0,0 +1,11 @@ +{ + pkgs, + ... +}: +{ + environment.systemPackages = with pkgs; [ + uhk-agent + uhk-udev-rules + ]; + services.udev.packages = [ pkgs.uhk-udev-rules ]; +} diff --git a/flakes/common/nix_modules/zsh.nix b/flakes/common/nix_modules/zsh.nix new file mode 100644 index 0000000..264a74a --- /dev/null +++ b/flakes/common/nix_modules/zsh.nix @@ -0,0 +1,9 @@ +{ + pkgs, + ... +}: +{ + programs.zsh.enable = true; + environment.pathsToLink = [ "/share/zsh" ]; + users.defaultUserShell = pkgs.zsh; +} diff --git a/flakes/common/readme.md b/flakes/common/readme.md new file mode 100644 index 0000000..1897981 --- /dev/null +++ b/flakes/common/readme.md @@ -0,0 +1,56 @@ +required settings? + +```nix +# Required system information +networking.hostName = "system_name"; + +# Where this config lives for this machine +programs.nh.flake = "/home/josh/.config/nixos-config/hosts/${config.networking.hostName}"; + +# Optionally allow unfree software +nixpkgs.config.allowUnfree = true; + +users.users = { + josh = { + isNormalUser = true; + initialPassword = "password1"; + extraGroups = [ "wheel" ]; + }; +}; +``` + +# TODO add somewhere + +```nix + # allow mounting ntfs filesystems + boot.supportedFilesystems = [ "ntfs" ]; + + # make shutdown faster for waiting + systemd.extraConfig = '' + DefaultTimeoutStopSec=8s + ''; + + nix.settings = { + substituters = [ + "https://hyprland.cachix.org" + "https://cosmic.cachix.org/" + ]; + trusted-substituters = config.nix.settings.substituters; + trusted-public-keys = [ + "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" + ]; + }; + +services.tailscale.extraUpFlags = ++ (lib.optionals cfg.enableExitNode [ "--advertise-exit-node" ]); + +``` + +# TODO + +- New reporting for machine stats +- programs not ported, yet + - rust dev (now using direnv local flakes for that) + - incus + - virt-manager + - diff --git a/flakes/secrets/flake.nix b/flakes/secrets/flake.nix index a282f79..80731ba 100644 --- a/flakes/secrets/flake.nix +++ b/flakes/secrets/flake.nix @@ -22,11 +22,58 @@ ragenix.nixosModules.age ./secrets ]; - config = { - _module.args = { - inherit ragenix; + config = + let + secretsRaw = import ./secrets.nix; + systemName = config.networking.hostName; + # TODO revisit this slightly kinda scary method for choosing owners... + user = builtins.head ( + builtins.filter (name: config.users.users.${name}.isNormalUser or false) ( + builtins.attrNames config.users.users + ) + ); + authorityMarker = "authority"; + + # Key matches this host if its trailing comment contains "@" + matchesThisSystem = key: lib.strings.hasInfix "@${systemName}" key; + # Key is the authority key if its comment contains the marker string + matchesAuthority = key: lib.strings.hasInfix authorityMarker key; + + keepSecret = + attrs: + let + keys = attrs.publicKeys or [ ]; + in + lib.any (k: matchesThisSystem k) keys; + + # Any secrets that should be world-readable even after auto-import + worldReadable = [ + "zitadel_master_key" + "openwebui_env" + "vaultwarden_env" + ]; + + # Keep only secrets intended for this host (or that include the authority key) + filteredSecrets = lib.attrsets.filterAttrs (_name: attrs: keepSecret attrs) secretsRaw; + in + { + age.secrets = lib.attrsets.mapAttrs' ( + name: _attrs: + let + base = lib.removeSuffix ".age" name; + in + lib.nameValuePair base ( + { + file = ./. + "/secrets/${name}"; + owner = user; + } + // lib.optionalAttrs (lib.elem base worldReadable) { + mode = "444"; + } + ) + ) filteredSecrets; + }; - }; }; }; }; diff --git a/flakes/secrets/github_read_token.age b/flakes/secrets/github_read_token.age new file mode 100644 index 0000000..3ddcbd6 --- /dev/null +++ b/flakes/secrets/github_read_token.age @@ -0,0 +1,42 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBJRmpU +K2tCT1RTNzBhQlNzSHlIZDB4UFNCRDhiY1puVHQxN0QzSDNIbWhFCkdPVTFLYUcv +MW1FMnUyVG9xVE5KaVJQWlhFYmtaeGl2RGYyWWhtbEtTTFEKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDBNalFocUZXRkZxMU10L1pWN1I5eUlGWXlrMVNLazR5RExycnZJ +K3BsaDQKVlZCUjRNL1hvMXFjRkd1VGVZNUp3ZnZBdW1qMEFpY3ZhYWFacmlZZEFa +SQotPiBzc2gtZWQyNTUxOSBTcENqQlEgSWRpT3BZZ0pHOWZjWkszZVg3OEZaZld5 +d2hOdXpYZ2tXVThMb0FTK2ZEQQpKY2xXT1dDeEp1LzlDcnoreVNvSHdCL2dDVFVs +bUUwQlU4Y3pXV0F1S3RNCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBrMFJOd0xrcGp4 +TkpxTW1DZWUxc1BQVTc3S05scHEzQ2hVT1I3bWhQVnlZCkVZQ0dZMm82VG81Yzda +MUpmWjZRUUx3NVBwVTlUZmtaS2JJem5ETkR6eVUKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGhoSVhmVVNlc0toR1pBemk5WGp4R0NYdFF0dWFjVlpVcWRQT0hIUlNhazAK +czdFNlIydWFYSnBuTXNBQXE3eTZtUTBpUUJrdFFZMUZldFh4TXpVWEswSQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgYXp5MElHS04vVlV2b1RoU3RRUTRCeFlHWjRLajFt +L01Pdi83YnRjNndWTQpFVDk2djEyVFVaUHQyTGliZDRFM0Y0Vi96STFJR0Nqa1hn +a2VYVFhzelNnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBET2dPUk5rYm9wVHczaE0w +L2hpa0F3emZqNDBxR2c1OUVVNnBNeVc1SzBRCmhIWmFKTnl2TFFBRUpyejhEMFBj +cVR6RkZHS3lpZzd6MzgrQml5QXpWdjAKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIFVk +cE1YSS9rdzBsTk0xNGtlRjJSV2llNVhYOUsvdVVFam1wUU82czNTUlkKQTdLcFdk +akErdWRrUXZET1hjL2J4UFJzdkNFVTlEUWJFWTFaczQ1VmxDNAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgQVNMandOOVFiN2xuQTd2MC9UUmt2MVg2YUlzcHBHaEJBWG1E +Y0srMU9UYwpGQnh6L09qY2JvL0tqcGNnWldkWUVzRHk1QVJvN1N0YlRVNCtlMlV6 +MUNVCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBJR0RzZWpCNHNHcXBhQVErVUwxcG9t +K0M5RSt0M2R6SFpwYzB5MXZFQVM4Cll2NmJrQkMwNkFGbWM2bHJ2THhNbG9XS0dk +cmEzWUFCdXBLS1dyNWh0aU0KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIElaN2h2aHRO +bDRtNUlrMlNmOWVSYlpvR2VVeWRxL25vMnFjVUVmc215ejAKVlBmcTFtN3BUZXJx +eUg0eXY2S3V0ZklGNzFnK09yRUJacnZYUllkUzF0bwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgU1J3VG1lVDlCNmNVZ2hZbXI4ZDhZdE9jYnNkNHpQclpqQmdGcFhuYTBI +RQpkMnhjZlYrWjBPZVk0UGt5UEZmQzZoOUxSVG8zMVl6MlZCT1JneWJuWVdnCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSA5RldGVWx4aU9ZVUNQdlJTRUVqbS9CajlnTEdR +NFlCZnEwSy9rRGNIM1RRCkxKN2FUQTBVbVA5SnVZSDlGcXFKL0M1NGhONFhLamF3 +Z0VNZ1VSSEFKSlkKLT4gc3NoLWVkMjU1MTkga0hrMmdBIElkSFNJWnZ3WFA3V1J0 +aFNqN0RTQUEvNkRkeHI5QkR3K0RuQ2NnZTFQU1UKb0dKd3gyYWdPd0NyUEZDWUhB +eUdaZzIzWEtkNGdUZzZScWpOUzN6K2dCTQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +eGNINUY0UElXbUQvUklPY2c1S1A4OXh0UWRsTjFGUTg3dW9BM0dyTVgwNApyN3pV +eHhUSnAxZ1ZpdmUva0lScWJxNGFWZDRMdm8zd09kay9ORXdOVkljCi0+IDMtZ3Jl +YXNlCldFN1JnNGM4Vmh1dE5wZUNGOC9NdktlSEFnCi0tLSByVzE2ZHZSdXRxQTZN +SjRTNlRtUHlRL2JPS1Yxd1lnalFFUGlWR1lKTjZvCgfzY9S+Cm6zaEAcrAr3fsev +9enyx9OmVTIIZltr52uqCYbWcsuCkDjHtwR3NXiSQB2HWhNe38l4l2K1+HGcoS7i +2TMD7o9Jx6QoWLHgmrn/zXL/VKyOj5a7P530AMzdqcgJ4U8641VN0W7L9u1Cw5EB +Ujzb1rKthf+txuP04aWYit69ZBdH7r+VkOGghXngwvBapwFF8AGUug== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/headscale_auth.age b/flakes/secrets/headscale_auth.age new file mode 100644 index 0000000..867be94 --- /dev/null +++ b/flakes/secrets/headscale_auth.age @@ -0,0 +1,40 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBvbGZC +ZFZWZ2ZPWUlNdEZCSXBuYThubHpiNkFzb3Jldlh1QlF0UTZ0NHlZCjlHSTVrekQw +MDBsaU56Yk9IQVZaQWJDMVNoUWFlQmpJV2gyTXBXNEhNdDQKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDU0eDdqTStiUUlCUUcrYWhDWVRSQmxPNEIySk9NallHaVdNVFg5 +YXNPa1kKQ25PNGxjc1hid25Nd2R5RCttbHN1ci84T1pmQ0ZkNDM0R3FLbGdHRnRm +OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgNjR5WkE4eUQrUGk1NHFMY3BjclZKWkd2 +TVd1QVNoVm96QkcwcHZmdG16dwpRQjY2V3dOOGo3VlJ5aTNLS0NqUVJ3VHNTWC8x +V05kbm5yQ3F0MWNFM2ZJCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFeDIrUWEyYjVw +QUdjSlBWQ0Y2N01uL3hxTWJiNkdCVkM3UTBZbDhBZWhNCnRraHhUb2NEMzJWbWl5 +SjJEenN0VjJCWlM3TXEyREN0ZysxSG9Rak9hMVUKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGxYRDJta0x6QnNkTXJnQmZwWFlRL0wrNS9EUS9TVDJMRFhZWDBUKzRWaWcK +VXlwL01IYTdTTTY4Zk1FOHBMc3E4ck1DZHp6aHhEaXFBWFN3SGErcjhmUQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgVUozU1kvVVJsZ0F2Nnk4bmZnUUNyTU8rM1FCRjFY +bWVBZWNNUFZIcFQyTQpzK0Z1SXVFQWhFSnp0UGs0RHJIQlZrUUtlY0ZFTjdwSTZS +MXhjSTNpOHNnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBvQkd5UlNUakhGY0dkRFly +SU4vM3A1Sm5xNnhIZm5PUjR5WFNLZ1ZmL21NCk00M3k0RnNjL2dkRVd6MmdGSW1G +aGt1dmwxN0VTQm1zeklDN2MzRmFqSUUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIFBQ +TGdvVjdEaEJDQ1FxbjhTOVdZTVdjLzJhc3lwdy83UHNyOWJPNk5ZRjQKMTdNemRQ +L1h6Tk1EVTdZcnFPRVdEZjhnU21hLzcrWk0zS05YSTV3ZGJQNAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTFcyc05mMnNVdWFDQWZUMGN6OWNZeGkrWlMyakV5RVhHaFJw +bmxiZ0lrYwozcit3dU84L0lVU0JXbVN3YnJoK0NPOUZKS3EvSkNPQ3FCWWhYZnhx +azhFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBNWWJtTlVQTUo1SFh4b1Q4Vk8vUHdG +V0xLWjRXdVZxVVl0L2JMeTBrdWxJCmJvNGJ5Q0JUR0g4Q0pISmxTVll0OHl2dTFJ +dlNtR1A2aGVTUEZRMU5Hc1kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIFkxendRYm0y +aEc5dTAwQy9pLzBrbUpVVlpFbnlDdlI4bGh0Zy9oMmtVWHcKNDZuaTBDV1o5MXFV +NlBLVzlqc0ZzOUdMT3c2SmRYV3hVd044bzZoenFqVQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgQ3VDSnNLMHc4N0dCQ0NOY0lscStpeHlKdXA2UGpqRVhjNDVzV0NCQUx3 +VQpkeU9FOE13bFlaQ0ErWlBFZ0VWWTVZZElQdEg5UFo1SVRSeEhqRnk2NEtFCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBaREtQS2ZsSmxSQml0bkZzd0prUXdvdkhBZzhY +VkNRZWZqdVNvODIxMDNNCkJVMWZUc0o5Q0g0Yi95czFaVkhwejh0QW5HcXZ1Tmdl +bWFKSUhITkxFYlUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGlNcjZMWEdjdHNpNWNl +ZzlrNklvVklXM0tDMGVnRWhuL3BYV3dMa1U2ajQKd2owZXUxSGlIVUI3cFRxbjA3 +eWFhZXVudlBpQnRMTEVwZXhSSFgyOEsvSQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +OXR4MFc0eDZQQ1IwclIxYm9kYk1DSkZBZ1RDMm4wYlEyb1VrRTBaNmpWNApwY1pu +RE9VTU9Mbm9Ea0twcnBNRUc5ZjdzYXRyRmw0MlVHZDZmTVVLZFBrCi0+IHwqflMt +Z3JlYXNlCgotLS0gNWpFR3lvdmVsN1V2WG01aHN2VjVUeDZORzRpRDZGK0RWTFRM +SytLcVZYZwrYTHZo/oozQZasJAFNVb3ZrSAjREvZzRRyz6Mj71Pj2H+dbFz9sZ+c ++B4DEN/4xfhm5FUsU2w8VCQ/E+186igURD2AyhUZxNFFVPUPJKUM9rY= +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/linode_rw_domains.age b/flakes/secrets/linode_rw_domains.age new file mode 100644 index 0000000..70be86f --- /dev/null +++ b/flakes/secrets/linode_rw_domains.age @@ -0,0 +1,43 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBXV0xI +dU9KUHlVWG1uRWh5ODUydVRmSTMrWXdsRUg4bEFldmZtK3M4WkZVCkNYaTQxM01I +Tld6YVJiMnN3MVF4T2RHakRDT1Q5U21zNThPTUJkWEc2TWMKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIGp4d3ZqcGxHM2ZDUmVUcHJiWGI0WXcxMVVCRkhOMm05bDNVQXN4 +RFFyeTQKL1FiSmxhZUZOMzRqaTdkNUNIMVJJaU1XbDkydHJpWkhJUWx6dWI3dnZs +VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgT3pxVzgvMkZ3ays4cm1WWVkwUUVIT3h0 +UDhxL0lzZmN6WjNjbE9rT3JCQQo1TldzNExWSkRTQUtFeHJVcXRyWmJkVmhtRy9Q +a3lkcEUxaUhJbUhvR2gwCi0+IHNzaC1lZDI1NTE5IEY0YmI4ZyBORFZ5K0xoWmxy +cEE2bmFmc2RoUHZITDhhVFhYdG4zbWpISnd5UUt3VFVvCkRvNi85TXpPRWZKS1VY +VktuaWhIcXhEaXpBTUtQRWpzYjFwNW9oMUJQYU0KLT4gc3NoLWVkMjU1MTkgd2Ry +WkpBIDMweFFGSmdXbXMwM01xN3BvZVdCT1dqc24yTGtZeDM5aXhZSUlMOGxMd3cK +M3BLTTlkdGRKM3FRMHhuSFNPdmtKbFRsQXdqRjA0bnczNDlGVnoyV1BzQQotPiBz +c2gtZWQyNTUxOSBCWUtHK3cgYTFNM3lTdmxSM1Bta2dPcTFQaHdMYjhYRlhBZFhR +ZTJXTnlHWE9uMEZVdwpwVnNCaHFSZDR5MytVeXpRYVd4RHUvQXhvN1VVS3V2Z3Iw +Njc3YlgxSWpJCi0+IHNzaC1lZDI1NTE5IFh6Zm1hUSBONHcrcE5JYVV6UnBFNm0w +TXpZSHdIN216bzVxREhTQWpJSFlmU3ViWEZzCktKcW5vSmRZRXJVL1RUMUFoYWFh +VFlOLzFwQXpBUzFoYzFRNWhGMitCR00KLT4gc3NoLWVkMjU1MTkgNWFkcU1nIGFp +MGhSOS85eU9GZ1RGWGNVZWV4aFBFNGlvY3Z0RzNBcThjSTBFYWkreE0KL3d4SDVB +eUc2WTdHRXdGa0l3eWk3ajJsNThFNk1mSVEwS0xGMFo2WW1qMAotPiBzc2gtZWQy +NTUxOSBaZTFNd1Egekk5Z25lRjYrYlhDRzNyY3E0MUR1bHI5a2hoZGNoWnNjODlN +K29tbUJRNApZUDl2M2E0RTVRRFlINEgxRkd3Q2pIandQNlBhVTZiRVhtQUlPS1NC +RHRrCi0+IHNzaC1lZDI1NTE5IHBlRkJRZyB4OGRJbGVLOFdSaXljcC9tVjBkUjlQ +ZE9RSzNwNE0xK0w1bDdmay9JbFJFClRRa3JRSzZVNmNOMFR0WUw5MGxRalNlakJE +bm9MOVFMSkk4RGFCWGdrY2sKLT4gc3NoLWVkMjU1MTkgOXYvMkhBIGQ4QXhoczRI +QnJRTGFjanFBenE4MXRqUTRSQkFPUmNiSkJGRHBpQjVxeEkKZjBOcjRMVVBqZ1dp +L2Zjak05eVE5YVMwVVRNRkk1aHEwSkVaWE1ReWU5awotPiBzc2gtZWQyNTUxOSBS +NSt4ZncgYzhHdVZINWYyNjcvNE02NUozc1k4SjMvbTV3MGZNT1VkUFVXbjZlaHJn +UQpGV0IvTXNDQUtjeWtIVGhEdmdsRWNRQTZDdGc1NGlYdVVudkNCaXlPZ3RZCi0+ +IHNzaC1lZDI1NTE5IFJvWDVQUSB1NnVjSWdUSCtsMDRjT2p6TXAvczVaNnFXQ2dL +bTFNMDcvRVJzV0xVUVJzCnorNTlvUGJlcGk3ei9CdmxNczVsOU9DUjdTWjY5VE03 +bnVNUnNHcjkxSWsKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGhyM0x5MVhiYUQvbmYz +MnVHTWpjYyt0WWQ2c2FzSkYzS0U1UUZRdXZSQkUKU0VZV1NJaHNhS1djZTY0SW9N +VGhObDB3ODg2bVVxcFRwUFFFbFBYaG01RQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +VFRSajdzckRtZU9ZK0dwcWNld0F4Q0RCb0JOOVJBWTU3Sm9WQUh1K2xEawpXQW9X +WGYyRnNMcmZ0TFZ5R0FaYmdqMENPVmU2b3B6K00rUFYzQmxEVFdrCi0+IDs4NnMp +bCktZ3JlYXNlIEVkR1IgKgowVGZnVEg4cU9kMmIzdWFZeE1nS2RCYVNXV1hHb2p6 +WVpqLzRzTWVOb0owbHhweUdpc0pHQ0lRY2hMQXlqOXpFCmJhR0lBWFo5L0JGeTgw +QTlHcVhIM1YvOC9UTnlCeVA4a3ZNcQotLS0gSHYyY1BSc0NqRExDL0FWSG84VGhT +OXRKaThvamhmNTdiUjF0QnNRTGkzWQo3Bxz+qj6gbLsTNNM/3Dp9ppYrGXHccgee +o9KJs6L9AadYB+PrcseM6DtNEhupvy8zXP6txbVbfP2Xus7j2sXmj9uM30HUn60i +4XRoL1snQIhfjP+YNp0QkvkHtZvXzraM +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2bitbucket.age b/flakes/secrets/nix2bitbucket.age new file mode 100644 index 0000000..0dd3a93 --- /dev/null +++ b/flakes/secrets/nix2bitbucket.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USAxNHJi +QjBYYnZsZTl1OXRwUDRXSGx4MmJOdzhHZXY2NUlaQ0hocFdlV240Ckw4U0FNSGFt +SmF1aW5mM0lseFZDUDR1ZkgyRFdkbHYrUHdITWUxanBrWHcKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIC9vS1U5ajZ1MS9sdFZZbWs0cmlvc1VQRVNLZUxiQkRrS0xtWWx3 +LzMxQm8KdmU2V0pqZnNMajc4SVk5Skhnd0VQTmViMERIMWtqMEcrUGpHTXkzMGk0 +QQotPiBzc2gtZWQyNTUxOSBTcENqQlEgS0FzbGFCY2xtQjdlQ3p4UjJjUVdNRGsv +ekwvcWhEK2o1OFkzYW1zMy94ZwpSQTlwRVlKb2x3SlR2QkEwSFlhRi81bGRObWhw +OU9pdVBJcWRyZm8xQWpnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA5ZGMrR0xRcXJz +STlKbGhEYkdOYlYzZHBmZkJHUTVYSndEZk1ab09Pb25vCmJWVDZCYmVTSW5nRTVX +YzFHTnRMeGt5WE1Ydk0vZ3l3K0NhckwzbU5kN2MKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIHlJZG02U1JaZkVxVnhSc2VVZ21sdmJlMUh6eWhhK05lSkhES2J0L3JEUUUK +K3FacHVNbEIvWk5QQTV5RHpOU0tpYitJek96YjF1a2o3dTJmTnZya3lpSQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgUmcyWU94VEI0Vm1vUnpBWW9ieTYvQjFBM0hyY0ZU +QWZoaUFmSTRlTEFIZwpINEFkeFJnVVNINWlBaS9UK0V5aExoMnY0TDVjSFdITEJi +dzFpdm9wRGJBCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSB0MVR0bE9tMEw2bzc0SHpY +N0JFWXFDbFJ3M3Rab2VtQUlLeUNUU2l1aTBNClNPTGpSTnFGeXpBcStjdnlmWllx +K20wdUVVVlZnb1FJbEdlQXVTWWpudDgKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIDF0 +ZFlkaTNOMVNsV29rREJpaUdXSnFuQTlyd3pyM2I2bUtPL0ErUm9wR3MKenNsdEhl +TDVjSmdQSXR4S1ZWR285RTF1T0hhNEg2TFZCUXAraFkzdXo3awotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgVVNrblluWm1Dck1yelpURWZoeVFjaUJFaXdkZldOcCtFVzJQ +ajZUTmVsUQoyUmI4Tmttc21HemZDTmdERFhxZXlpdG1RVStiems5cVNaQWNIM3dv +RlI0Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyAvS3AwTW1kaUtlQnpjaXByQU1uRVM5 +RDgzMVhBSFRWSVdwczhxVXdUWDBFCnBDNjEzU3BUcCtRM2tDUVRBb0Jqd1pkK0Zo +WWJEb2gzaUlPTGRsZVlzZ0EKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHRnQndCVU9J +ZlQrdi81b2J2cmNzdXR6NHI0bW9LaHJqRlprTWZJM1RiRm8KSmpVQjF2U3BuVWVz +Y2orSlc2dUYrQWRYSHFPb0JRZloxZHo1KzduQkJycwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgVG9LQnRwemt5T2VSVFBVK21acngxMHRDNDNxQlFxZU92NzRuK2U2aUwy +OApXamtRUENLSVBBM2ZmSVNtWkh1TW41dEQrRkNYQndBcUlOQnU2Ky9BMzA4Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBveE5LTWhRZEhzeHBQVmo4amNBTzlHWlFVYURx +T3plT0lPaEpsb2F0RWhVCmh3aCtsU21zV0pYQzNmU3VqUXhhOHlYVEhsWDN1eHpD +UjRjVkEyTVhrVjAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIDNMWEtrbWh1SWRwVUc0 +Vm9uYlcvK01xcEdSWkZuZzl4eng3NjlwRXNPamcKYlArYXkxYlMybTE0UnhvempS +bmlncUJtWjVZMWdHY3VvTHNvdExib2lzYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZnJtVEdzL1RFK3M3TGFpVGo1Mi9aN1pLRS9TajQ1MlNqODVad1M4ZDh3cwpVSWpy +elZlT2dWTmhFaWJFUVFXWU5pT0dlam1jU0R2di9TUzVjUlY5b0RnCi0+IEJ6cnpI +NVktZ3JlYXNlID1YU3I8WkNjClRpZ2dHWkJIaVZVVkNwY1JwOFg2bTdzTnJBRjRs +SytLdFUyRldoTlpHSkRPY1ZQODRYY3RiVS9VNWtPeXBIc0MKeEdJY3UvTWdEZTVa +RXNvCi0tLSBLcUNEU1JhQnRCK0RMS1F3VEt1Ykl2MkhROG02NmY5bjVIem1JeWdQ +TXZnChn2UP3yo7fmH9JimBCsA8X6WLurks8pKMf5lb/yh92Uj+mbIz5R07Fpq0aC +nLa9VhNeQU4nYkotJUVPRGhBlh7xaVRoeaRfRy8n34TKNU+PQUFz6gv0OHkMDOKh +B3Z73OAJGaFAX1Q1SlM96ejHVMRdr8SNQao9QJvZq9EXyrejV1L8oS7cKHObfkEi +ylUPlNsH375zQ+rizYqO3jLBGNXpK3RTOX/3xadbAeccyBLrSaoE+eQi2nba2fSb +iLd6xNtltmDy4AzRwpmMPpD2EUlTV7iBCBlstK6v7k+VOAyH0PGIXTVUlHs8VORI +PHx8boVaGNn1b3XSD3CTflCRHxo7gSfXzcDEnfIbPsz97Z8GdQmV6fqIoWyWS3ZM +DFYdS7VBuKA7lUy9fu+UbP6OFjTu05rg35OcM6uzF6U4TVbKrGzaeyZzrokcXCbo +LNYJaI0FY+/bznL8/YqU/EJsAzgSZLApIzo3wLJhd6YK9Si17Lgf5N8sfUvHN8ax +naRZp7SlPmmzyhO82KwI8FXM7E+0mZ3CjfiEUmq9dz2plRGJaWCdMJ/SUv9EcTvG +Z/Uo +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2gitforgejo.age b/flakes/secrets/nix2gitforgejo.age new file mode 100644 index 0000000..9e9ac24 --- /dev/null +++ b/flakes/secrets/nix2gitforgejo.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBtRTlJ +RHRaRVFZZ2Y2Uzl5dEZXSnplMlpYdy9UVVdvb0dSVFNGd25rcHhNCmp3ZHFneUJU +eW1PaGlncUdmVHNWblQvbkVxUDJpQ2p2OFJFVGtNb0pZcXMKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIGdJOTRGVktSY21ob0JKam8zaDN0bkhIQjNieTVEcFl3aVBpSjhw +Nk9OSGsKVENrTkd4cmdaUnE2VWR4SU1ySWdvZGo3VnMxTFo2dklwSTFieUwycTdr +RQotPiBzc2gtZWQyNTUxOSBTcENqQlEgU0plOWVNNTNNTkxhSVN6ai92aTd6RFJ2 +WjFRMzdJUjAvbDN6MHVOMTNncwp3bVREblZMUE12WEVaOGpLVDBYZHdILzQ2UVBI +V3MwTTFwb2dwcDMxSFBnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2L0NONmxjcGFr +T0xaRnhHQ0FFVVlseUtKcWJZbi9ISlZIclVOdTRNRDJBCitWRDBvQXdackV6QTRu +S1FPeXdLZGpvbjhBYllVY0UvZ3JEWWQvMHNOS0UKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIG9XOEhybjJFclFKWEhQeDlrY0xVRHZOcHQrK2RWa0hsZTc0eU1qRWlNMTAK +cnpLdGRDejAraERuNnVlZDBVV202TmdlSVREMVlPWFhpckdPY3Q4OTY0UQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgQWk4Q25xSFZSbHo1NDJ5VnJWcVN5L2NIQi9SQVJ2 +aWtWSHR6azk3QmhEYwpXQUtjb1JZSHNuOFZHWFZYcy9HdktJVGpvQ2xuQXU1Sndi +YlRWYWhiVmd3Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBOZWtBQ2NDVmViYm9uZ2hu +akhMVzNlQ0hiNWEybVE0dTFwWGRpMlZGZlZJCkJncE1nTlZTaEl2dW90bERnQUhO +SWd5dzhYa2RMRVRFYS9rdkdEVTZIcVkKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHNi +OVZVblBBdVFuVE4xVGt1UzlMNDVtWGdBakVJaDVjanhmYWVPV3RXRjgKYTBOREpS +bVowSHlySFg1QWJFK0pPdnZJS0VQcjdXdERRbmdsOUFTeldMdwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgdWY5U1BNTndYYWwveCtjeUxHOERGTEhMMXlSSEpyV0gva2pw +ZHNzSTRsMApQSm5BUmdMODZ2YmVaaFNxQVFaYk5KWFVEOVoyQjBQQzBxM2kwZEl6 +eXJjCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBVbG9ONlVPbW1QNmxENGJERGs1VEJU +Q0FhMlowVlZVVG8veG5tUWt2T0VJClJPZUY1T00vZitSRmdhWklrY202ci9yRG9M +RDRiTGpKWis5ditDVjJIRmcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE1SY3pidWpw +TmVNbEV0ZXQwTDkzdEtkbVIwd1BrSG10UVhBRUY5VUt2eXcKSCs2VEc1VXhXWXBY +UHdRVFVtaGJUK2tBWWYvQTk5V1dEcDVReFJ6WkNJdwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgVE51VHdqeEF5ckRqTUVGWGw5SGtkRGJCd0xoZzdNbDRUajZPdThCQk8y +cwprTW9tU2Z5d1RVRWNkR2M0WWNCRTRwb2VWcDNQdHFCWDBHZDhINUduN0djCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBOZlB6aHRWRmthWkpuekNza2tBUzRiNGFkSTUv +WVRNRGFKZXZ1Sm0rUDJvCjV1dzlyTFZxYndvZ3BKNGU0K0hwK2VhSmNYcmFHZk41 +RTlscS9uODR0R0UKLT4gc3NoLWVkMjU1MTkga0hrMmdBIC9sLzYvYnVpenRFUlZO +cTVmVnBpLzIwNlJrU0xYOEhKWStkOGRDU0dkVFUKbjlVQTlsRnBCci9ucUNMNkJC +WWpueFlqclA4YVc3RVpXeWZDQ25mWEE5YwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +bjJNa0RIcGZWdkxCUnBsU0p4L3lwUDdia3Q4L0Y3cllYVGJuQ3pZcjV3UQo5SGxu +SlQ0cFVOM3ZRZ3l0SkdVdk5vY0NLcVUrRXJ3SU5SekxaM1NWYy9NCi0+IEdTTEFp +OSF6LWdyZWFzZSAoJmR3Vi4gU3A/ICNuLSA7Ck9ZSjhhci9nVjl1L2dIR0twUm1i +NzRSOU1DM2Rwa3RsYnp4ZQotLS0gRGVpRXZiS2Vlc25HN1M2M0kxbUo0Uyt6OHgr +Q2loS1MwVzB3Uk9mcTd3MAr1KliXDwBENE5rxqhvy1XX1d59XdiWeqCepnPm78ET +YbVM6FN9H6UBwiwClc+os59UY1lxNyjvefVOfW4V0Jpo2f2aFWdsJxoJWSdomKzG +N2wQ4Yq8ESeuz4g7pwxWB3RsTr0w6Rnzuf7D4Syg9rpX1pqVinFhLOki1aK3ZIdk +tqhjkKFgWQbBM/6540W14uw1fPTIcdX8v5KHbTc9XyNA2MHamFc1GooYduqL6Ylr +ij3hM7/z+TdXxGu3+kqs3Yh5MFd+ePB+LFgAqiW3gv9nD5RmH3s/x8Oip+RLpoTw +7fwo8wgHByoDK6gz2SAOZ2Q/Px5YBqivleT0oVdrd/quLN5lU2aQt3OANTxzF+bP +DaAWwv/7pTaLB7lyqCTSw+C+UmgVXmnOi2MO7ex3tImNzwGVQfZG9mc5k13ltwsq +uxC3T9l8+fuo4iFUwCXfXlm3ZmcIcpjYE6rOlV4Y2EdmwwvwRhMljWf2OfNHlq4e +hLtKvsHf7+pMAX0ZsZMig6KH09V/RtGUr9KBWVG8CABPnPJBIzlGZPJdmO+G5eAx +cEUUkJzlcSCF6SDo1zG7QcT7vRSX4FjvOY579w== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2github.age b/flakes/secrets/nix2github.age new file mode 100644 index 0000000..f56d0f8 --- /dev/null +++ b/flakes/secrets/nix2github.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBYU2N0 +a1MzODQzb2JUbjJyQ0xTbUxlbjhJOExjNm1JOFd6bDNNZEp1TlJ3CktCUXFwWTJ0 +cUZVUldoRStJRHc2cjdwa0szQ0VPZTBsV0NiK2ZmQUQybW8KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIEk0R0lSUitzVkRQb2hQamt3cGdQK1ptYXVkUkdXb2w2N3VsY3hY +emdNM0kKYXhod0FVMzJ4dFRCZXZBQTBJcFc0RWRsZUdqV1FkSldkVHFnbU50VlNx +TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgaG5Fc0VOUHdJWlFsRGtOSEwxM2RHZHdh +anVJZWlOZ2dBRStmRkc5WU5nTQpiQzRwMnBIVHJoQldJeEdrOGVha1phbGRKZGZW +SGZiWUV3Rk5XdGxUZjFvCi0+IHNzaC1lZDI1NTE5IEJZS0crdyAzN1A4amFYM3Jt +UDNidlBaRDdpSTNLb1dmTDY5VDArc24yUWcwVGwrenpnCmoxVnlEMTFlZFhEeE92 +ZHJaeFJCY25sWTM4NWFnQlhpbCtodWZyeTVoaVkKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIENONGFuM2ViOHRGa1gzQS93a1RTaXkwVFlYd0tadG1nOFhra0VHa0Jua0EK +OElXcXgxd0FuVys4eUZwSXA2eCthRFNRTWpmSDFLU0FqSVlCUDJSNVJCOAotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgOUtUeUFubGN2RUp3eGM4d1J3ejFaSXdaeWg4MnBu +VVNmUE9VRzdUNThtYwpVazRGNS9GMytrOGdBSVJhcWJ3TDNDUWVOMHFBd216a3dB +UkJmNmpSSkZNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFaUVFcE1aVnNrekwrZjdN +L2ZYZ0JreGRRM3FkYnFzdlViVk0zajE3ZFVRCjA0OUlLczBmaEJMMC9EU0k1K1Vq +Wmk4eC9wbXdvWG5UTlNMYlBiSTN2RVUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHdI +RHY3U0VuekdYOS9FUVhBQlVtUlNQTDg1dEt3TnFzVzMwOTgyQktEeWsKRC9TUnJJ +cytpaTRGMm5wcXFuSE5ReU9seGFUWlBSa2FxbHQ3eE9Idmc0YwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTmp6SnhHV09BbzczdmVoaCtnOFdYaHorNWpmSDQwVmtJVFFx +Z2FTTnZWVQpnK0lTem9uTE9BZ3FqdVJ5YThmZ3o5RjlZNlhTUW5Zc1NsM2FBa1gx +RGdFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyB4ME5DK1BQUVFLcU1tYVZadG9hRVlM +WGFnd2lIVVNXSTNkZnhIaDNNSUY0CnpiUEZKeTVHTkFyYUdaeU4rWE54RmIxVjhC +NVkvQURrY1N6b0doN3MrYXcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIFZraHhvbndT +c085d1BFeXE5bGNWcitZaTBKdVduOGtPeVFRam1aWVpyQ3MKbE92VWFqVXF4dkZo +dElDN0p5S0xXemplSzFWUlJaZ2M3Uzl4UlhmOHllUQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgbndmTFpuR3o5QzZsZzVBMzBnUlU5UGFoNFIrc1dYUmdCdHhYa1N6d2JG +awo5amhkT0p3YytiRmFLc05GRU1hL3FMbEppd1Vpd0xCbXE2T0dLanpTQ1pnCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBUQ3c1Rm52cjl6ZzhQNTQ5R2NEWTlWUlVNWVJ3 +VndHUmg4eWIzNERGZWxRCkNRZk43YWUvc05nYWtFYVlZNjBQbnNhK3RXTjZJMkU1 +OG1hcUtoUDQyUjAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIHJGTk5SYXlKZkx5cEVJ +dUJQTVNkUWVkVCthU1c0eDMvbGJWN0dKU1dSeU0KYUVQMTFSNVNnZEFxV09UVHJm +VDhMcElMZ2NRQWVKSXJITU53NlZwK2dPWQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +YVgyMDhXL0RsaEFxSUhGTVh6c1BUeFgrd0lMUDg3blk0a2pocVJMbVZnRQpBb1hJ +c3pBOFRXMG9kTEt1Q1IvZW5GR0F6UTNLU3J6QmxGWGljT1pzb0NBCi0+IHN8OGhP +LTVaLWdyZWFzZSBKcTpVVyAvQlZYawp6bHZOYWpabVJhN3BNVEpQbDRWbUh1c3BP +UXlsSzJWdUdPMHpuWmF2QjNQd0ltUQotLS0gemVvbWt5LzErUlpmZXFxQmpMZFVq +czhiSVBFQVBVVFo2Q2hiaXNWQ1Zwcwrm4hQtiHjacGXqxDf8QBf6AdsiCFad+cAu +RA/fKJMnq8zc6NUDkvEAxrWxFLpLD9amqaxgh5889mWstPGaeCQEcWfjO7jl2jsM +duZsH2rtqfsaoWI1tsUiVKGtgprkI1TBwbtFYQ/aC+1AzOP4rnmuu4T/kIDbP+rn +SlILVnc458dAsDIUO0vYzNhy7z6oG0Nf6TnPehPocIakRXoLSN0d7fYmC5GDD+8m +v0ucVjpVlyXCyOHbl6COgLmz0HglXaQba+K1ZFWJJXwB3Ej/wYaS6r5rChe9RKJJ +tlCCDfOmUC1BgNH2PbPsaDwVmPe5itsAoJrzvq2mR5ho6kTX0dAPnu6A50G2TkTq +7OtmvcjVarHKO5mRLSaGKgBnxcdI9MPvKdLKb79mBgmp7lWbKqOfQL8W+mfdxWjI +F6DEPQ478W7QF5tIWYlHsDS4R7hKr7DPBxGLZEhKUYl6UJd8BietDQ+Pti19uoiC +1qwFIGoKGteEsW5HHfvxdp1hdboVoOh/MzwpksNqMOZIhS2aAr2EKQsUBB5TLL+v +JdEKGcLiRuxqa/6mVuEw2iqUfSBK+A== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2gitjosh.age b/flakes/secrets/nix2gitjosh.age new file mode 100644 index 0000000..3abe011 --- /dev/null +++ b/flakes/secrets/nix2gitjosh.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBXQXoz +bGYwc2NqNDBVYzVkeGxldnJxbjZ6elgxUmFoMFhuK0pvTTRLWkhBCmx4RUxONTYw +VXZGZUtQcnFaRXhuODNQQjhCRmFtOG1TQzQ5Qk5ua0RNQ1UKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHgyQjZBUjVNMTV6cG9LNE5NSFBMc0xid01PQUEyeVd1ZnBEaUVM +Rjh4bncKVHpqQ09XVk5od2F1MW1namloTUVMaEpuamlZcWIxRmsyRVIzV0RYZGxL +awotPiBzc2gtZWQyNTUxOSBTcENqQlEgN2s0Zmx1YjEvMlIzdElmeTcycEpNcHNJ +UUM4RzBaZWJEYTNUK29vOEdHMApkKy9SSk5PT3ZaQXQ1UGFCUFFvVE95V0tBZk5v +UlR1M2tEYWtMK1hSU09JCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2YzQzQ1J1L1JG +MXFjbzE5eUhnZDBjNTJGOEZwOGwzSmsyRUZhQzhtakFFCjVQYzM3VlpWR1I4THd3 +Ky8xOEd0UE1hVjRRS2RiVmUxbkpmdGxLR2RLcWcKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIG5ybjFTUEZ5OFhpUkpVdnZHNnZ1eWZGYnNQeFFvaVNoQ1pVaXJ0ZkNna0UK +cUx6OWtid1FRaTRLMy9EaGk0K2NKWE00UC9Ec0FsUDJCODJzNG0yYXJPTQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgdG5DRTY0QzU4MjBXTnFWT0NiclJ5M0g3eG9HVm92 +M1RIdFdidm9hVlpsTQpFZEd6QVFjY3NLOWVXeDFTdXZPenc3L284bG12V3dIVzRB +QUZ3ZmU0VldRCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBHQm9ObTBXWUh3YkRSb2VW +ZGE0aGFYM3RkbURpYlRTL3NMek5kZEpwcXprCjFHL2JIMFRKVitiamRSM3dHNzlj +ZENNZHFIOVdLS2ZOb29RU2FKd1NCWTQKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIG1z +ZGpQQ1ZDSVdLVE1EVUFRVW9RZ0QwbVJPSUtIYTcveUdBaGIwb2oxbVUKZGRQcHNB +WmJuN3B2VGVlUEJLem9ja25wSjlreXpCOEZUUnZnY3F5YXR1VQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTmtoYlhWL2YxZFFheEVCbWMzOFpwendzaFZsOEIvN3VzNjlZ +cXNsUUduQQpacFI5ckx4TGZPRnp1RFM0SHJlS2hLMnU3NURJcWJKTEZscEpLVU5k +MXVNCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyA4dFFyS1h2bWJFYXZFSkpaNGVkam55 +RXMzSW94NXZTVy8rRHBWOGl4NVFrCktPVWI3VUhWZGZtYlNaVm8xTHZiTk9FbWZ6 +OE5WYUhaTjAvQWFxWDdyQmMKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHZYT3dNK2cx +UFpSV2dabnhIcW5HMlYzK2UzNEorQ3BaRTg3NVJwYVM3MlUKeVJqaE93N1lLdkg4 +UU9VaWRpeCtWQ2V1bmkwMkJvbE56U0lXcEhMVE81WQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgMzJUS0hEQjlNTUEveGxXdHZGVlY5ZjNrZTF1QWc4eEhiUmVsUWRBc1FV +awpkYXgwL0E2cUNvQzRCQlVHQWM0djh5RVJ0SFl2R1p5ZzlEZ2lZV2trTit3Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSB5bDh3ZTBqWE5wNWdVczhsaXFJaXdEZXVBSzND +ajN3WlRVcmp4dW1FN1dzCkxMN0wzV3BIdHRqYXhmSzlLWE0veWJHVlNBOWFncFZ1 +M0x0MWY1dmM5TlUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEpINTFDeUVTbCswN3F3 +QXp4eWMzTUdPTWFGeENOWWhkTTl3WnRIdk5sRDQKWk80VFJGTW5xdkwzMDdaSGFW +ei9RTTg5SFFVRktFYUlPYjNOT1FQSklZRQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZVhldEpReS9jMDRzcXhrZVRhSGFCeWphQjBUU3JiUVVYZnc0d1FUNFUwYwpLenBY +YXMxREFRRjZZTHBIUUwxQVplL3J2WGszNUhXSzhZL2hDNXUvUnI0Ci0+IFUtaS1n +cmVhc2UgPnMjfCFtCjcwT2hGeVY3b0VBSTZIZkI2bEVSUzR0bzNQQUVjNkpYZTJl +a2l5b3FNbmpQQ1F3ZTNDTUE5ZmNBbmhzZE1uam8Ka3BqWEtQVEIzOUFFQlV0TUl0 +QWgzU3QwdlRTWkdUWUNRRlB1Ci0tLSBaeUtEanlxcDV5Q0Uxa25hVnFiVW9KMTlw +TElTNVdoWmxlWFNsMXFlY0VzCpnuSzzkIeZRg56GdBS2gOTaXV70O7kR/9F7deO5 +XJOWo7ES0V1Y3WqNHmCsWHiqHj/yKT3JYBPd5p8tPzW/uwO/4KKfqaG5xY3l01Uk ++zsFTkQh5xRP5vtQ5Q9ztTVV3hp4QLVsBLSwGHMiJyL2BGawLD5OsSehBQ26nU4x +gmE2ZP8WWm2dCTGJBf/JQ7rl7+G54GRK6akWRCT+ZzL9OMA5u3dgyvE3w5Q04K34 +sY8WJIDaUm/Gr6JB3gHTfHaSsqx5NE69EZ2we4qdUW/ATeIa42NLPOYvShGzJdNO +nWC1vemKsUUDR1KzfoZ6W5KM1Dl6f0IzC2e3gAztH0FtZO47is1Lx9jsbVN/FRh1 +aM2bk4LUfsH0CtVqRxEqVg1gXzB+ICe/K4xU8OB1g7uzTYS/rZc1KG2sHJ0fjXUV +m0EdIMiJi4uTltakDrVGBKiNhQAz4V6t/kKkONvFg6wFoVzgm3kOxfRcryWfF0sc +VDaa0kOnDFS/MuIsMENJ0XP5mTO/BQERY4m423nY7hH4Ud+kU9k8zQ3gdNIGwCEK +1j0P61nlu6Y4lSO6UaNgr7xl +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2gpdPocket3.age b/flakes/secrets/nix2gpdPocket3.age new file mode 100644 index 0000000..206918c --- /dev/null +++ b/flakes/secrets/nix2gpdPocket3.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBGdVY4 +TnVkZlJ0elRhQkRSMnlXUjNNb3BQQmVBbmhYYVpqOUx5cE81TXpvCmNYUG5rTjlo +RmpNQmFtZlBwWXY1eDVzOFh0T0F3d210QWRvOEZnN3VyK0EKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHd4TmdIeWdiTXk4QWwvdURNQ3NtUlpNZWpnT2hubUk1RTUvMFRG +MUtEQnMKTEZBV1dPOXlQOTNSNVZVcXUweWZjc0RlQzFybE42Szl3WkJCOWszMHdN +WQotPiBzc2gtZWQyNTUxOSBTcENqQlEgU0V5bUpxNTVNQXh1UU8xYmJLWEROTkRr +UmtNOWQxbllTMW5BZzdNR1JpcwpCMExaYmpNbW5ma3N6SHBDR0lZdHljNDNlNHlM +TTJrTnpKanIvYldhcU4wCi0+IHNzaC1lZDI1NTE5IEJZS0crdyB6UHBMWXNCZ3ds +S1RQL25SdjVkRElKMjYzUXFKV3cyZFl5VlhvQ3ExeUQ0CkdGaGZrNGdZZ2ZsTUsy +amVPVjhjMEg2ZkM1NnF0cTZFNGhFSGpYQzRNRWsKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIEN2bWhSc3AyWjlXWk80NTVpbkkvTllWbnJScS9XWjQ2RUd1OTkzMHRzZ2MK +bzNETWVrVFdIQ0VvUEZSY0N4T2Nqd3c2WEZWS3JqZTAxaTZBaTlmOHpZQQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgQUsycFZocFZPdUxQM3MrU0o1OGE3Rjh3SFlNcXdo +MExnb2hBbHdoTk13QQppenB5THpDV3VXRHdZYjJJc3dPUW9qcFBydUs4ZXA3Z1JO +ckl1ZVJjNzdNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSB1MzRNMUwxb1ZESWJrMVdv +RkMzOGJHYnhnOFdHQ2Y3cjAyemI2bDJoRUIwClpnTys1eEFlNkZ3cStndjFyVFZF +eExaQ0JDRlhGWDVyRFNPR3lBRUdITkUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEJB +RkJ2QVZsWjdqQW1TeVpCS0tpSTFiZDVYOG5ybG5rMjg0SWVTRnlwd28KZnJMVE5C +M1hkRHc2K3RCZFRjU1ZyeVR2YXhWT3ExNGVRNGRMU1NrYk50QQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgYmIwbXd5aXlFUUhJd1VORmxjb0hQWmRZb2lMZ2xBdXJaTmx5 +TEU2Y2wwbwpOZzNJQ2kwVUxBRVcrYjBOMWx2V0F0dWJCdnB3cXU5S2tnZmpQc25P +NnZBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBCU3QwNjdGYXE2RHZtNGtHTVdRbmsr +QzgweFB6V0xyV0c1NldBeGR1UEVjCjBKN2pJT2FJeFZUNDFKRnJMOFBWRGRDa1JK +UExOZkhwcW9WZWxqSGVwbkkKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIEE5TFYrV0wv +MzlicXhsUHNoblUxa1FlSFlmMUhnYy90OXROUkIycWFFRTgKclNPSFdtVzF6Mml2 +KzJhK0hmWDIvUmFlSGVLQ3l5bElLY2N4aWxkNFU1MAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgOVkvd3dmV0hhUmwzQlFBOEs5a1hGUmMxRU5heFNaZWhGcDRYdTd4ZktW +NAo1dGsyMUFlV29hOEt4R1l3S3Y4NndrbHVUR29sSkMvZ0R2SXM3TG9MQXI0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBTclIxdXQycVZlckR6aTZvSzJxY1ZmSVJWNk9j +MWJBYkp0ZUtvNHR5Tnc0CitlQzZDUWw4M3JNSHVkQ2U3MTdtTFBGTmpLenR3SmRw +NWFaNzFJSHZhYzAKLT4gc3NoLWVkMjU1MTkga0hrMmdBIDcyU0ZjeWREdFJrTEdk +c2RGY3Q3cE0wdDh4SGRJUVAvSzR5WmFENWQvQzAKVTZraTduUVg2RHlEME9CcnVq +MFpCbHBKVFNTOG1aUnNIWWJHUXg5T0k0UQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +YSsrbmdVOHplU29GTzNMNVh2aE5OaENXWHE3SlIxa1NuVHI0WEV1SG5sQQpuQWJP +MnllQkFSMDd3S09DNXhxU0pEcEFGRzZabGkzTlM4ZXBNWlRkMU4wCi0+ICEtZ3Jl +YXNlIHlEWmUtSzZeCm56bkR2UUV0OVJGNENzRWt0M0NQSG5acHdQazJFb1JFdGdq +aG5Lb3BtTUF5QmtKaXV3YVJOTWpMdnRodUx3NkoKNmpkeGw1dlB1NmFpUk1RbFEw +dwotLS0gc3lycXhWZXBmd0srSjhPTW1vMmN2REs4TWI0VUhiaEt6ays0akJQSkhs +UQoyTVD7Gbo16BII9fA/kbWQA9cLwAIJC2eJldhHa1Z+/nCLTYoolHFvhDF1kNNU +Q1VUi7Hwh3WfIZ5U9S8Bb1gtesAXrjAVoa07IuuELmY8P1aVnhO1Dh1E9bXhvjs7 +T9Qz5iA0R/IcMGzP1khAwda9urAqjtqjgNJOO9tOnKGOfCuUDhsPVqCZAfag4MeB +A/UbjmKvQuoMLnx4r8AdZB6hEC6OvT0d26e1EzT7o4C4nXYk4+ocvNY2kp+9N8d6 +C5qxI5juVeZenESlAxQKqaih6wUI5Hb7vlbMM3LvQqmSdwspOCYvji34LTzE2Vl7 +fTb9us7PpueVWLfzF2ea19B2CNZR6VWJ8d2WNDSGhoq80H5k9fawhq/PzgB/CLzB +dArCKrT7pL/L4oQVXuRC+2dKSmOm+hlrWHS1rwWEbgA7iQV8MR7eaHjUKEpRYC/W +0oSyCsBNRTJrTQEZfknGgIK9dAKM2Mx1rw/1AbPrtcJe7aHI0R1wK+bSgXOrYgWX +78V0+RseYYzyPgb6LUwkrA1MAsMp3NqQFts50DZ/x5ZBrKGWyEWO96Sg6oMCz+Gh +2S5P02QBaoTSyuhHpg== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2h001.age b/flakes/secrets/nix2h001.age new file mode 100644 index 0000000..07148ef --- /dev/null +++ b/flakes/secrets/nix2h001.age @@ -0,0 +1,48 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBqZkZV +ZFlDOTkvSkM0NmFlOHlIak5KUkdEZnZJRnJOQ1hLc2pkc1pGODFvCm91Ulc3aEkv +NTUzblR2ejRzM0I4TnoyYVlkQTk4d2RNSTRUVDJ5bzQwVnMKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDlwQlRHSS9Nd1VZV1BRRUVRRTdjWGdKQ1hiRitPMi9KcW1JMEts +eWpnVFEKZ0thUVhWbDZxSHY1eFQ3OHl1R2JzRDFRbkpnMkVQRGhUYi9oa2luaEtx +MAotPiBzc2gtZWQyNTUxOSBTcENqQlEgWTA4bTNxL3E2Q0h5MWhnN0x1a1N2NWRI +K0JteUdIVTY4dlhtc1JYQ0pFTQp1Y05ob2hRcVNhbzJpSE5ReE1hN3BlTEsvdUtJ +STVRdlZCWW8vQWhOblhjCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBRYk42V20xZS84 +WGd5NWs0d3ZmcVdKNWU2NlBrVjM0OEdXRHlVaWRORlRzCjBZQ3JaOVFYazVDeHBa +RVhieEZJRkY2KzRSZy9LOU50VGFiRWtsV1FyUUEKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIE5JNWQ3SHkzcXpGZEZVRVRZZC9GRVRvWDVvNHZkbGpEMTIzUjdNME9YMEEK +UytTTVlUUUhjaGpVZ1lYV0ZETk04elYwZ1FUdGVlMURGV3JwM01qK1M2bwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgRkNvUjEzdVRvbUxyMGQvQXlTU1NTM1NWd2tMdW01 +RE1zd1ppRGt6QndoTQpJckl2VitBR2poRHhmV3RWSXN6amg2aFkvcTd3aTRIRkxU +SFBMSkVERG9JCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFcStmN29VTG1jTEtiMTho +V0hJUWFxemRrNnJxL0I0T296bmlvQmt4eEdvCkR0MFFORzExZlhDVXpYT0VlQ2xY +SklsRkFMVDJzQkpPemQwa3NOYUg3VVEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIDdF +YXNFY1F5MElweVhtQjdkQTAxYWo5Zkp5R1VoQ2s4dkhnUmRwV3R3eVkKQlZ4dTNS +QVlkR2FnR0pyQTlhSWRQNWtnT0dCbTE2YThiZWV5UGdUNFc0MAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgT3luM1VmQm9tSG5majdWeEh6ODBLSm56ZFpSTUVmYzY4K1M3 +RSt3cGMwcwpLUWpGREU3dFc2NFFtNVZGSDIzem0xZGF0aXVhUHFhUEIzWGMzUDFT +L3I0Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBwUml2WFlKSFdnWWw0YXczS3hvZ1dH +d1BLYWNpL1plYXhldDg4d1BHYjJRClZzNkx4S0ZYY1MzeU1aU3d0TlBhcHVvNlJn +NDN0Q0wvTCs5eS8zTnFaK0kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDAzRk83R0Zw +ckFzZjNuSHRpQjA2cEsvTnRKdDBRT3hTK1krWTA1Ykh0WDgKWjlEN0NlYjYwb2NH +RzU2N1lzWjI3eTlCSXgyZUIrY2UxUzdwRVY1a3FVOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgYmNEaW9ESGVaS21NQWlITmMrbWQrekxQZXI5SExYbE94ZFhNcWtxSzd4 +OApkMzVTSHBSR1BLS25vaFUyaXZQZHE1cDhrTmZENGZNTElINUxwUzNONzdnCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBqRXVCUEdEY21xblVXV25sTW5FTkxMTTJPL2pt +U0VDV3hZRC83TVVnelRNCmZXRnYzS2NqcDNIV1k1WHFOVy92aURVVStDQU50VmZl +T3lSZTNveWpNVEkKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFc2c2lrVWZpbCtXS1Jr +TFI2RFRYM1BNWEJjeFUzclpXTUF2OGE3MmFNSHcKV0dHQngwRE14VlZRdDJqTHhQ +dTMyL0JMN3VRWlNRTVZka3VuelF3QW92cwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +d3JwUyszcTl6TU1XVHA0d2RNb3VPa2I1ZzFqdzJyR0ZTTTIzNi9VcnJqQQp5VHVh +TTBjWXgvb0daeWN0Ty9DTytRMkVES1hBR3M5YWdEanlYdDJSdU8wCi0+IF99LWdy +ZWFzZQpnZHBVTGZvYm1sWk85SzVOV3FOZkZtM3NKNlFLdUxDRkxBTQotLS0ga2JS +NGc3N3o1YjBOeEl0L3NVZVprNDA3VFpJdmt4eW0yYnJ4VWdkdXBoRQqosYCeWC24 +SETTy8dVYTN0kWZBhYxUQDb6mhHPZrLOmlNyDeambLNwpoGHGpxUy1vrYL5cOmBA +pZ4lLKvAvm+lj7FCqX7+uhQi5FohVTm9bz1IsJcId82yf6lLjc4p7M+ww6icM0vH +DHHsZ2ecQiJKOvf8BUGgAxBkkdy0MWVRAAtOAqadBRtaGB5902FOI0gWLyAyFqlk ++P/pHRfob8PlnWb7MTYsUVgIBtbV/hIcpSx7BIsPTsdr7yFirhfoC4giBMT//2Mz +e7NGN2bX93pAUPWK2P/k3geArT1zJoFeyOpkyIhnfeXaA8WKb5juA/Rly4aGUJO0 +oQKJkNGg3DPQMAEwwaijjuz19wd3o46o5la+2L/Yx2fCPDcwOyYzh8wVdc2eq6Ab +y3y1wlFfMLpsuBSENnCQTPCWimTOk2lPUKEjDtLXCtucwyd/fzjHCjF1iR5twVrw +id5+60bFV73v2QsQ6+qnNRj2Ea+LRHA48NtQH4Nedv8xlhgqkR0tD8mZc6Xo65MT +1Lj9suIPCf5L/j7GiX4MPDt/uptHJEckGMEo0rrwINBps7K7XrQLfw== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2h002.age b/flakes/secrets/nix2h002.age new file mode 100644 index 0000000..c69d953 --- /dev/null +++ b/flakes/secrets/nix2h002.age @@ -0,0 +1,48 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBLNmRV +NlNNT0Y0cTZVY083b2U3K0tORkdxR0IxNExrL2EzWmM4a2hoUkF3CmlDWmVaY2tV +OVVrYTBXeHpIM1lkOVBPeG9qOW0vL0hmSlM5OTVjcFVNUEkKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIEJJcGRpcnlSRGFtNzFlUWt2OGpxTUI1WG9zdzRZakpwUjkybW1J +MkdhaDQKNEMrT0VVSnZKYzZscWNBdkQzbXBsc0liYzI5bVBkZC84NnZKYzBtVEZ1 +TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgR0tSZVk3M0hBd3djZklhVmdOQk5lcXpm +d2NoL2RrVk0xLzNxRWVIWU9YdwpXQk0yQStOY1JFNjF0ZWhkS1gyWGRhTXpkUGdI +RGlOZlBLMnFaMGVVSjMwCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBBZDluVnlKQ2FV +NFBpZDZJQmorYXVsV2lHMTdLRkVjSjZPNHhCUk5iSVV3CjdIU1RaaEpocDF5MHNj +blFVdGJjR2hwczNOZmpZdElXSURLd3hpQ0xvQncKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRICtWcXVMLzdGOE5xajlBaWdoMk5lL1J0U3JCL1dZQmxnOFpsK0Z2ZzFvbjQK +ekFWSVgxdjZjQlkxMTlCYnNPMWN4MW1YY0xSZFltSk83RXkyUmZBakZjNAotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgZDByMm1IanR4ZE5EUExyTnNNVVN1RTdTV1BJak9E +TmZYbEZOSHNZbFBDRQo5YTZjcVBrbTExazV1a3ppQ1Y1NUZhUUNqWWhLaTR3NkVx +YlpzR2xNVWQ0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBNMEt4UFIwb21GOHk2c25j +a0hpMkRQVGhCM2NFWmNlWXA4SElZUlQ1TlY0Cm9CVVBDQ21PbU1Fd2ZCclduMjdq +aXNuZS9lN0dicElXckxhZmxpRjJDL3cKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHA3 +aTJ5VUJROE1PZXlGZjF6R2J1OVBDUWF0N09TNmRkZ0x0YStxK2ZTU1EKWDBkK3FF +c1FCSHZvZW5YMHBVSis5N1pRTW83bnpQZGY3dTlOOGNJT011ZwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgNFhxRTdZNm9OUm1zOGpadi9jckxOMnRhbzUwL09SLy9JRncy +TTlzWUVuTQpVdUFtWTZhRStkN1F0cEh5bU84YW45YmxtYzlXR2NOdTY4bHRZZWs0 +RjlJCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBXdWo2c3pPY3hmRmp5Z1FFdERUUzcz +MXRRNjI0ZVlLUzArRFhodS9FNDFNClZyREpwb1IxdG14TFFSVHlkTFNVOVlzS3kx +M2FpSkhReXljSytVczR5MHcKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGdIeFpXODY1 +QkM3QkNkMllnWXFyTlBpYjd2SkI5TlNoT1ZxSldCN2xGeUEKaU9XSkQ4Tm56Tk9B +Y1l3OGozSVk4M2ZFejdwR29Sb0NsQ0xrMmZzai9DawotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgUXVkZUJhbEJ1ZnFKSWRaVUIyK2JCcC9PbDZjQ2VlTURWMzBOM1loV2hV +dwo3OFVtR1JldEwwSjE5NGJKUEVyYlBzTmJIYzBYSCsyWWU2TnRwaEZLeWM0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSAwTkpuekFzUHZmWFdRSjRnY3YweTlWYlRjOW1U +a1hXRXFPakRNUzdxVWxJCnhIYU8rUGh4dy9HMGUrVi9aaU5uL3djU2JrYktaaTZI +QVlMc1VyaTUxTjQKLT4gc3NoLWVkMjU1MTkga0hrMmdBIERkVmp6eDBvZ2dXdURq +WlNwZjJMN3FLVXJEa2taYWJjbVlLVXBsbkl1MjgKdUhtQ1RFS2Z6U2t1M1MraWo3 +VWFCZERRZXJPTjBNS1FkdFZtdnQ5T0pBUQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +TUpKaThiUVJWUEF4aHZQMXpkdER3TzY3cWxWV1BEbEd2TVRkT2Y2MitqYwpsbDU4 +U05mN0xmY3pkNWtiRTBPSVgyUUhBTTA5cDc1aFJEUDBjU2owd0VvCi0+IHAtZ3Jl +YXNlIGxgcisvJiUgXWVsIHZrIE4KCi0tLSAvREZvRE9zUlRIOHZpYUVWZ0pyQmlh +K2ZubG02bjRjdmxBcVdLVENIejlVCtydnNICLzNyabsA6H8fhwkySlITewQ0vFBQ +GvfvDobgKzac8kmjDDwiIBwRI+EgVznSecv+Oqi2sJaodIxGaYgvEh+FURMfYOPX +K95ykf+R4bAowyG66i+mg9vthJU2O4v43R4qN4+0CVrArqhQp+ywNERsTV/2pU3f +bTFAYaLaLihEFDjCy9+p/D5l33Ns54FYAtBtQ/Ut4VY43i9inE/qohM6vy1W1SgY +THW3pLHvB6WlZvv4uD+IXK7GJXkedKxIuH0pGWLTF28aIlWTV8QYlCYpqpqaYs4X +87oze8zgPCNa2xODkQnYUI0GX4Fg3vP1K6R4G4DtCOytZdDYXncEIC4+opOoNmfg +xuhjELH+eZLXXRRd8PPrPTWXQ9CjPOK20vwc2To3Oljt940di6+886j2vFEBd44v +A1cjFG+K4mQ9GvdAk98EgRVXasmXyKnRdc7kFym9EY7guZtoA0Bav7YCn2vMwF7G +yLmxss4Wa7UA9v3GF270M/fb6D5u9qcDG7v41wYSldfaqSDs0Vw1ZfaGBYAXF5v7 +GgU0MSWaFyHej5xq5UVTlMtWh2YR +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2h003.age b/flakes/secrets/nix2h003.age new file mode 100644 index 0000000..01a858b --- /dev/null +++ b/flakes/secrets/nix2h003.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USA0dTdj +TDY2STIxTm8rbnNWS2J2VlZxcVRFYzdBRElDT2RUR1pRd2piaDFZCnl2d0xoUmg3 +OEs2bXNUY29RQWJ2WG9GMXIzZCsvcHRRUDFvRFl2elR0a28KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIFJsbjBZbFhEanBaSW1BOXBwbVQ5eUtHSDRQRzJleTBGc3BlY0dv +VzljVk0KZEg2M09TNVlvYXAxaEFaUlpkLzljZXVQUE53aEVLQlZXbVBpdEM2b1Za +VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgLzQ0MVpLWXMvSXkwTnk2VWFrQWNtdVJj +bURKUzMrMmRqeW9TcTF4V3FtdwpVQmducWt2dkVPQklma3h0QVkwZk11cW9SMkxa +Ykp6amg4RWUrZEpFb3NBCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBDNjhjTlovT1J2 +QXFPOVZrQ1ZFWUV2cnF0eFdTR3g0M3VFd0dvU2hVNEFRCjdzR2hZR1pKUkpJL3Uv +VEdPNzE4TGtWRVpZeEROZGFNMXRtc2pFYTJoMEEKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGlhUGZSUVhtSDBuaTF4a2pCbFNqUk8wN1NGT1cvbkVqUmk0cEVCTkhoa2MK +OGZGdlZBLzJCOG0rN09BQlFlTm41NVh1VEdZWFRjVTVMeFBRMXB5dktUZwotPiBz +c2gtZWQyNTUxOSBSNSt4Zncgc3EwWEY0dmZPT2ZnUlN4Sk83WkE1c0FldGhYclFK +T092dm9rQjY3TEh6UQpFQlFTdXBJWVY3aUx6Y3lKVDBGQ3ZHbVJqMm16R243Z3VU +T2lHWVdNMTk0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBuUTNLUGIwMzhKcVVyeUNG +NmJ1WkRtdS9FWHQvTGROL2ZiUmxmVlBIQWtZCjZJMUduWVNQMXVZRk1CbjhCTnFX +RkxoaTJuelV2bW01T0hiTHgvNTVZc0EKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEl1 +SnJKZ1Bwb0lsN1dTZ1I4YVN0c0NaUDVEd2c4SjNTRkw1d0ZpaTF0RHcKTzBabFNx +d0ZjTjNoemY1UzVBemd6QzNIQTl3b0N2WVdWUE9CV1VzcVVtcwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgbGI0MjhMbDFZblFud0U0Qi9ibHhSMlJTa0cyRHFJNW1tcnZQ +ZUNma0VoTQpuNG5ra2hwRlpneWxkTEgzQWlhMkRJVUMxR1RVZWZXWGloUEtkcWdI +RlFFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyAwNHF6Zmt5YXViL3o2aVVKVTNSakVX +eFpuSHN5Ty90bGI5K0l5VFVtL1NvClBsa2tRMm1QSVlBNmJ6T2JlT0V5cFNmV1c4 +Tm5nL1NiOWtGWm95VE1Ya0UKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGFwdWhWNnBQ +N1lYeC82NzNHZ2d3TzBzUTcrcm0wWGNPdEc1cUtndTZRM1EKTmxadlp6WC9BQzhJ +S2NIbjM4OHNpUGJiZkhOSXJDSitiNndOYm5VWDlCcwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgUTFOZUtZSFJRUkw0eE9wd1ZCcXd6Z2RvUFVsUnZBcWlSRXlHU0lWcVpH +TQo0ZUszNFF0NUdib1BpZ1FnM0hBUjFsMHdSTE1ma01OUHRIWXFUMmJRbWRRCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBocFJ1aGpicCtUTjR5dEw3RTNya1dINTN1emZl +OVF4Ykd2SmMyNUNqUlJNCkV2ekVCNk1uNEZiTlJYVDVsREQ2cCtRR3pVRVZZek12 +aTlLelNZOVVXZG8KLT4gc3NoLWVkMjU1MTkga0hrMmdBIC9aT0pJSEZiMTA4c0Vi +dExPN0ZtT1BOY2ltNk95TzB2K0J6WEJaTUJ6bG8KdWo1OFpTWm1JWkRrWmhYUzRl +TUFJTHp5Mk9hVXZSNXFHM09IZHZOblpqQQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZUpiN0RMRUhKM1ZvRWJQYVNCVzROckZ4SDY3NU4xb1djcUgyQW9xRnkzbwpOZ2Fu +dXNnTERuOHFoVVZGMUhpb2N3MDhRK29NVjhuRFhyZTdjL0orQXZvCi0+IDtXeHd7 +YFBpLWdyZWFzZSB7PCBcfkRZey4gI1d4Tn4gXwpIVDhGeFk2K3dOUkhBWkU3SnRP +THVSUXBWTVJBSlZVWERqL1F6NjFYQUJHZitiWXJhYjFHS3lmd1dDVW4rWDZRCmxC +bmt3NTUvZ0dScGFUaFJ0dwotLS0gTTRUejRxU2ZKZVN4MXkrSG52dHJzamxpdjBC +aWo0a0lmS0xWeStFN1UzTQrI0E7L65ZYdi9LJwZ3nSgT7WwwQJovYBqw7YO8jE+n +1iAUsxo+nj7V7ub7D6IxBaXupMwqqEGX/fUgLyHrckL8V6RmVfvoJROp1Vm7HncW +xqoFr1cj3n6p+O+xQPFy+1uVSktCTvLgHDNHavRPaoT6vP2FcvQkI7jczbGJel55 +YBA6bLrMLsn1+MmY5oT61huymRbKFyt3c7+u/vqYwD9/J4/KPW7nO0hCQ8LBJEm4 +KFwj/6d8zyLFGRB+wwH3pEPFWZ17/7tK4xRR3jUw3ertMKnLtpYpI7sCOhCStH5G +6CTMGgmWOyPmccVfWF3RSnuj5I53nnkYktWcc3o+ak8GCw8PBJvAfkAJyNjrSo6V +QTMX9qsrL8SydAXXFk2lNcv3maH6RgRB9ycPGak/ZsrFP0VkMFpOLIfqjJMnfChY +CUi2b1iTMlmw9VITSfgh82mue+bcevSaP6KboeksBq2ah8hSN80WPtb7VQNUNl/u +cQT5DoyvaIxOstiVpBy7DY4pvb6c5iWkUuuDiHrn0AA4XB2skTNhGU1oty0YrDFB +tnRtsOYgu5d/53Fcd8aUNg== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2joe.age b/flakes/secrets/nix2joe.age new file mode 100644 index 0000000..befdff7 --- /dev/null +++ b/flakes/secrets/nix2joe.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBrRFlo +VzhEcDJmTStuQUxxcms4am9idGpZYm5HVndISDlDMzVVVGl1ejJBCldYZllDcGEx +QVl6NU1vVjBPQXpLTndDdUZIRWJmMC8vRWhjOTRDUm5yTUUKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHl3SGo5eEdyRWlYSmVZaWhJNEt0VWRiY29IN3AyeGdYQWtuKzRL +NzJrVUEKaGdSelBON1JrbUZGVnJUL2RwZzZVWWJxVUkxUmVrVHdTcno1aWYvbGwv +cwotPiBzc2gtZWQyNTUxOSBTcENqQlEgQU5Ia294NGsweUI2NUs1S3VZaVVEWUtZ +d1l6WGdPcnBmck81UGQ1Kyt4QQpwUG5iaFVUNG43a3A3M1FvUjZGd3ZtZzMrTUFm +amUzcHI4Smp0OXdpdWJVCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFRkd4U2hvcGRk +ZjhleWdheUtqVjBRMXdwZ01KY3cyck5tOCtBaXlBc1ZBCjNvUURFdEFpZ0VteCti +Z2t3SlhRbWMxakRHbFlPMU5HZDlOV2R5d3pWdHMKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIFVZRlYzSU9FZUpoMnp6dVJPR21Zam96R1NQOXJQSldXOHNGYkZnR3ZxaGMK +eEJvbzFKY1R3WTJVaTN1c1hnTWJ3ZU5OZjlZR1kxMXd5bmJYNDRBSWNqVQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgUHBaY3ZaVjcvZXMxLzRiUisxMnNwV2hlM3NxR05Q +aE4rQjJ5ZDl2eDcwVQpUM1NKNHg2UmtPeFhGbkxTUlFtTFJ5bjNSZVNEWmVKaHg0 +cWpmT1VZZFZnCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBKZnF6enhLS3BzUis2azFK +VlFDVTZTRTQ0czdNclBGYzROUEJHYlpod1gwCkpMb2hSRHVFTzVTZ1dmM1Fid2tl +bkhrK1dMdmxZSWxhMFBFM0wvZ2tuTW8KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEov +MGpzVlFwSi9RUDlQSmNCRXRqaGNpSHFwa1o5emdOcmY5UFREejdtencKVHE3OGlT +NnQxL0xJdTdYTnJQRTl1bjJNZDJ2MVdnWHlzb0pZS3JvYW1GbwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgVVVrQ2ZJdnY0WHRrdFBidDh6ZGxCQThjMk1DcG1UZ1hhMiti +WENKclB6dwpCZHRhU2NWZTFQYUFWYUxCUlBUenZPVDdQa3pXaVE3ZUdSNm91MWxB +SGZFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyB3QnVtWjlsOHJvVmltSkdVY0wwcmhk +S2prNGg5UE0ydWdSck4vMFY2cFdzCnAvOUR6VWtEOXd3OE16ZVROMEJraXVTZHV4 +OFdmQlRXcStLa1l1eE5yR1UKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE9NbklVa3V4 +aU5ubnk4WUJyRTdXRmIxT2YwODJQOWZ2eFdYUHphSGlwWFkKT2ZWWWF6eGc5YXJy +NWNqNE4yVXc3MFA3eVJQbDd2Zm1FUkF3M25LT0FGRQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgNEZaNzVhZlVrS2FXTlRXZUZMcWhwNnVORGJKYmErQ2FIRDl2b2wvNDB4 +OAp3NWdNcjVXb2RLczJGdGpyaFo4bTVLMGk5QWNQbkJpMjh5U09kbENVS05VCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSAwbXFvZWVaTEp4eUkxVGkvcWpZbmRnWGdjeXdW +QzgvbzBnbU5KWE5Ba1cwCkxUNnkwTkFFdHpuRlovWjh0RVE3U3pIc0tVcXY3RTc0 +NjRaRnE0YXp4NDgKLT4gc3NoLWVkMjU1MTkga0hrMmdBIGtraTV0YWxFVDVkb1pE +NHpVQ2h6VGh3LzVRTG02cVdGRHpmak4rT2h6QWMKS0N0SFpyY3lhYlZxc1NQbkZW +VkVvQlAwejF4aUpnZmY2RnlHNDhQVHhXcwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +dytPUnI3MW1TckplUDZWRUZrUVN0aXhtSG1OeWkrcEIvVitxOGR1UHdFNApxaVFP +cVNrV2YxNGZQalZ1aTZLbjFYM1hWRkpFM2xhRlZTN3VNNFlaR09JCi0+IFEtZ3Jl +YXNlIEVPUgo1b3AzSWtZdkdwWEM0bVM2cU8rdTkxMFpTV3BZUGgzQ1NwWlJ1UXMr +dVIyMktqZjBRSzlrQkh2V1dGM3NoUQotLS0gSW9aS2RLNzZMQXlVakF1WDNzNWl3 +VEpQSVVWVVZkQU1FZjBaNHFxdmFzSQoHZa1y31EyfxcF5zL9Tp0efLfm1Ak/v9N3 +IqCds1BYhPDeCECA1zHdGZojhrxFuOyr1H/uSKuksPktfi0K7F73NsQ8Prf3hiVg +C5Ckh540/7lv8Y+f6eOSlbUUHkO/UftqyPqPwl+L3cHApoSN5OZJz+nVgJROQMBY +63lxHjw170/E1BNsf2jqdHHJUwyFd7hia212PqCQOyh0wbc+6E0t/9gDQXphBxC2 +/EpwLgBf0b8+nzGVZ0RP3wkegZyl2LYwkh+PLhRTTJOulE664eaJBFRpW/wfw1el +QaoEHw52O92IE6KbM7lQ2ujmHYG2aKBf/u16DfkDBrHSplz9bolcueppa7ubLgfU +mEacucUtRN2k+kA8S0UVZDsbo2oQfQL+fgq6Hcx1shpIFpugyhDMMHDD90cvAs8w +Keg8jHbTEtVJAtBmLYraeyGXsla1vPCcoXfHr49ej3Q4B7pMmReMtMEP/BDKy6pK +csPW/lebooacQpu1fjVyYyW/AgJHa0U6oZTr5i65FNYd0nQa07D3bYO3o7JUFZoB +Ah7b2Pj3Wv5Uzxka0R13xtr0Ud7jqw== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2l002.age b/flakes/secrets/nix2l002.age new file mode 100644 index 0000000..0866e44 --- /dev/null +++ b/flakes/secrets/nix2l002.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBPODJ1 +Q2VxRFlMeUcrS0V0ZEhGdlRnRE92TDA4aXUwdDVKYUhBaG11R1NVClRUNnlJd1ow +MkliL08zZE12bHRyaFZuQkszMU1nL2pxT3hIWWlObW5IUE0KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDUzVXpLblJLZmY2UHJnQ1FIV25WRjJEWEYva2RjRUFNbkU2TkIw +Mk9hUTQKK2pMSytja2ppbE1Vb3hYVWhNMG1wUW1lNjRGMGpseVVpeUV4dkY1eTA4 +NAotPiBzc2gtZWQyNTUxOSBTcENqQlEgWmV5NW1rVGk0Y0VBTFJ1bEpGbVFqdEp3 +ZVhyWkpaWm1uUHl0L2N4WStRYwo5WE5LYnUrTldDMGQrbDhtTEl3cmZGT21FNkZt +NmJ6eVBGeG5ZUjhCZE5BCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBVcWZqVVl5VDBP +azJjL0p4VEJnTzJrdkRZdXNSRGpIdXM3ZWttWkluMlc4ClJOV0xTOU9PeHhMeWpD +a0twcCtxYklUSjF1R2NseFF3NDk5eFI1Z2Z3Y1UKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGhONk1uMk5xRVdFUGZhNkpHUWhMUTN5bkkxdzNTRExqOGlGZzdOZzk5U3cK +NzJVSFppeGpGSWdob3ArTDhpcEhNSmVNMm8xcXRUS1crN0FubTR0T1BnTQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgcmZ4MzRQQW03MWpwK2EzYUtaL3pPQmhhVzVBK1U4 +K3lOSDhNSzJreUwzWQpKN3BYSUg1ZmZQMEFyMUJRUU53bDJGZ0ovd0hoRWFOdEpK +WVJUOGErZkFzCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBSblVTemNRb3M1T25yYlhS +M3dLQ0oxZmhLQ1Nldkc5NVY4bDVMcWpPaEc0ClFDalVaZzMzUGxNN0x1eEJRUklQ +aWwybzJhNmJNNkJBSkp0WVd4WGxEZEUKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHUv +ZWdmZ1RUZWZIckkzVENjblk4a0lVbVRzL3lDOFZhQk15SnU3REJwaDQKQVNncVdL +R01RM2FQekJXcHdYb084SzRRVGcrcVdMMmIrWXozM1BXcFdJRQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgeGhtdkMyTUQza2t2Y2ZGbmRNbXhFSmt6MGNNTWVGV2xGKzhN +bzB6REhrWQpIUTNPanVNZXQzMHlWQUduZUMzdk51bnNqM3Raem9pRG9iR1FRRzBm +aTIwCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBJaUM0QkV3M2R1czdwYy94VWlyb1Jr +eUUxRU5zWU9tUGN5R2lMdk4rUFMwCk1ZMkJ1NW1abXRicjRkcE9CUmRqVFRjRlFv +d2hHYmVKNTVYc090ditMYTAKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIEpFYTNQSDk5 +Y2JXL29YaTExc1ZiWkFKZUdFcDBjd1p0NWh0bkVXSk41aTgKRmZuWHRuNnpqUFNp +OFVZeVhDeXJMbUxuWnBvQVE2R2NwOXFQYXNnOUFsSQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgNmlsV251TVpneWttdGVKVldSbzg3RE9ablQ3ZDhSZE9Sc3Q0VDRUc0Vp +VQpXZ282cnFmczRvb1Q5cWtrd2NsdXBlejFMSUJwK2Z3Zmd6NEpNNUxJMDBJCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBLOTNlbFFPdVBMbElNcUtaVGVtVHFjTGJHQlFz +NUdDYnRsbGJEbWVsdURRClVnWnpuT2dhUDV6dVp0d0FoT0gxcXR3cVJDL2d3Mm5G +dzArWjhsczd2QVUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFIvZGVGTmJ2TmJxR2Vm +b05RMy8za0liMGRLQU5XR25DNmladkgwd091Z00KTElBRTF4N29pbHVHYzAydVgv +TU5BRlVJeW93NVFtZEkyK1puUnBEVUJhVQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +ZU5EY2kyZWVVWDdEZDdZSUIxQ2lneWJrL1g4Ry9NcWwzOXo2ck9nam1WYwpRWlMw +SEhMR2VHMWNyS01TV0RQSGJiZzNjWXRRYTc2U2w0QnhpbFZzS0pFCi0+IFBBQC1n +cmVhc2UgXU0neTEgXkd1TDhHLHwgWEc+ICExVwpSanE3MWgrYWtEQ3JYbm9POE92 +cVVLK1pBaEdGTnVBMQotLS0gQk5Ud2dJZHRzN0RZTTlZLzdvTVp6c0pEejFBZU9l +bnA2Q3hGcmVOT3NnZwopOnc+QlhQ9rs4u1VZzBGuVT1C/M1+of1PrkVrG9FspsTv +k9M3NSrz1aCMHSgX+YdH59xr56PqsRjP6nok8+2XMMs04g/sfbQsBG6GIy0l2ke9 ++RgoIQ/7yBY6HhcSfBK8OGHsBTypj2iWsXmHji+JJHgXelLBQxPhiPh721Y+aR/g +6dhgaSkeiztKbzuXX8Y4idAx22vln+a9IhCeh9ObUucxXoQ7PsJXJqPFr4tqJfWe +R2wluD3RtZxzbkvKcmiVvgJt2pRRoMPC5tn6Se2Hl08fDoTR9Z24wK5igtu0+rBp +tALfNh62Nl2U1s4Ukd+5eH28vC1QEz9UqnTNvi7o+1usmLsMIjwagEgfUB+yzaT+ +8VJDj4Y4xfI5WdgbWe9A9JFk4ve8Xmqkkg8zlaveEg/wSMDbiZP5NV20xHDIr6kP +yrctn77Vohff0iYL4Fm38FgJfODFCLsHYOok3OgGGySLdTZcYZ69yJjlDm5m47ea +vz2zRL4m9MxS4vE9eR04T5G+isZnLZJP/T6SImvSKHKNpeXLSFbycRLYJkf0jNCS +g1ym3Ql3lTyozQVBCg== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2linode.age b/flakes/secrets/nix2linode.age new file mode 100644 index 0000000..21529d3 --- /dev/null +++ b/flakes/secrets/nix2linode.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB1ak9y +UTJwcVZCbmd4d1RPaWw5MDd3TTc5WU96MVptcVYyQVIwMzJDMGhzCkUrV1JQMlc5 +SnNxUm9UY3V2Tm0rVDV5ZTFLeEdYcG9qZWc3M013RjVpVTQKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIDJBK09UZk9jOEFPL3NXRmFaOTJjM2FlalRaSEhESlFSZjBmN1hr +RUNoQmMKcXRlMGFnOXpCWjMvTGRLd0FmcDlQSmF1TUhXdXcrNXRIcUh5dEZqbDlz +OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgSnphbHkzZjU1V3VzTzF6K1ZkcVNvcmp1 +VkxhWDZPTHp5bmlxWGVTOHp5SQowZXc0OS8vOHYreEJXbVZudUtKVVQzR3cxT3RC +RlpJNVFKN09kcmFtaTVFCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA1RzdxQjVqZG5G +UWtlUXpnT1FsODhaQlcwclFvZGZmb1pJY3MyRWtuZG5jCjI2QXFGMEFRVzR5MlF5 +QmNXbHQrOG8zbWpCU2FWVEhKNkhuT2JtNko2REEKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIHB3bXM1TVNBUmt2VFJPSEhzZjBZQVdVcFVNM3k5Y1ZCTmVtTHpObXZablUK +RVllREl1eGNJUmIwZkhtUy9JeEo3VHpWRFFGNG5QbTZNdzN5bGpWeXlwSQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgVmVqYUdWVFdYbThTUFIrZThYOWI1cGNFWTJnT2NS +RHBzbnArbkM2YXVqbwpzSEowTi9oU3dnOTY2R29GODRpU2piRWFUSXFBcjlXanlR +SlNZaEFCaWFvCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBFRGd1TWViVFRHQlhEd1NY +RC9DRXJxUE5VazhkUHkvQWRLT3lrY0xaOUFzCndNUk1USXJ4eUtLQ3hjOEtLaXBJ +emhmRjJFT2xreGRtWjlZaVo5ZjRLYTQKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIGZ5 +VUQwRlVnUTZFcXZ6ckFvQUhRZzJFMVB3dS9RT0ZOWm4wSEJGVExaWFUKYlFzSHNs +VUhZTWJjb3doQ1hQTU5tRWQrTWhjR2E2cVlLUWltZGhaWWM1RQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgK0I3MS80aC9MV1ZYZUkwMGk4VjV4Tml5OG5Na3dyS1JWM1V0 +a2FUaWhVZwpKSGJJY0RwaW5lYzUxc0dWaTlxdFBwV2o0c2lQWnFlQng4Tlp1bWtn +OWhBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBRVXJYMmp1d0RXNFlPWno4d3pDVUVD +Vmt0YmhyQy9Zdk1QdmdweTlaVlFRCkEyVmttUjhZSDBaYk53ci9UbERiaDhyRGR3 +V2lpcFJBK3crTFZlVnBvNTAKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIGFiQ1E3bGlr +bDVXMTNyVzVwNHdwQ2hnVi9Ld20wSnczeXZ4WVJ6MlZnQkEKOGlTUVVBZkVCOWg0 +N0tFTlNxZXFqaUJEellpRVlZM0JyaUZNUWV5dTRCRQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgSFhTUEx0N3FIVzAyYy9rRkZ2OUZBYWVQcmhnYWU3N1J0V2pEZktVQTIz +cwpoZzhPRThka2JoY254VEZFeVFaN2RDVDBKZ09MUXI3c2VSZmJyRUMwYUd3Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSArazcwb0lLb1NxbTVpbFlKWmJWcXdnK2pXd2xi +ZmpxNkliZ3RCQ3VBaUc4CjNUOFRJaG9kZEZFKy84ZTJ4aU83U1NEcWJNd3hJZFFY +amdqV3hIZit2M2MKLT4gc3NoLWVkMjU1MTkga0hrMmdBIFNmNHFrdDlpb05EQlE0 +ZVhqcGpqNFY4M1Y3aHVlTUNOdnJ4VktxbFZobHcKTWd0emd6RFMxY25kbDlNM2I3 +Sy91ZVlOVkl6V3JqTFBuekFLMUs4NjYycwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +aWFYT1A0MDBSMHpzb3YrNXNHNjc4dUtoNkZ1RHlSL0tWV3RscTlocUd3NApMT0FS +MFZIVytLeGF1WDRKN0ZydEltVkxmaWF3TVdWV1FraTcwd0xzODVvCi0+IGY7cUxl +Ni1ncmVhc2UgOUwtR28geWMkcTwibyB0LVU/Qyt5SiBZNzxsYEJEQAowTUVXa0Yx +ZStNYWIwdzI0bXo2R1NWTURCMVVRK1F3WW1QcwotLS0geFBtNS9vMlE1V2Npb2lh +KzgzWkcrNS9SRG1ZeC8zdUhQbkludVJwbVc3QQo1QQm19YZ6VMz/+vhRhATkrYwD +KP/ZH7wMl9n40mzx5U1g87ERd3zoDyirTsgMn1N05fpnW24a71FKddHpDUuFc7Fx +xLc0Xst+uuSD8lj8H309fBBLn6yfvq4vu+/XNqsUvTwkBVFRN6EkWTr0XoFTBrlr +AwkEzL2hvC8Gt5U2sjNkJR9GLSZhwOFwTrFMZRW6ZcR42o+6GRUtFmRX7iUMKJ6a +2LIn3i7Qlc8pkvtEWB8yHQ8iLxa0SbWPKWnMcTV8LK/JvhSebBHxx35AhbjZAwc1 +oLmichP61qIGUGb3r3Y5U1C7dWpAwMp12Z2efk1uOfO8QzM1GYqIRvsXSPzfB80w +OCdnZez4iEIvxslbcLSRNZn1R8mwj5deMK4ZfU+26khzqBAtrjAA+tlCtViGKqUE +e7eOBujnBz67YbUYFyepBd8UfDsqM9jtl3PW07Bgvi1MJY0S2dzopgTlzYnS3PNS +8xyLi7Z/McMmHg5RZs2jKHScQlcs/+Y5y000UiqtWy2UmoY6zYwGW08eqgZLZKDS +QYY/0MHWQGO469J3uNdCx6qkzPygWchlGEKpxA== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2lio.age b/flakes/secrets/nix2lio.age new file mode 100644 index 0000000..1ea57d4 --- /dev/null +++ b/flakes/secrets/nix2lio.age @@ -0,0 +1,50 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB3dHp2 +QS9lSENJbC9VR1RpaWYyRG1KQWFXVGFsYTJyU3VqNCtub2RYMkRvCk5pMitVV2xZ +Y3hqTU9jSllaVXFReklodnVpUVVHeENpdGpBaTc2ZHN5Mm8KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIHhIMGkwQmxYZjdBdFk3Wi9BQm12Qkh5NmExNklZbnVsZTdoZVI2 +bk9rSFkKMjZGc1o2SER1d24vVjcxVktjZmc2NXlJand1WE9zZDFZVG1WS1dNY1NG +cwotPiBzc2gtZWQyNTUxOSBTcENqQlEgSEZhMldYaEFyUktESkttclBUV3JlSldl +UzQ0T3MrdzNmS2ZJWndVMTJTYwpoazNQMUt3d1A0ZHV0bC84b282R0NlRzhuQTE0 +V1M2QVp2NXdVWTVpelp3Ci0+IHNzaC1lZDI1NTE5IEJZS0crdyBKRUhKZTgwSnc1 +YkJlb3FLdkxRdFNRK3gvTDVzM2RnRDdqT1g4b21pNnlJCmFwK0pGNWR6M3BNRmF3 +aVRHRlVrZzZ5NlgydG5VTkRqTkVnOFZLVmlaelkKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIGRrS3AzeE9jR05udXZVczdvaElkT2NFWkhyMGRLM1VRVmE3d0Jpek1DbG8K +UHNJYlFrME5FWmtoT3JZa042N0pzRlFESGl4U0dJNGtmT1Fad0J3VGdkbwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgaGd3SVN2MHZlQlhFaFFCRjR5eVV3Wk5LTE1PTHVO +S1pFK29GRXRhcC9SawpRTE5BcTRIMFE3Y3NTZEtwa1V1cUlodzBXb3dUODJ5ZEVV +eEdPdjRGcDNJCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBNanV1Qkk3THV6SVZCOEUz +Q0NBSW16dTMzdWtpa29ncTRmd0o3eUVKb1dVCmFzd20wa29HVkRRRjhZMkFaSGtL +Z2M1SzRPNHdRMG10MFZQYTRtRGZDZ28KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHcz +UUlraHJNd3QwMC9Ta3cxekVCYWJrQit0QWhuSWkwenp6OUdBRG9oVXcKQk84OFpt +S0RqcGsvN1FMMy9SaWpnTVlwT0VsMGltMzdueVlISWZDblJiMAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgMVA0RzFwQ21YNVVBdlRuNWhRVjhaVEk2MkxmU21IeXp0VFNM +U0RYN1pBawpiMWJCV0JUMFZNVWxROFByNXBBSzV5LzlxTmJxd211OHI2VGw4RTdJ +WEZFCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBkU3RiRThocHh5QjRKSzJ5cVVIZlRU +NlJ2VTByL0VQZU9DLzhPN1ZxVmtRCldWTkx6Ty8rbHFDT0RpNER2MVA1dVFiT2ND +bzBsbHZ5d3hzaWlRM0VyYW8KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHFrNVRPQmta +L3YwZjZ0MTNrK3lWeWdCRmF4MmdFMmszeTRlT09uVDlkVE0KYjlINldYK0VuNjBa +NVY1bFg4VkdyQU9DRk4yNHpGREs5cWthMzBad2hwOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgU1ZRclhTL2FkU09HcEtiNkY3OUo3Mmw5bUMwdisyL3JoMG9tSG00SGZR +VQpMZ0NvYXh5N0gySHBMZnF3MC9oc1g5cC82Si9ybjh2ZW9XRlN1SkY5RXdFCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBUZTJXY1Z4a3RSNnRvaHFhbC9BTlNvWVRIazVE +QVU2RTVrcU9NRDNERXhrCkdmbHJYM2xSUFM5TEs1Q0xnQkgrRnNzQndDRWlXQ05o +MWdRRU9xQlhuNVUKLT4gc3NoLWVkMjU1MTkga0hrMmdBIE5tZVV3aUhlWEZkeHFs +SUpTU013RmcwZzc2SlBlZlA0RERnTDg4SmVVVXMKbS9LZHlaNlRJV3dPRjFzMTha +bU80WXR0SkRINGRxc2NXQVo4N2xqZXhDMAotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +SUtVNWZjY3o1UkJvbFZ5WStqWG9IMjMyUmRYL3FYbXRPOG94ckM0TUxVWQo1MFRE +VUU5Wm1NZGQ3MFpRa3BBcWx0Kzd2UlMvOEM4Z1NoOFFYSWNLOWFFCi0+IHAmdml2 +V3NCLWdyZWFzZSBKKCklSyNAaSBSCnowSWtOYndCZmNoZ2gyYjNMejJpbHpNekZ6 +OStGcGFTVGJYeURqK0xYaUpkbFdLR01WdkRlMmY5UlIwVEQxYnUKLzNGUGJaUWhR +T2hwc1RXS0pzUi9KUi9QRkdzVmRKYnJVMS9pN0pMdTZIck93d2JmSFhNCi0tLSB4 +K2RSaVBENkNwY3hWbFFJRzRMYVZSY0pXTFI3MENkMVVzRTJoYmdNN1JVCv7Oz2Fi +S5/m0Lpgzb8jvETd0PIqOImElU7dg60vsww+++Ci7oo1Qw9l/bNdqOhIi4FjsGJp +vQZz6OsqpvF7Ou+YauUvdx6STlnkwrh9J7BVSkG++oduf16bTsV1rqSE/e3hHe2I +6rPv29MFmOxd3Ym4g+RAni/Ib/Ti7MdJJ3GDxOozAlHJrymtZ5NNa21UipoQpeWr +QauxkectXbeVZ8dsss+1sPI/z0CYFHhsEyiKGzZv6LFkdERuTGRmLHfYEwpCeeuZ +nJg5ztWBmvbwmbnbv4hbRaDNf5lpZA/sJV7OuJ/1iX2yuhBywI3808ioFtq3vScr +uUusVwaktQTpoj7yr1OuUltgeuALegw/DwnzZE9mNpGtUjbIbMmq/vJYhH3rC1wv +f2NuCvUN9GvWDt4IQkWDw7m3W6DUaNhoHE5NwcZ8GdScQ2j6IlEEdDAZ/da2Cm4B +o/heA/LGRkgwldpABIVdp2rZAsoU07SgENteaWTk281yBBbiG/QxTHFzgxw0wNjo +ShrXQQMnXWC2Fdz8ogj0RLesMsfjRnEIRwexxNLf0ihBwvet+JxKD6hL +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2nix.age b/flakes/secrets/nix2nix.age new file mode 100644 index 0000000..4877bbb --- /dev/null +++ b/flakes/secrets/nix2nix.age @@ -0,0 +1,51 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBiSHRC +QUVCMnBYdDJXUjgweVNiQ1loTlkxMWxjV3haODdWeFFOOXVrb0NrCkVZRzZYZVNR +RkRBTlRtOFhLZUkxRnM0UmR6S3hzdTcvUGwvV083RU5Hc1UKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIG1HWmhGSG9ZQmNoWEZvWDBta3V0L1I0cTE3c1orMlp3ZTI0OW5F +TDBaeUkKSWFjSlQrdGtnVlVzNWp3VHBhcm05QTNKZUZrK0g5RWRJY1ROWHYrUWpY +TQotPiBzc2gtZWQyNTUxOSBTcENqQlEgR09DZnpLcW04TkpDa1crTHg4RG1FdmJh +T2V2VGJhWC94cm9IbWY3bmtrWQpmSGMrRHdreDNXOUlZRXdUQ3IzU3dMOVU4c2hH +YlpTMHdBZkxKcWJrMjBRCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBaZ0RPdUhTV29y +QXN5N04vU2gwc0VEdzUyNDdBMU55VHZmK2Fjc0N1bTFvClRDY0hoRDRsd3ZSSlVr +RlJHR2VHbGxZYlRKK0hkV2lYWXFMUEM2UzZYUW8KLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIFBqUlZoWW9oMWtoM00yU2oybzNuTXFvYXJjS3I0MHpFN3owUWZtQWdrRWcK +S0RGOU9jUFJxY0ZmWFJmaU9GaFNjNjhSZk84MFRmcE12SjliSmpEMWpFcwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgZ3A0NUtnS0JMN1dINStSOUlNSitxWWZRaEk1Qld0 +aXp1V3Z3dVM1TUcxcwo1cENLMTNiSlJkeHNNamQyMGFvQ3FWNHBJYVVNSzhVdE9P +MkZVWnJmeWI4Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBObzFBR1pKbTdpVlIvMWpa +bWlxd2Uwb01KYkZtMmhXRmZCRlgySW82bERNCk9kaDlRV0JxRDRvdTlxWU1xM1hF +YUtnL2lKQTQ5T0dFdEEvT2hTaXdmbVEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIC8w +d1hwSEw0Rkg1RE10Nm9oUlk5a1hKS1dJdGNyTHV3anhtcU9Ob0EwWG8KNXNHeWxp +Q296SjRsR1lSQmpDU1JCbngrVWQ1M2NNOGhLdkQ5REQ5dkFiUQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgM1FWOGVtdzVERTl1dXpzYndmbGd2c0w0a1phczlaZy9wSzZw +Z20wZFpXTQp2azFzbkVDeWR3eFFhZTloRFlhK3c1Z01vaXdGYkVBNit0QWErRVNL +MWdRCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBmMG0wRHJDVzJBU1ZoRFRzdlRvOWZi +TDM0VWpKcUY4V3EyTzlBbWZlOWlZCmI3VHlqYitMODE1LzUvWkhoODl1WVVCM3hl +YWg2WWFlUUhkQ0lvbXovVTQKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHJON3RGNDYy +Sk82TnNwUHhOYVE0WGoxTFdIUXAwSlROMkl6YWVEYk5tMkUKd3M3VzA4dWVoVVZH +VW9zcHd5cEtadUJMWTJacFhkcUkwNDcyT2xHNUxBOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgbGdIakg4b1JzMkgybmpScFE4bmFreTF6ck9aM0hXbm1nYXl1V09CUVBq +OApLaGJHdEpjUEdjNVJEQXZvOUVxcllEckxmWVdCVkJPeXFDVnQ1cFI3cEE0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSB0NXNaZEtyQk1SMm93b2t6OGp1OHRUWXZwdWpa +Z21sVlJ0QmM3bW55MUdnCnZCRlVCdWRqN0hIVHRIWVBIYUdvTGYzWUxpRHY4WVZ6 +MFlXcUk5anlrMGcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIG5TTllCeWJtUkpTbVpQ +NzF4S1lIWk41aHR1Skw3ZDJxSnBhZ2NHNTdra1kKRW8yeit2SDA2S2xCU1pueHlY +NXo5WVIxaDBiS3dFMURkbnBQM3M5V09hQQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +K1pUM1pkWDIrd3djSThuNVFrTlBQQ2pOa0ZIRHRLZERnV2xkRitWNXBHNAozZjZs +MXhvUWM0elJkdEw3MlcvU2xBUXU5VThMVFB5NUZmTnhsVDBncVBBCi0+IHFjeUMt +Z3JlYXNlIGU3KmRuajM7IDZWCjJ0TWVnSmZRYy9aK3RSNWludGI4emdrSU9KV1dw +OUtYK3NUZldNcFZid2ZZMzRPZlFKRCtZbitPZ3hMV3FZaDAKdjJjeEVWUjc4Q1pk +L2tuSUZ0cVFDQ1YzOWxHdWVoT1hZQ2IyNW5XMEJ1UmJDckdTTzY2TnZmNGIwRy9H +S3JWbQoKLS0tIHVNQTFWNkhLMlVMMCtPU1plSVVBQ0FtZGlKNktSbXJKMjlsaVJx +L2RkNmMKL4QzBzzSOYmRx+8QC3YrvNX3hbfvPPP5gp2kfFK0clqTId3/UZu4qkOt +jUlhRTRWqv+ggJAHjyBCIPQP3BgHb6EDH0B2+ZaE/fXepvIaPnvInIoc+W7Dr8wA +JqgeDOtBWwuKKonGvPcATT3URZ8i5oGGHbyYGyQmeDjw7XdOQU78n8/sgm9bvOPK +woEE1G5tBvOXPWZXxgIlb01J/1LxLhmk7mmB5hyGgzG1kXyDHxcNmSytWNLe/6ly +v9mZSXAT97PPLJJcdwzd57tDav7yXXiNq8Wg5jxZR+YtyhmDX5BHcw/0nJr6CU0R +8bAsraBf1+zUoGYG0XKnqSCCb0Ky8rZYtG+KlN/aFRJ4T2RgLVIzncRvzL3evOa1 +52POfhB26YyMdV2kQ82V5UJXEFHkjdjwixp7n5jxg3MKxZlCumyPCuUe11W9tRtV +UQPNxdhgOH8GZAm8m6JxECtJ3Xx3XpGG5nZSLPCDoIQnetqShb1vyc06AQKMdUnP +FBXj0edHQE1DRQoVtcSq1+1v7CmLb4iR7yFGgbiuuRzyn2I2YNX6jxsn+u8z/roD +jvGrIE8= +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2oracle.age b/flakes/secrets/nix2oracle.age new file mode 100644 index 0000000..a25f102 --- /dev/null +++ b/flakes/secrets/nix2oracle.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBrU045 +Mk9iL1AzbG5LK1dKZEtTK1BENmZqc2wzWTdhMU9lL0NscXpJQ1dZCm5VWTh4eCtK +QWhVRjU3c3NXOElYQVh5RUZUQy9jcVA1NG9EZEhpKzZLUEkKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIElhTGVrcnk5emJ0ME1hU2xXOTMyTEIxV1l0TVFrc3ppQjc1VTNU +TmJyaFUKVlJrSVhCcm4xbHhwWUx5TXhlbTBwNzBoN21hcU1hVVZHeTNibUVSZXB6 +VQotPiBzc2gtZWQyNTUxOSBTcENqQlEgOFRvYXZFZjZJcXRsbUJUQ3U3Q3lLK3U4 +OEhiYWxqckMrZEszMXI1SStYOApzN3NCQ2U3TTkxVzB5dEUwWXA0dDMxblVEV3E3 +MXNXQVpKSURyV2ZmNDVZCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBJNUdKOGFDSHd5 +VDUrL3VSeEY3NWNoZlFWS3pvZnRBSjRIZEJnYzBSQ1h3CnpERHlkYXJsTCtUV2Y0 +RVN5NDB4UWF3Vm1pdzN0OHFuZ3ZRK0Fnd0V1cW8KLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIDU0aFQrN1pydWd0bkJLaE5KUTNyWU5Vak1tTlhKTDNHWHBJQ3ZSK0VNWFEK +UDkyTkFoSG5aL2tBTmxESWVpWXRpbWtTeEY1L0JZSmlEdVlRekN4ZmdxTQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgUXRLZjg3UStKMm9MNzFrcTVaVzhMR25DVk9oMGdP +UzErclNkQnhiRnNnawpRY01QWnhFQnFqT1AwcDIyeDZiaG4yeVBzaUptQ2RMeWxz +QkhyMDJnU3hrCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSArWjA3RVlZL2lyVjRFR2Zr +b1FIK2Y4dlhUejN5Nm42VWV3Nmp4cTB0T2dnCmNXZ0d0V2R0RnZHNGliZ0pwNkEv +a2Y4UHlmRnpOZ0dLZGIzTXJ0eWx0K00KLT4gc3NoLWVkMjU1MTkgRjRiYjhnIERw +MkNqci80MXZibkF0Rk02YjBqalhhMmUxelJubWdQMG9mZE9lRzhXbVkKeURhVlhU +bVZDd0l2bFlKVjBKYmZkdHk0OFFNNTM2YlNYWG1SS3pXS1V3NAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgdnQrOCtiYWJrU3lveStlRzJrYWE0SEVHUEsrcm4xa0ZZNTA0 +UTZ4dWFBZwo3M0QzZEpFV1BFdGh4RC9DZ1l2M1FRWEdzZUtjbnN4cFRveE9KWU5W +NVFNCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBSU1ZSd3Q3c1NWVUQyNTczMHBqMDVp +SUowUkhwTEMraWZZS1l4Nlk1eFJVClBjcVYyUndxdjM4ekIxOS90KzNHMXVPQ25Z +UlB1SW9BQzhyVHJnSU5TUG8KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDB0WkxkYjBF +cVBuVFpiUFhmcGxwNW9BWmRzTU10R0prMmZsVVk2TWR3V1EKTHdySU8xK21hMzJ0 +c2NOZ0NSdHUzSHpnVWE0WU1DZXFjSjBXbHhvd1JDZwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgbGFyTzdIaWF2b0w4QlVVUVFyNnNSMklzVGNhM2Rka2FDNm16S0R0MTIx +SQo4bkQ1cWtEVURORTcyREtDdUVPM3p6aFQ4ZVBXNWpCcXhUS1lOcG5tTUFVCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBDenFma2swTUdNalVpalVRT3ZCU2NyMlBOb2o0 +V0tCQ1gycmRoek5oMFVnCmNCRUlxU0F0ZmZyOXFLY0I2QXpuSTVqRUEvSHBHaHBF +SENVeDIxcU94Qk0KLT4gc3NoLWVkMjU1MTkga0hrMmdBIGRjYldMZndtVGRuMHIv +Q2RZNjlwVFkxS0xRQUpselRtS0l1MnNDLzhlR2cKSnF6MEdZRFhFOWtzUzlVZWEz +SlpHZzYySEpEVW5TOCtiZTJIYWdLL3dYYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +bThlZVZ4Q2s1OEFWbGNqSHRIQUpxYUNEZzFzNE5qejVnTUs2djFOYjFHUQo1T2lP +aktEaGFOYkw4T3JsVmIvTGp2WVE1dkxSczgzcjNaZDllaHRyVU1jCi0+IGo8IWFS +RS1ncmVhc2UgNHtmWAp1dVJtdTRlMFROaHVzVGx4UkEwcGJycitqSTFvbVFFOWl2 +ZGZVWHFHMjUwTEljRnlDVUpMK0lBQ1Npc3VRMW1uCjRDVXRhdDRRRG93Ci0tLSBa +U2JtM1c4dDd4OHBwK21jNXNqTFdDQ08xTXdWS2xLbjc3dllsUDE4MUpnCheeS5Ao +jdiBXm9dtTEcTgilutkhBaP6NL2MI7TCkratQvinVxVFc3A2XXGD1Dp+/YGhHMx9 +x0l5flisRyCK3Xz8WJWbVi1VZ6DuGaossLHxfIeVWQhzGGlX/4Xu2Ly26BpTDLmi +OpZ4WLHy3kMmt7VOon1xQmlZv7NBj4R4/u7QdPnIt60BwoDF6dGUEVBk/AcRnF2P +23fA0ZlpmSCRCfyMwgdo7TXMq72w/VL4y50y0H1lgexGwsgtOwWsj0HeOxwleSCS +3vHozKZd61AF898IIJh8/YW/A2AQkD0V+BN5Yn9A5PpN7HEQ2cQtsU2KB2LY7Ws8 +/l2diGyNu8V7CmONQh5Rjg5ON0Vj4xMpmsSQO9VyGzwVzkwXPpYadLYF82xP20UR +IieybEz/3n6ihpDPJ3aJ6JN31lZJnCmFkQ2sgvizuxwQnIpuN5nVav8laq4Xjm04 +55r37ZJG4SQUzOMjYdnViq6B/LMslVf3B80vMKXlm/lc8cXXQ5ZErcKJs7WsKD10 +GsAE+kvrxpwBDykMNwluExFxYACp1a+1bZZuzdRITMEstbWQgBK36s/e +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2oren.age b/flakes/secrets/nix2oren.age new file mode 100644 index 0000000..a4d820f --- /dev/null +++ b/flakes/secrets/nix2oren.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBpSGZS +bkFWQXAyazF5empVcGtuQ3NIQkpBK0RWWnI3WG9vOTdQMW9SNlh3Ck94MlNBSjRS +NTA3ZjAzZXJtTk5WaTFUd0VYWFFseUVTOFF2aUFmaUtCbU0KLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIFZHS0Mvd2NUSHk0TnRFSWhmTk5VSm9LSnI4cE80OXpYMzJKbzV3 +UDdtZ2cKeTlsTGhmazNycElZLzN3R1FZcWdpK1Z4SGRPbGNKcjJzTnlXZFBJSTJl +UQotPiBzc2gtZWQyNTUxOSBTcENqQlEga09qRnptd0dqN1ByU2JZL1JuMTVJNlNY +eGYvRG96RXhtZFhxN2lpbWZXOApTYnNOYUkxWmMwZjlOMHJzZjdkajJHTHprbXlV +aUFZOWtOT2dMY3MzYWFVCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2bnBFcnE5T2Jh +bmc2dmRQRUdDL0crYXl3ZTI1RkFDSkw5N3VxT2k0Z0dJCkpsdnFjN2xQeXBnQmVx +RlhTd3hudUNyMzQ4WlN1SGZvRldNNlBFV0ZlaTAKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIExzZGsvbmQ5NWRHdi9iSmVxVG0zbHg3T2V1NGFqREg1V0YyS2Y2bVNsaTAK +UUNicjhwajgvckxIblMzNk9HUDhLNTFBSmpMdzN4VkpoVjMybWVIc2hpZwotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgNnJiMnVQcUd6aUVzblZMN3cwM3VoZXZRd2xaRlgr +SmpqYm52OXozZnZodwpKMFdsMVl2Zm9qNkIzOU1MM2dmWGRJTFd3bzMwWTVBdDNP +L05HUEpxRktFCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBUbW5pRVFHaUFlQ2JKZEEw +RDJxUVhiRUxxMGNkczgzUGlBVmtiTDQ0RG1JCnhjZVdlcW1LYkZyOXBqSithVXI5 +YytEYmltaFdLYkl1Uy9IV0xTcVR2YlEKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIE4r +ZC91UURXRHFUWEM2OTJMWjRuUTBDUzZyZjR0MTdlMGJ5NHBBV2lBbDgKcEN0dXln +Z292L25SejhhVjAwdEthdTkrSVo1NzloSWlpQm5IeEgyeVQrbwotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgTFpMWnlXY1czQWpIdFl6SXpHeHg1K3hEeTBYdUxnREFmL2RF +NUhFRENpWQo4ZUswdFVMZXdnMGE3ODZTRFdOc2hBdzVMQllvczMvZk04QnRoWDVI +ME1jCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBUejNUVWEvWm8zSVFSRkFpQ2tIM3Vs +UFdTVlBhR3dIL2x4aDZvNUJWd0JVCldXQjRVY0g4KzRhTVRYdzZoRWZPbGlPSDA3 +cUhNTVJVZmpLTmxwN1UwN1kKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIHJTb3dMQUpW +b1htTm1JQlV2TDBXcGk5RzR2ay9JZ2NwSXpWUFlNeW1PVWMKTjV0S2JSd0dhTm02 +VzFzOUZmbXk4d2RweDRtREppZ2NaUmdXZXFQT2xPZwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgYTlGK3NsUUpJeW51SXFSaWRZMktZY1JVSWR1RHdxMkVCZ3JpOG5VeThI +VQpmL2pER3pkVVpRMG4yUkpoNmZCb2NzMjBqcm9mWUtpd2JYVE9PR1N4S29zCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBqcjhlR0ZQK1V0eFJINm1uUzRRTzBJZ2xnUk5S +b1BzTUVJdmoyWkVNNVVnCkZZM21DRkR3eDdWSHRtNTQ1WFF5K0hxMk1vMmd1MUJK +ejl2dW1keFhuWHcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEpTM2NuU2RFVUJVcDB5 +REI4VE9LQzk5UEJVZEE3NTliNGRlVDhQSHZobWsKVlQwWU52cGErRHlMSUs5SllW +YWZtZWI5SXJoSFk4UGxHVFFqOHJqQjhaYwotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +MFAxUXVaZXM3ckZHbWxhY090T1UzaTZpQTRqZXMvaG5VYTl4U2ZYRThEdwpNa25V +cXp5Wk5WOEdjdGFWck5Qc1hjRitRMWdXd09CVGc3RDhxSVhlZkFZCi0+IDUxdmZm +LWdyZWFzZSAqcik9QzxMXSB+UTsgX0hDCmxiUXF0YnRnamt1RC9IaDRkYnFsSHYx +QkhRUU40TkI3MVFVSlN6WDJVY05KNDN3cGg3R0lVSDk4WGNQM2NFMEIKcncKLS0t +IE12R3FidXBvMFlMSkl3MkJleHgwOXB3Y1BhaGs4QlBPaTY3aTZBSUtwYW8KBn0h +p0tQ4FYu7/wPAIJc1Ful9XEfvky2NA1q4xI/gtfeaXvUY1tS5IeVkTQwfEsb6uCa +2m/MRGsWSmfBYHPzBtl/eHNODZ7EHECHjVpq/i0BLOH5a/GJ1lAImY8MDT/1dd6S +iqJPUTOWgH+mczo6BMsQBBmfg987oI/WRMeMAr0xZeFbunSw8yglLbopkFY1sv0V +OgBBUFj06tBhYBivB42fmaFSO/bTYkwD6FSzCfUGSG0p8PPaMIPPF1MU9xtgjW5A +PkN3OGeTDrDJ6AnVjTY64nzSEwILPRoSKXfErEX7Q3oEzSgIdzCVKUqt+Z9S8do1 +Huc3JOc7ZxxotGr9AHPPGYxT6hgkxxQOIrw6W03wnj6oS2XsFoU3X7uATZP5hc8o +p2W0knCKHPjqxb0cCZORSdae3FOQpF3RY3hFOIHTHqR3dfl//D/OdW+9+qZx47JW +hoXDNmdrBjUXW6t/i/rRhcoocomUxo/rLbxdE+/JP86Yg0pb0fPEP6zCMHJusuHo +EojSeWMeRHZ+cF61ee1+8cHGrvXcShJ7uicIXRTFdbdclfM10to7cijub+U= +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/nix2t.age b/flakes/secrets/nix2t.age new file mode 100644 index 0000000..843600e --- /dev/null +++ b/flakes/secrets/nix2t.age @@ -0,0 +1,49 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBVUy9q +SDc5SjNYT3djMmVnbmZrSkpDQlQ5VmJQZlFzaUhJS1hja3R0bEV3CnMvK2NKd05q +OUltdUUzWlFUZkhMa3c1UkdaVm1aQlk3MmtGalFsV1dRWkEKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIEh1VWxrNnZoN0tabE85NTJuUFVmTGw0c09IVWI1Q3Ird3BWb0p1 +ZSt4eVEKWWlFMzc2SzVwRE5CNVk1N3haRW9UTGpMdjk2d2cxa3BQOUFrSTk1MmtW +OAotPiBzc2gtZWQyNTUxOSBTcENqQlEgVHRUTnhwckpoVEFpMUxWbk1yekRDTzA1 +WWZvSXpDZWxEaCtDVHNKVENpMApncXZIY3ZFbHJxY3VkTGVsclBTQ09jaWxRdDdO +VEsxdmFKYWNEdkUvT29FCi0+IHNzaC1lZDI1NTE5IEJZS0crdyA2ZUhRa3o1V20r +a2tQNmQrYk9wemFhNytRY3FuOTFmMmRad0FNNXExWEQwCmp1RjFDS0xwSGtHQUUy +RDlWVVdxWjhvRGVEeHo4TEdzT1JSRmIxcDgrZU0KLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIDZYYXVwaWdrTTBKYlZhQk9STGNPV3ZqeW5yZDVpcFUxSTVsNW9JcXF6eTAK +VEk2Skk3bFdtWEhoaDllYjloQkcyT2tUaTFtdHYvcFQyalpuaTFac29FWQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgS1I0NWdPY3ZSU2xENDFFeEVtNVU4dkdGRVVkUWYw +bjhYWlNXMm9jU0UwdwpPQU5KMTVuODVhUzFxWnIzclhCU05mMnU0R3FtanVxK0xn +VFFJSTFvWHA0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSBhSStkek51ZWQ4a1dVaG9w +TFN3Vm5oMUwraUx3MFR4bXVnenpPNE0xVmdjCjhORitCVU9nRWpQNERDMElBZk94 +a09LMHFhM2V1dDZvamltUnY4TENqYnMKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHVP +SCtCUWc1N3E5Zzd3aHllS0owQ2d3anhSYnRFOWh4SlgyOG5ZWFlJbEkKNHVzMjZD +T3QvYXZPaTU1SDNCTnNFNlRtRFpSZy9wQ1F6WkNxNUg2bCtDVQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgYVdKNk41MGxMMXl6SkNWVmdsREhTeFJ6RTJzdkxTcWhtY3NT +bXYzTnRnZwpnaXBHKzNYYzNDd0ErbDhBNEVOZ1FWcFJZT09TY3FBanZIRU9nTldu +L293Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBWSUFiQjBLVjVjdUdIdUR2b1Q3LzJJ +c01VMS8yZWJxQkN5bXVuNjhXUkFzClpuT2k5aFFWQjNsNjlNSHc0Q2xZWFdDeGxY +V2ZBNDNYN3lsZlFrTUkvNmMKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIDBrYkk1akZE +NFc0UUsrV1RlbW02NU9ZTlcyRGRMUGVmOWtwOW9VaXY4U1UKeklYZUdtci8xYzg5 +Rnc0V1M4QktScUVwSG1JcnprT2pMdDJWYVJmVTdDcwotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgQzdTcmtaZER3Zk40OVFpRU9pTDhqTHBFWTA4SS9NY0g1RE10ejJtdjlU +RQptZ3FQMmNnYzBEc3BpUDdNYTg4U3U1SFhDb05KdnIzV0VzT3pXT1psOVE0Ci0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBzRko3NGlWUmpDb1U0WXpKN0lraDYzTWlIYTFj +OStWa2NzMEQvNzN0UlFRCk1LeUZSVFdPa3NpY2M1eUIxRHhqV1BFNlpjN2Ntb2Rq +dkFveVdxRFpod2MKLT4gc3NoLWVkMjU1MTkga0hrMmdBIEEzOTVLTzg3d0ZYaTgz +TXdJYkZlcVVqQm5KaXVDaEZlbWw5OU1jNkw0eFEKVjZra3dac0NUQ2pBZnRFMGND +Qm8wbkdVQytxQnpGSzNjSjJtVTk2dEhSSQotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +UVpVWHV2OWdWYnhydTJZODRzVEdWQVhFODFQWFVVSWw5NWJocXduY2hDMApnUDNM +UXkxL2NTQWVVeUdkeHdHbnE4cFJXMExLK0IxWUxlQlBFVlllOWVZCi0+ICozLWdy +ZWFzZSBgS1gtOiBuK18KbThIa1FGM25sc0o1UU1yWlFoY20vNS9oRGdpQmQxWXBr +cnVwaHd1cDgwdGpGQkQrREs4dwotLS0gUHRYWjF4OUV4NVhESlo3LytqdzVOTHNU +Z1ROdmJ4SHkyZGhzQlJXeWw4MApz+OC1nGrL+AgkWWYC3bYmEZ4WE7wUiBGSQjuu +MFlv1EBOveOzJ9eKKdR+zOl0Zo+pL6TrUUju6iaIvPd16x8NBiiDGmiAkpM9qcQv +CG/KFcP5kq5Ddx9rGqvOTn8YTk7Se10BmBEduERWtSuv6yEngrAJzF1QaeBM2PXH ++TxPlblCbiE3g9Dk6c+0S74izVAz+1cD8Lwx7n/7DX6gHtIoSMIDi38mfy9baZdl +Zcaw8Nr/wgBT61U2ywXGc9h50Jec1zUXfBEdLZQCFNpnZjntxh+obvdM43HJzRkz +sF9UXXWrvQrP21xxxa1wYy2UNANAHqMegUVNIZZfncF0lnA38sJDX8nsYKaIsnce +CnacNDrf2gpZkk6Ml5Pjcc85B1dE3DOrogg/Dq84c+JtN9r5N3mrzBHeg4xc8dOX +GGq1+9a4w/w2CvvoRbFXxSxo7a/B73oeNggsHCcZ+o2CG/eR1mDNznU6XSW/1dMg +FnEBJB4vAG/fejLMHHWNb4bfa89Oba7wN2oHKm41cf+JWHJ0/Thn1k6DzcWRoHtc +kJS1Zr8mQw== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/oauth2_proxy_key_file.age b/flakes/secrets/oauth2_proxy_key_file.age new file mode 100644 index 0000000..d5a36a9 --- /dev/null +++ b/flakes/secrets/oauth2_proxy_key_file.age @@ -0,0 +1,17 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USB1QW9y +bVYrZzh3ZDJRaUJOdEZRcGVhNUNvNG1JbENuVVJVcXFPbXVmNVNnCmZCenlWMVRY +YkgwRXpwYmQ4NmNrUkZQNitRM21FbzA3Z0x0TzBZVGxsa2sKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIDBsYW5qa09pNnptSk9rTndaZ2ZFQWs2cTlUdkp0S2k1TkFiNHFh +bG1zVkUKYXlRdTBVMGpOcEQ2bDN4Z2ZLbVFPZ1RBT0lmMitqRk5wdjF2bjJPRXRF +VQotPiBzc2gtZWQyNTUxOSA5di8ySEEgaFlLSm5Qd2dML2d6UVlJWEN0NHdiS2lp +WDNHeithZmg5ZFJjQ3BrV0pXYwpYdEFwR0J2RVJjaHJISHBMb3VxSlpTREVxcjEy +ZExZTUdocGNWcVJTb01FCi0+IDF7LWdyZWFzZQpFaGhVdVpjdVo1a2xXUjYwWUww +Z1hmUkorV2l3Rkt5MGFmUUczVVEKLS0tIHR4SzJCYTZOdFFERFRlS0QyV0tJeks3 +ZDNYS05jR1QvU3RhN2ZUd0dCODgKvyfa6+kFUuN2DAi1vb8vszdAw3Jlb9gLsdsM +6d7ILyLkmolgmpfpFwyzP5KVrYn8vkjuZDB6iJvAJjDgBhX9p4Bt7uSggNGz7O8z +7p3NsCdzLGHLygYok+D2TyupWiUs/YIyUx3rdjleO/QOiJlO8n63xx9hvp2A/25q +n6BvBLA0CuecVFs9pLC8a91VpTyZrI/f71lmS6wvpW3HwrRldDDCqzPB3UG3ceTz +9O0iCjST/c5ETO7HadKKT63aMALdHQYc3QMATxeMfwHlMmwf42Z4ON4d9A6q1CWO +hQ0LmyFhrg== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/obsidian_sync_env.age b/flakes/secrets/obsidian_sync_env.age new file mode 100644 index 0000000..b35ab57 --- /dev/null +++ b/flakes/secrets/obsidian_sync_env.age @@ -0,0 +1,43 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBsTGRH +YXJwM1JGbFY1c1dtV28xSlBYTWdObkJRUmdRVTROcm1hNlh4ZWlzClVEemdrc3ov +NzVqVFk0RjV2eVBCaVF6WUcrVWh2MWxpSjhyUWZsT0Y2ZVUKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIGFYWUZqRnhMdjVZQ3BsTXcxcXNaeWQ4YUZMRytSbm0xYXJpeXd1 +MWlNMlUKb3ZCOVdJRGF6V2xaOGUvKzV6N1FvYkJkVlo4VlZPeE9BYk9xYk9qbEF0 +dwotPiBzc2gtZWQyNTUxOSBTcENqQlEgTGFZbytBdXJjYWdRdHlrVE5vbGs5UzJp +dUkxUzk5QmlZR2lvQi9UYVpYNAozK1JwREZQaWxtYzhzUit1eHFldGJXbHNGdktH +SFFJcGJ3U21MQWx4M3FnCi0+IHNzaC1lZDI1NTE5IEJZS0crdyAxaTdFQ00xei9L +TEdCd216MGRXbmRrTEdvTVJwdEVmUlFLVGsxOXlJOUQ4CkdobFNlSTdHaFVMUU12 +VUhUdzlDWVMrZ0VaeVlmZlliZkhmbWhCU1RlSTQKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIHFJU2JRWEJrL0ljZkVSamwreW1KOTgwWGFkZ3lGWnFXY2tMVmZKclF6R28K +ZXlOOEdIanFUWEdGdys1R3RWNjNvWDY0RytSeXVmdEkyOWJuK09JNERKVQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgYU1pWk51WmZZMjJnaUpQdjJxdjA4VCtVQzhtS0N1 +U1A1aUJRYkY2S1kzawo0c3Vzb2EzZWVLV3NOVWJZc0tOMXNrd3ZscnFkeXpCcWRj +ZEZIWFFFSFQ0Ci0+IHNzaC1lZDI1NTE5IFJvWDVQUSByWG96bDI0Sys5bEZVYzNk +RDg2eSt2d2Z1R25zVWsxWGhDTHBaNkJWdVNRCmRhK3M5Q3VZeVR0RkpGbVZmZHhz +ZlVqbWNaVmVxbTRrejNQUFVwRDlYU1kKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIHE5 +blF5dTNhd1RIUTZTdCtIdXViaXN5VFg5Zy9paVdDT2ZhZktNTlpQaHcKM2cvQWJE +aUh5OWRmRTh5dmgxc3dMMlZZRlBJcWlTVnpCTTZnSUIvSVhCTQotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgQWRJTVQ3ODN5NmllaXRzL0Y1NE1jZ1NZNmJXUFJSUU9qRGFn +aTBKVzlETQptUHlNeDJxcW5qcWVxYVBpb3docHdjM0pyaXErTzdRMTFuQnJVZjhJ +akc4Ci0+IHNzaC1lZDI1NTE5IDVhZHFNZyBMY1NDelF0NUlERjdFTWhwMGxJdnR3 +NzBQWG1tbHhEYmdwQWtYeHgyNVZ3CkNzR3JySUxPUXJTMVJ1R2ZRZHpkNjZLcEZU +U2pWaTIyS0lyTloyeDdGKzQKLT4gc3NoLWVkMjU1MTkgWmUxTXdRIE9QeWRVUXZE +NDNFS1Fmck5mRWc2bVlDeHh1VW11K1BONU9KSit0dkZCbTgKMmo0VVcyR09oeVBC +RkpyeFpOcVZUaitCL0pvclhmL2JLZE9nSFJYanJVOAotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgY1gxbkNxTEtXV2F3WWQraXJFMGkwQWZBazNKVTdNZTI3VG10L0hkTzN4 +YwpJcDYvRUxwQnVzSEVEbWNtOGVicm1aVURoZDBxR214dTUyVjdudjBjamFJCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBKcUs5TTE2Mk45SmgrWTRpMXZVb2YycCtldTRD +UWt5T0J2Q1NGRU5BVTJJCk5RYlFVMk1Jai9KYzhOQUtobGFnZlhaWmhQSGxFcmpY +aG01aXFGQ09PdGcKLT4gc3NoLWVkMjU1MTkga0hrMmdBIENnbEo4UXZWRldwcDZq +ank4aFlZa01KWTFURUo5ZXJ5aGMxcXNwTDM1R0kKcFJpN2QzcVdNcHJIbXIrMHF0 +Q1RROFV3NCt4RW1BVjVmVTV4U01OSW8zOAotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +SGtkdTUrTDd2ZU0zeTR3L3VLbWlqWElRUlQ5QmxCcmNMWm9qMk41aUEyMApKSHF5 +VlpjUXRTQWJ2bmRhOTZ3Wk5DbktiVmpwaS9EQ0hEckordTFwSUhRCi0+IDVwSS1n +cmVhc2UgRVo1IEguX2EKa3p5cCt2WjYwWDB1TXNMeU9FTG1LRFQ1NTd6VlA3eDVU +Vys4NFRJckdVcVdialVKV2hyUk5uK0J6SkJTYzZHdApaZlkKLS0tIDMxSmJtLzZD +T0NQaWlEcVY0eTBFVVVKVUkwRnlNbDdnNEl4Qk5jY2FWNnMKUzvOMuRTZl8GtwWB +GUg2RISUPDZ3kmzzN6gUe2NlJfzSE/dW3zYuSZQ8qFXPLp6JTsJlfNmPqV4KTwOu +y0a1GymZ3/q29nOSIuAW9Dgi/t8yBpHnQn7hp1ptOM9KZBCrEqwY4j5q+uSwPQwY +R+vqTRjL3UA/z0Q= +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/openwebui_env.age b/flakes/secrets/openwebui_env.age new file mode 100644 index 0000000..66eee18 --- /dev/null +++ b/flakes/secrets/openwebui_env.age @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBORVRn +WmpIQStaRnV3QU9wMStQWHJMTklhb21nM3YyRE1xdWNxcWZEelRnCnZvckQ1K0hE +UkNyZGIvTFhpU1JtcXgzTy9QK2hhV2JYcm9nczJSbXgyS1kKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIFU4QndCcjhFbG05M1prbGkwcFlYWU1WT1NkU3ZCZ09SQm9sMERC +OGZnMGMKbnBqNzd2dnBQT3R2YXBraEZKVFBJeHJXU1RhOWwwNHdGbC95TzhDM1g4 +MAotPiBzc2gtZWQyNTUxOSA5di8ySEEgOGdMRXZ4cnd0VFdxNlBHYlI0S2pCTkZo +dGtnUm4vaGFQanpKMFRjVjdHSQo1aStST0hFdkR4T0syekFZZXM1b1JBbXV4bFB0 +RVIyRG0raEZDVmt3L3owCi0+IGxLPUBZOS1ncmVhc2UgOyAqIH06U1EgQCRXdn1K +CnpSdjUwaDI1eWE3ckNBCi0tLSB2ZTJVTHphZVhBQndhUU1GZTYvYlFMT3h6cVRE +SzBoK2sySStmWm9SSnU4CjTkglKu9/CMRrbdagHF1uNxTOBSthOhyAgfcHLXHwXe +dtZiEnev479tMoIo2OXi5ODZpz1LTCkBMO0yRY6JlmNVlwpByNJkyij5bwXbUiPy +Mk9airOI/s5fIEIStb6ei8TMgy68trToK8JUmBtK8JzL9fkJDET9YyQh8N3BTUMR +8M2cUXX1qFjP7dyRDOQiq3LQEKpywUIuGNASDw== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/secrets.nix b/flakes/secrets/secrets.nix new file mode 100644 index 0000000..80c241c --- /dev/null +++ b/flakes/secrets/secrets.nix @@ -0,0 +1,138 @@ +## To onboard a new machine, you must use a machine that is already onboarded, or the backup authority key saved in a secure location +## Once the new machine is setup at least once, then we can generate/fetch ssh keys from it and add to this list. Then rekey the secrets and commit the changes and pull down from the nix repo + +# System key: `cat /etc/ssh/ssh_host_ed25519_key.pub` +# +# from authority +# `nix run github:yaxitech/ragenix -- -i ~/.ssh/ragenix_authority --rules ~/.config/nixos-config/common/secrets/secrets.nix` <-r(eykey)|-e(edit) > + +let + authorityKey = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBdG4tG18VeuEr/g4GM7HWUzHuUVcR9k6oS3TPBs4JRF authority" + ]; + + gpdPocket3 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzAQ2Dzl8EvQtYLjEZS5K0bQeNop8QRkwrfxMkBagW2 root@gpdPocket3" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIr/aS0qyn5hCLR6wH1P2GhH3hGOqniewMkIseGZ23HB josh@gpdPocket3" + ]; + + lio = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFGp6oInUcGVnDl5axV1EHflMfZUiHxtqNa4eAuye/av root@lio" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKxNhtJNx/y4W54kAGmm2pF80l437z1RLWl/GTVKy0Pd josh@lio" + ]; + + joe = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4PwrrOuZJWRjlc2dKBUKKE4ybqifJeVOn7x9J5IxIS josh@joe" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP+GYfPPKxR/18RdD736G7IQhImX/CYU3A+Gifud3CHg root@joe" + ]; + + oren = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7bNX7R9ApoX/cHdXIhQdpA2sHrC9ii6VAulboAIJM2 root@oren" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICauUtSa71+oQAiLxp3GMMbmNXcbr9Mc7eK8b/lqZbbS josh@oren" + ]; + + h001 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGTAz6n35c3r8kSuWJM1JzMVx6jK+0EBwpJA5eTIvy3N root@h001" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICRHer3NrJiklp4oDNRCzDxc9fXpXn5rPAXGFce8ugy2 luser@h001" + ]; + + h002 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB9GW9W3DT9AqTonG5rDta3ziZdYOEEdukh2ErJfHxoP root@h002" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC60tzOVF0mcyfnYK2V/omzikuyE8Ol0K+yAjGxBV7q4 luser@h002" + ]; + + h003 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHsV5r9sWYgrr9t9p12Epzm6WtxN/XsKSCb46+ODQvVT root@h003" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILQLt2Hc+CN6+e7/sf3Fv0FQlp6+yrIbIJ/J9AdnJCjI luser@h003" + ]; + + trustedKeys = authorityKey ++ gpdPocket3 ++ lio ++ joe ++ oren ++ h001 ++ h002 ++ h003; + + o001 = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFrwvahx1x4rue28QHCzyADQndOeTESIv80f7d00NXWT root@o001" + ]; +in +{ + ## To make a new secret: + # - FIRST add file below that you want to create + # - cd to the secrets directory here + # - `ragenix --editor=vi -v -e FILE.age` add file below and in the ragenix.nix file + # + # TODO come up with a rotate method/encrypt the device keys better. This isn't very secure feeling to me the way I am doing this now. If anyone gains access to any one of my devices, then my secrets are no longer secret. This is not a good model. + + # Git keys + "nix2github.age" = { + publicKeys = trustedKeys; + }; + "nix2bitbucket.age" = { + publicKeys = trustedKeys; + }; + "nix2gitforgejo.age" = { + publicKeys = trustedKeys; + }; + "nix2gitjosh.age" = { + publicKeys = trustedKeys; + }; + "nix2nix.age" = { + publicKeys = trustedKeys; + }; + # Server keys + "nix2h001.age" = { + publicKeys = trustedKeys; + }; + "nix2h002.age" = { + publicKeys = trustedKeys; + }; + "nix2h003.age" = { + publicKeys = trustedKeys; + }; + "nix2joe.age" = { + publicKeys = trustedKeys; + }; + "nix2gpdPocket3.age" = { + publicKeys = trustedKeys; + }; + "nix2t.age" = { + publicKeys = trustedKeys; + }; + "nix2l002.age" = { + publicKeys = trustedKeys; + }; + "nix2linode.age" = { + publicKeys = trustedKeys; + }; + "nix2oracle.age" = { + publicKeys = trustedKeys; + }; + "nix2lio.age" = { + publicKeys = trustedKeys; + }; + "nix2oren.age" = { + publicKeys = trustedKeys; + }; + # Others + "github_read_token.age" = { + publicKeys = trustedKeys; + }; + "headscale_auth.age" = { + publicKeys = trustedKeys; + }; + "us_chi_wg.age" = { + publicKeys = trustedKeys; + }; + "zitadel_master_key.age" = { + publicKeys = authorityKey ++ h001; + }; + "oauth2_proxy_key_file.age" = { + publicKeys = authorityKey ++ h001; + }; + "openwebui_env.age" = { + publicKeys = authorityKey ++ h001; + }; + "vaultwarden_env.age" = { + publicKeys = authorityKey ++ o001; + }; + "linode_rw_domains.age" = { + publicKeys = trustedKeys; + }; +} diff --git a/flakes/secrets/us_chi_wg.age b/flakes/secrets/us_chi_wg.age new file mode 100644 index 0000000..94a440b --- /dev/null +++ b/flakes/secrets/us_chi_wg.age @@ -0,0 +1,46 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBFazhx +VVN3VXgrWXdWZzNwOHdIVzZSSTlRa2lEYjhXRzlCWXZhMmQ2QXdzCms5MmpGZ0hW +c3JYM25mNWliNHlxNG14ZHppcWU3QmhxVHVwS0QwaWNaN0kKLT4gc3NoLWVkMjU1 +MTkgSmh2TCtRIE5Cd0M1S0ZCWTVXZ2lLR3NzV2lTb3dubHRyQmlsMDF2TFZLM1B2 +bnBMaGMKSE9ad3BrSEF1T0g2bkN5SjAxOEdjSytIWGxSN0t4ZDlQSkpVRzE5ellm +QQotPiBzc2gtZWQyNTUxOSBTcENqQlEgYllQVWlYUnZ2cjJ5N0t2WFJWMG5ReG03 +V3pkSzFEK2syRzd5R0NyVFdEdwpNODJLenpIZVByL0hPSEFFbG1FVnBpeU1relhl +R1dpamwwV1JoWG9CNmprCi0+IHNzaC1lZDI1NTE5IEJZS0crdyBFTSt3Z2UrQStY +Vk5LeXFETkdmeXdGSVcwTlA4bzJKK2poZFNUL1Qvb1NFClpIUHVWV3Q0RTViRzBI +aG5QTTZCazUralExS0NRUWF0cVNZTlZIaC9mQ0kKLT4gc3NoLWVkMjU1MTkgWHpm +bWFRIDF4Z1RmZkJrblIrQ1NqU0hDNWpPYS9sUUJJTWFQOGNJejduTkdLbFBJQ2MK +b3hXd09EaGNPaUQ5ZnIyNHlpK2hSWm5WV0lERm5xcWQxa3hGaDVTRzFYVQotPiBz +c2gtZWQyNTUxOSBSNSt4ZncgY09RbXM3WmlDMVVRMTdKRjN6aktFY20zNjJmMFBY +ajQ1VjRwQXVqRkN6WQpiaDdRNmtBUy8xMksyQld5bTMzTXlMVnhQQzU2a1RQdE5z +dGhpWWxXRThNCi0+IHNzaC1lZDI1NTE5IFJvWDVQUSBTQzhUY01rOFlCV1ZQbGhJ +dGFTK00wZnNyRGVYNjQ5T3dtZENDSHpycUdzCjNZNVd5dWkrWG9lMWdhZVJQUE4w +SHl4dmpwU25PSDZWVkZUTjZtWmNhSjgKLT4gc3NoLWVkMjU1MTkgRjRiYjhnIEFH +WmNFL1ZYazFZNVB0R1JYTFpBNk50U0VWazBhOGh2SDhHdGlwRWdSeHMKemUwNXN0 +aEdMdGJVZmdpWFN2Zm1BT2wrQzFBR0hIUi85ZHFSSVd3NklXMAotPiBzc2gtZWQy +NTUxOSB3ZHJaSkEgejVkVURQd3hrQ2pyMU9MVG9VTG9VZmtKbmtDZHU0RjdHM2lz +c2VTTy9FYwpUZTBkaU1rQmsxaWRzTjhvdis2VUZJV09Vb3g2VTNNVHN0Z1llazRL +U0VBCi0+IHNzaC1lZDI1NTE5IDVhZHFNZyBrRXNWcHk2akc1bVZBbitQcUlLYU5B +cmRnSWM2dkVKU1p3dk1ueUo0bUc0CmEzdjF0dUgrOXhETWRDaGlDQU4zTWxXNXBS +TUs4V3U5VWNNczNTVDNLb00KLT4gc3NoLWVkMjU1MTkgWmUxTXdRIERULzFFSERl +b2ZNa2tzSDhZbDVJb0RndDFBRzlBc2dxcWJMcmcrMFJUaDQKY25kejI4VDVrYkUx +OWo2M0hLRFBLNi9HeXc1elVVTTY5Q094RFUxQUlTUQotPiBzc2gtZWQyNTUxOSBw +ZUZCUWcgTlpTeVFPOUFMc0hNNkZJZGxJSVltS0JEVnFoRWNBWGpLUVNwR1pPZXlT +YwpUTjJPak8xTWtlUEdFNDZhMVBxWE5xMGZlUFFmQlpkWkh5UDdqeW1SeHlRCi0+ +IHNzaC1lZDI1NTE5IDl2LzJIQSBZVWtxQWNwcDdxMUdtSVNzT3hkNjMvVXUzd1Vp +bXp2YTVOOGFyMDJPV0dzClhkZXNpbGVLUGV4SE5CSDIzYTNRRkg0ZXh0MEdDNnhz +aEtReUJES3ZsbWsKLT4gc3NoLWVkMjU1MTkga0hrMmdBIE1iRkpLbzJnZFVObkNQ +SzI5K3krcjJvMDNhRXduWFhXd2RWUDBTdWpVaHMKMnFlRGFsSnlTMStZbnhYeG5U +Yng1TXZOTSswc1FXY00wSTErUzNDTzhvawotPiBzc2gtZWQyNTUxOSBJb3NBQlEg +QVFhZlJhRjNsdndHa0RPaVJoYUMrNTRoY29iUWNXdXJvS0hBb3VMU0oydwp0dmdo +amFxNGJnanRCREt3ZFhld0M4UFk1WmM2RmJmVTY4b0g0RkJXYnJVCi0+IGgnMTZv +d2dGLWdyZWFzZSBQMkEKbThTYkxNa3YwK2xXbUhxb2RqQnd6UUl6a0JVcnVPR050 +ZFZCNmpjCi0tLSA0QVdjZEIrOWhUaVpHNytqY0h3eExLVWc0djlDRWtQVEZuWHM5 +YlVydnljCo/0r5CGdm/VW7wxgZhkhisHJbstH3r3YrghiSORsBwxX+GaKIziS1ns +MyRg6TWoWjIUe4epfGzqton35ekvrXWxGlLCuIkQgY1frgPTE4kZdm/T1pqzZpQ0 +4vZkl7nVd4k9oayv2LfpN8loG8npcwLfSKeVFCEooTOs+M3eH+wCEUd4r+TjfG3D +ZT2eAX9HethENX4GQxN+RQagyWOlnZVpf6QYnwg/bzRGtRSDLVYqmLJd5BbOrON7 +XN65I5DX2kBGtB3Y3F15hHjGxHFyded4bO9w/SF+jOM+yGnTnTQ1G7FSw0T8dwWo +7laPDx5WSM1zop0jLJ5iyZjNWJJt/j8t9FBGdqxtPUxP4jPVTTEiYJbtTauZtRUN +rc3UbQvDJTArGbwAQsTlYuMd59oIy2+cgpYHyhW2cPixL/VHxRYupNWj8g== +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/vaultwarden_env.age b/flakes/secrets/vaultwarden_env.age new file mode 100644 index 0000000..083ba6c --- /dev/null +++ b/flakes/secrets/vaultwarden_env.age @@ -0,0 +1,20 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USBMZ0VT +QWNCOUNSZ3ZPcmFFcXMvZkFqMVkxV1dRSDNLOTFzUExoc0F3dENFCldFZHdNSDdm +ZUR2eC94Y0cyRWJnTTRnSTlTRUlUSHlLS09IS2ZwZmVhOU0KLT4gc3NoLWVkMjU1 +MTkgc2EwSmpnIGlNaHFLQ0tZeFFLR1ZPZnpCbHEzdlZXWUxjWFNmMUdMVjdQUHlJ +cTJUVkEKcERQMVNNcmxQekUra2tUNUhyVTAxVThSb3RPRFBOOWMwRlFqUnRQQm13 +RQotPiAiXzVSX3wtZ3JlYXNlICpQMQpHUk5aSHJPRnNjQVR4Y2Q2TkhzU01SWWhh +TjBpb1JXbVFwSUxlT1BObEg0N2syNUJjUlc2TVJueVlyTXJRckQwCnhNOUZIVlVh +UG96d0pibVJsdmdNekJFUHg0NXFpa1JSd2lBdzN2S2JxenVMNVpWQ2hxRXlWUjFy +TWcKLS0tIG1QMHV3VW5VM25QVW80aUZOeEpTNG1qYksvQnE5emhBdzBuM2VMZE5n +VTQK6avsHayBgGGdjkwRORdaAz8mwLcxvI3YCMYwXjXCvJmIvlQerUEkDOU9D8sL +I+aSD5YCoHoJ5FsIOox5WWYEVcPxR/y1G2m3pAhZh1ner0Ckw29gsjdmckNwtSSr +tTrSve34ZEij1O7gfO30hW+Kd4579QWH/diFTrP88DjopqsaTWyh+A5A3WP6NxhJ +U0uL5RIPPGCMs0peqZG1Y44KRlt79hKELop4CwyF/06a3Oxuze5vifGl7+mogq0A +Xp3NgWR5AM2Fu+NfEQDUHU1R/CpyY6+VcTZWi8iu0/XfEiIQ4n5JSYNtd3ZL0ldL +WRoNdpA04IiCWM7fnRdDRVRGw9bDJ840oeBiSvbRqIt+uykEndEzKCxXh/jWvP+X +tBj05Rt2Qj3xAsq7yzsvK7vzacjV8fU2kNpxDvhVLQO8TBI5z7Sofu4Cy2fFY1F7 +J7JABO+kciZ23gdEofrHusv3oZvu2eQ5PO1FXCSsZzalum2cWWou11QDi3Vt65kN +wjleyKCDx4a68n7IoS2GOCpDw/G0ACmHrTSnztaO +-----END AGE ENCRYPTED FILE----- diff --git a/flakes/secrets/zitadel_master_key.age b/flakes/secrets/zitadel_master_key.age new file mode 100644 index 0000000..3b07b55 --- /dev/null +++ b/flakes/secrets/zitadel_master_key.age @@ -0,0 +1,15 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDd6MzN5USAyWGFw +bUJNQkwvcjRKUWU5WWozTWZHb21IdDNlT0VwK21LQ2FZNEJWWWxJCjBBUDV4MkRt +Y3F5TWVMN0xLMjBibkJMcmUwdEwxM2pONUlLSU1EOXV5dXMKLT4gc3NoLWVkMjU1 +MTkgcGVGQlFnIGJPcEx2TnFZZjVicDlYaVdwRmJHSnIvZlpRNkx5RG8zVmZTaTFq +bmkwM1kKK0o3ZVViNnBjS2NZbFV4TERBczJNQWxtWU1IYTNoL1EzQlNxWHhFNDZL +TQotPiBzc2gtZWQyNTUxOSA5di8ySEEgZm5nYXdJMElxVTE4TnVnY0xSVFVtMXFs +NTNobnI1MjdMNDhWRmpkL1BnSQpXRHcwSVVCajFhQlp4N2J5VGhKc3E2eHpYZmd6 +TlU2MXdtdmNrSUJpZjFFCi0+IG5wImA0LWdyZWFzZQpuSHRTckxXVTd4eTFETWE4 +MEQ0QXNaTzhSTmFOdjI5Vyt1bDVRU1k5dExiUVk3bEdCeGN2UFV4Y3RTR1MvalNn +CkhHWFF4TGtPcktieDZnQTRkdk9ndnllU05zSVlMOWh0R1ZncUlWNy9WZURiCi0t +LSAxdW84VUg5d21jT2hrNEJ0NlBES1NRRjU4b05JQW80dk9IL29LZGlST0FjCnt8 +t+yvFWU0LlFGAWmLc9i4XFUpexZf8rC2bfw3FkNPuCzAyvbowhBJnGkqK+2C+mtL +za43EsGaLvA5s8ObhLw= +-----END AGE ENCRYPTED FILE-----