mirror of
https://github.com/phfroidmont/self-hosting.git
synced 2026-03-28 06:26:08 +01:00
Compare commits
3 commits
a1945ec137
...
a6571d5f39
| Author | SHA1 | Date | |
|---|---|---|---|
|
a6571d5f39
|
||
|
|
572c6e3e54
|
||
|
|
d04d69157e
|
11 changed files with 366 additions and 50 deletions
1
.envrc
1
.envrc
|
|
@ -1,3 +1,4 @@
|
|||
use flake
|
||||
|
||||
export TF_HTTP_PASSWORD=`sops -d --extract '["gitlab"]["token"]' secrets.enc.yml`
|
||||
export HCLOUD_TOKEN=`sops -d --extract '["hcloud"]["token"]' secrets.enc.yml`
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ keys:
|
|||
- &admin 3AC6F170F01133CE393BCD94BE948AFD7E7873BE
|
||||
- &elios 0C143D8AFF5FBCD2293897658E66EDB0546158DF
|
||||
- &hel1 0f0c4c2f9877cb8a53efadacb90613a2af502673
|
||||
- &relay1 515a19ef3f9b98442331d89b2997d83ee1948d54
|
||||
creation_rules:
|
||||
- path_regex: secrets.enc.yml$
|
||||
key_groups:
|
||||
|
|
@ -9,3 +10,4 @@ creation_rules:
|
|||
- *admin
|
||||
- *elios
|
||||
- *hel1
|
||||
- *relay1
|
||||
|
|
|
|||
26
flake.nix
26
flake.nix
|
|
@ -51,6 +51,7 @@
|
|||
opentofu
|
||||
terraform-ls
|
||||
sops
|
||||
hcloud
|
||||
deploy-rs.packages."x86_64-linux".deploy-rs
|
||||
];
|
||||
};
|
||||
|
|
@ -75,6 +76,27 @@
|
|||
networking.domain = "banditlair.com";
|
||||
nix.registry.nixpkgs.flake = nixpkgs;
|
||||
|
||||
system.stateVersion = "25.11";
|
||||
}
|
||||
];
|
||||
};
|
||||
relay1 = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = {
|
||||
inherit nixpkgs inputs;
|
||||
};
|
||||
|
||||
modules = [
|
||||
disko.nixosModules.disko
|
||||
defaultModuleArgs
|
||||
sops-nix.nixosModules.sops
|
||||
./profiles/relay1.nix
|
||||
{
|
||||
sops.defaultSopsFile = ./secrets.enc.yml;
|
||||
networking.hostName = "relay1";
|
||||
networking.domain = "froidmont.org";
|
||||
nix.registry.nixpkgs.flake = nixpkgs;
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
||||
];
|
||||
|
|
@ -94,6 +116,10 @@
|
|||
hostname = "37.27.138.62";
|
||||
profiles.system = createSystemProfile self.nixosConfigurations.hel1;
|
||||
};
|
||||
relay1 = {
|
||||
hostname = "rl.banditlair.com";
|
||||
profiles.system = createSystemProfile self.nixosConfigurations.relay1;
|
||||
};
|
||||
};
|
||||
|
||||
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
|
||||
|
|
|
|||
29
keys/hosts/relay1.asc
Normal file
29
keys/hosts/relay1.asc
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
xsFNBAAAAAABEAC6MtIO9yijVyi7GoKyfAz+oXgtXfqLlCzpGbxhhhEHDFgKkwzY
|
||||
S1nN1GW5YcMjv8orKOSCZkf+pz4o/fZMiLX0jqLomE5fpTj4Lb56dKVJedWfQUsG
|
||||
HAwX0u05QNcpi3iDlWuEx9WiOzy5nYEJMNmc+CrsWEBuEh88TcbfymOWqJi7FYj+
|
||||
FJjev6mcPp30qr4nHAe7VtuP/6a2pYbfkWvSUX+WuzLzeISILtkT9pF2+y0XFi7/
|
||||
8eUHWK5fCDP3IdbkTmN1gk2MJ+smMuwDMRSZTlFM8sBeIj9RBD3R30PsGHzsaNbr
|
||||
CZ+80zSrjh5YbjYnLwBw1oSXk5xj0WFKPwsdTsHICJVclDqsxmJeo36kqF2o4iwv
|
||||
36olTSJMEg/rx45+GcVvMV+7PEXcXpMz6R5ENbe0JJKX293biRqw2g7RAiyO8hhf
|
||||
d9P8Wb/x1WrjFe51CthMe3XImeV1N0ualV14yYgYkrxIyETIbqlHSZsM/1ki2eX/
|
||||
biSbAppBBpaqm8Q05rYvACbinOnN4LJxuJo+MimCsw+X06dMYmniXwviuOX5FZVX
|
||||
wLrfEI+6hsI1fl7fUKTSIcNzuCzzPMHXc70haCUKCbG4+YeEGy4rU6nhuRPewp6I
|
||||
Rqt/Rr7ZPUmSvrQnyKU1tGdCbO5cWXeEuhBS7mXcM5oUZoXbjuIpJsEyfwARAQAB
|
||||
zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBrgQT
|
||||
AQgAYwWCAAAAAAkQKZfYPuGUjVQ1FAAAAAAAHAAQc2FsdEBub3RhdGlvbnMub3Bl
|
||||
bnBncGpzLm9yZ4FJ7kTP9qArngLB4DQlfywCGQECmw8WIQRRWhnvP5uYRCMx2Jsp
|
||||
l9g+4ZSNVAAAzMYP+IHFwrgTA2mH3aMi2p5Dq8L1kMnfMNRo0g31SLQQ6M4dGoeq
|
||||
N34vV1brRPy7Idf6jU5yDUGUHsriNviCmGoVfr8QskC0XXpQHZWdWPDYlAy2yYrD
|
||||
UV6q98Q+1Rg/hgRV+J5JChoA+8nW8DSH2lLG/ZqPVEZ7mTcXXLbZuUMLQhFNs/hu
|
||||
ckV/KddAxONq4wmlukGZhT3p3zW62x1xxN9TmVlVr4KcKIY1y14HY+AjMO7Q9d+6
|
||||
jPrdt6pKT81iZnysZ/tldtE6acQptKKzN4pM9XgyK3tlRw9sf/aYPQoDhzDFwoic
|
||||
O6ai1VhUxEBb9GyUThoWcMUBUM2ZbbzPXZX+upnJSN82ABpm3kSvOxW0RvdXRUPc
|
||||
LQSy1x7MF+z7WsbJ2LDz88tRbf8x1o6wqXJd9VSFX4QwK8BVMMhVOLqtBPrXOfMH
|
||||
/sJLD1uZbp9ZKUFQH67qF2HlQXnZKesg0ayw1wAHJhEN26fK4WfT1vMDt6V7d5g6
|
||||
Jz73fcC4ntZCREfTAVrtEbl+pRRNpDrN317saKlLQ6V7rvjhueGf7NhsEJmd/BFK
|
||||
PMm4goLAZyti6SFwlanhq57ejZvYzMijz9CXeA41zV+WSxwh20xHmhRMvko7/Q1S
|
||||
iPpFMWjCp9fkdROPriMw5exR3hE4ADVzqdTpMGnpkOdiWqet4NttcTU9F5I=
|
||||
=0Acw
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
|
@ -37,6 +37,13 @@ in
|
|||
"lefoyer.lu" = "10.33.0.100";
|
||||
};
|
||||
};
|
||||
extra_records = [
|
||||
{
|
||||
name = "wsl.ts.net";
|
||||
type = "A";
|
||||
value = "10.250.250.2";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -453,6 +453,7 @@
|
|||
aliases = [
|
||||
"osteopathie@froidmont.org"
|
||||
"communication@froidmont.org"
|
||||
"kots-libramont@froidmont.org"
|
||||
];
|
||||
};
|
||||
"alice@froidmont.org" = {
|
||||
|
|
|
|||
161
profiles/relay1.nix
Normal file
161
profiles/relay1.nix
Normal file
|
|
@ -0,0 +1,161 @@
|
|||
{
|
||||
modulesPath,
|
||||
...
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
../environment.nix
|
||||
../modules/openssh.nix
|
||||
];
|
||||
|
||||
networking.useDHCP = true;
|
||||
nixpkgs.hostPlatform = "x86_64-linux";
|
||||
|
||||
boot.loader.grub = {
|
||||
efiSupport = true;
|
||||
efiInstallAsRemovable = true;
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
networking.firewall.allowPing = true;
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
80
|
||||
443
|
||||
];
|
||||
networking.usePredictableInterfaceNames = false;
|
||||
custom.services.openssh.enable = true;
|
||||
services.openssh.openFirewall = true;
|
||||
|
||||
services.nscd.enableNsncd = true;
|
||||
zramSwap.enable = true;
|
||||
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
defaults.email = "letsencrypt.account@banditlair.com";
|
||||
certs."ws.banditlair.com" = {
|
||||
listenHTTP = "0.0.0.0:80";
|
||||
reloadServices = [ "wstunnel-server-relay.service" ];
|
||||
};
|
||||
};
|
||||
|
||||
services.wstunnel = {
|
||||
enable = true;
|
||||
servers.relay = {
|
||||
listen = {
|
||||
host = "0.0.0.0";
|
||||
port = 443;
|
||||
enableHTTPS = true;
|
||||
};
|
||||
useACMEHost = "ws.banditlair.com";
|
||||
settings = {
|
||||
log-lvl = "INFO";
|
||||
restrict-to = [
|
||||
{
|
||||
host = "127.0.0.1";
|
||||
port = 51820;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.wstunnel-server-relay = {
|
||||
after = [ "acme-ws.banditlair.com.service" ];
|
||||
wants = [ "acme-ws.banditlair.com.service" ];
|
||||
};
|
||||
|
||||
networking.wireguard.enable = true;
|
||||
networking.wireguard.interfaces.wg-relay = {
|
||||
ips = [ "10.250.250.1/30" ];
|
||||
listenPort = 51820;
|
||||
privateKeyFile = "/var/lib/wireguard/wg-relay.key";
|
||||
generatePrivateKeyFile = true;
|
||||
peers = [
|
||||
{
|
||||
publicKey = "EX3QEJYNzs3sA3FUEIc9YGAhEup20qOCzUe+nMRrljQ=";
|
||||
allowedIPs = [
|
||||
"10.250.250.2/32"
|
||||
"10.33.0.0/16"
|
||||
"10.46.0.0/16"
|
||||
"10.133.0.0/16"
|
||||
"10.134.0.0/16"
|
||||
"10.161.0.0/16"
|
||||
"10.200.0.0/16"
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
services.tailscale = {
|
||||
enable = true;
|
||||
useRoutingFeatures = "server";
|
||||
extraSetFlags = [
|
||||
"--advertise-routes=10.250.250.2/32,10.33.0.0/16,10.46.0.0/16,10.133.0.0/16,10.134.0.0/16,10.161.0.0/16,10.200.0.0/16"
|
||||
];
|
||||
};
|
||||
|
||||
boot.kernel.sysctl."net.ipv4.ip_forward" = true;
|
||||
|
||||
networking.nat = {
|
||||
enable = true;
|
||||
internalInterfaces = [ "tailscale0" ];
|
||||
externalInterface = "wg-relay";
|
||||
};
|
||||
|
||||
disko.devices = {
|
||||
disk.disk1 = {
|
||||
device = "/dev/sda";
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
boot = {
|
||||
name = "boot";
|
||||
size = "1M";
|
||||
type = "EF02";
|
||||
};
|
||||
esp = {
|
||||
name = "ESP";
|
||||
size = "500M";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
};
|
||||
root = {
|
||||
name = "root";
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "lvm_pv";
|
||||
vg = "pool";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
lvm_vg = {
|
||||
pool = {
|
||||
type = "lvm_vg";
|
||||
lvs = {
|
||||
root = {
|
||||
size = "100%FREE";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
120
secrets.enc.yml
120
secrets.enc.yml
|
|
@ -1,5 +1,5 @@
|
|||
hcloud:
|
||||
token: ENC[AES256_GCM,data:cLSwCwwtCaSn1eewHeLpCj4eS05z5+p5fpi0qZRj7/aNnKvugcME/eG3VR90hvpsS0g/EIWGmYK9Bv6thWEn1A==,iv:X9r7bQrNqaGRK7QwA6OtwyqUnoNCAf+ZbnMe/26cF2w=,tag:emGH0SWvFTE3AmYRNHKXcQ==,type:str]
|
||||
token: ENC[AES256_GCM,data:hC0jbTzLR5n14EGI9Nl6iy7hz3wMB+NtuAyp506bAoOKQxGQMaQo6lxnL5DV8LfNUz/x9w3gl/AFvW7fqq3HLg==,iv:1bk3wQcaTjmBs3S4L73H3I9iAaUjioVPogobrITliVY=,tag:uin+HS4kQAdYN+Z5xVcAkQ==,type:str]
|
||||
dns_token: ENC[AES256_GCM,data:v41w2CkGH1bBDIv0MfhOKEYDn842zLoG8tpuVcuspic=,iv:+8fH5X0b+K4QOepvxFMOZIEUqeF+eCBZVfznXoefEUg=,tag:x78M9UQ0klJeVxtnPwMHGQ==,type:str]
|
||||
grafana:
|
||||
admin_password: ENC[AES256_GCM,data:seXajvIHrEU7XR/XVD6uG/dmZ5I2oiL5IxsM+sMlV9awLwnYpDI0u0gJbYqSYvMRhXS/ZhXuXaTJhgXD,iv:oavt6HtbCCLznPgpSSLKHcHPuJSP+7hPPLepu5orqm0=,tag:Gubg8LEYUMInZpXE1SDYtQ==,type:str]
|
||||
|
|
@ -8,7 +8,7 @@ nix:
|
|||
chisel:
|
||||
auth.json: ENC[AES256_GCM,data:R2Lpgkn+OgYYKPWZdmvI16oOgVamNA4SVVm5x3A45hcHhVE4t7izDMkkgLHybPFZypBeSI7WPvrJBrK+xxt3Ykpt47GfiSvWv7aU1g==,iv:SX78DpzAZheg6OppVoedtr7FnDXRJSEgw7eEclN5IOs=,tag:iW7SJKkaHaLwyMUvFQld2g==,type:str]
|
||||
gitlab:
|
||||
token: ENC[AES256_GCM,data:zZ77gaLg2/YDc5BmKvO1AzwzY6JM7cBwyCk=,iv:kb6+lyRxnH5KifLG49t3XA5jDAgjQFiYUnE0YyAdla0=,tag:umVKw3x3MPII3IqIUmAmIQ==,type:str]
|
||||
token: ENC[AES256_GCM,data:w1sn55gAYBTj03wzVBHmDS0IT9Y6fRTu+ONTLfirA0XuiReL5PNbF4HL5UkurBNaKhMWp+U3tOy+,iv:j2WYxFvkHmoJfmtqTZG3BI7TRxuE/faMDTLedottFwc=,tag:6kraXBaasziA81VzWxscXA==,type:str]
|
||||
runner_registration_config:
|
||||
hel1: ENC[AES256_GCM,data:fQ3mOmS4eC1ocvXmGKB4f3sDedw6Lc6ekqe2QzL8nxdvjfrbiuhujxrVXq2iPPQz0Jc90N0/OfAH1qe0jtKQZc604PO5rhQuzwJvoZcjNvPq7bIbkLHaQSkc/8wIssm0+wBxCr8naIrXsdDqA2/kNSWYM/bY073RSFqD,iv:iWDYxw8hwVrCGDGg2WB3nNxCcZrAk1lcauDqo5GUqo8=,tag:UQ+DfqDBigAGB1em03yS4Q==,type:str]
|
||||
synapse:
|
||||
|
|
@ -52,6 +52,8 @@ wiki:
|
|||
users_file: ENC[AES256_GCM,data:glllwv0+KnPOeJ4eFNXECZPZvL6k5RODxIJNfWjQgo8EUKF7UsVyRvHcL2g9TAEpXKT8RGLekZim+Q467eKKGPpdj2LlrI/XYPyMvk2ShaTBO2ivx+6e9zowpdJNclBMmtKGgggK+r7LeXGunCl06oq86LpKq9ddiX2zZnOfxU1b0ZAG+tmqSVfkgi7cOs5DGagSaco+2+SkCOGThahGquWMrPmVULO0Dz2w98+7uSbmFmXlJOOZjKCk/q0ou4Bi0gK6lQ8/fKleNJLJ0x8Vx0WPYZgz6109RkTYznMl2HSIZEcNp81PxQvr66Vumc8ZO+OXWbNyY064/LXFJB7sEA57r4ccHHkH5+FCKFQJzCA=,iv:Ki0MCTJ8jwogDNL71kiMY4EGrfBorxB2rpBJAid6QOQ=,tag:q/mfK3Dm0KFnK4AHjzsP7g==,type:str]
|
||||
scifirpg:
|
||||
users_file: ENC[AES256_GCM,data:bApVa1CJkHToft8LyO1rWSF4fEbOl+KIHUxFkiWxgzpaX9VuC3fnqGK1EVALktdIW4VkDlUgnNrRS/MY5orXzVasiYK4pzpKUxehCwcDaqB1qw==,iv:cQnMr/XGYsnDiK7ehRW/bPSKGvkxY4SAWvzrUOkuVSI=,tag:g/lmBp2ok6wkVYRkwW9A+w==,type:str]
|
||||
chroniques:
|
||||
users_file: ENC[AES256_GCM,data:lnNy+O0EoaohYx3Q+bpnEtpsMtsTC9efY5+eVR1M/hUuj2tdbeQRS+H4UGAZcK0FYkUdf4lZqWQPvZL6/oHg61a7gfyXlRQ4QktW9B54CBef3g==,iv:IPsmzv9HxKEZysOoez8i+EPrC9BA/j4gDNX5w+09JhA=,tag:KWiplISQv5iicIJ+w3K8eg==,type:str]
|
||||
wireguard:
|
||||
torrents.conf: ENC[AES256_GCM,data:xmiIpECVRdZ7yXs+3bVXc1tX/vKx5NSFxnOE0HQpmF0c97rd0ztkVtoLO1a6HWgCnxA/8TQbJo/B/Ij5fOjJ4xa16PCmhHY1Ba4/qjTykwmtvHctFRMTrAxQqx9MGqf/TadiorvYvUVomvas82W2+fPQb+wmxYsoM/Tq/dXy6Os933znEHtcfBe+qCXYijGqX9ob5GbXL0DvxGnJaQIxji00XiDXXhfVBCI5jHWCI/S8XD3PmS0RwZ6cik9tqeuB3PuOxVj5ofXEM9T+YrIXsj7dCtNiY5bifADScPYKw/VmDW4tT8NOuYFTQYkwY3O5psUSZUbMAdJYyygFhDoW8j1tifxdh4VLHmsw8MrYzNOFiZxv9VR/XVDSbxA/yFaIn+JqKw==,iv:mpUekPnpCIr/NcE+kOW4li3itFki/lVVtf/hkBKtM5E=,tag:rAyp3kzzvCX3YRWkrDODHw==,type:str]
|
||||
openvpn:
|
||||
|
|
@ -72,68 +74,88 @@ sshfs_keys:
|
|||
public: ENC[AES256_GCM,data:/68JE+/xr4WhUNghjenqkqnB+keotQs+IVa4anFbe78AGrtWXWVndGN+GTDxh6oiETmndV2S83SnlCU6xnOTJwdctDISNlulPj8SH7gZ22vhOa01AbD9r635HFVc0sqJO4xhnQrymuMj/0yvnFb9i9+4iTqQpaY4sDfM0dDQ5Hj29FP6tRVSKE0+e9JS/e9BHnJdSHoL+IPD2YxQYDWKwWayeQwAPVfi0X0AjuZvhLq65HUP7EeqfExAJfMfGk8AB3tHEFR52aq/c9u2TfTxMAqPKMyWEjrcsTu3oQObOuj+nZEQOZuoJoyxpQlLqe3BkMXEGvL+jeehyMWA171RapstWkXEoFd6p043OlVOXw1w+Awz9VmI9Du7l3AWJUABhCCwyMPR/jwK3vRnNrxPxyS2ophFuboTuVCr9AXkTaEiGH7dALtIPHoP3xQD89yYkqL3BABMi7ymUEERecsfwgP66sk+7VXQri/1LosI+g3NsAtJP4kIyjXP9ZqJTv0VsGOxOGgbtVbrBsw7UWYPuuknGNTStmF54VBf77BEg6wVqOEM1WM9JhoZsbDvBvGIqV2PbSR4UBJg04sHtcRQoCp4h8B6b6djVoI5YZ5N7SLNAy8e6t08r6/7iwygrafMGLxXPaSw6bcBksXeT7BNRRsKFvSbiNPKax0yOpIJiJMgoM7Wo8wOgekBaG+s8+7DkI5MlXiyX/6XWUtBhJqBGUEUJTGufiIspD4RjKPsJeFTMXAUVOjzjZqg4jpv4pbhDtBgbF58zdoMpcqbWuvxfaur7gHOnCPpWMJN2VeWxLdk0Nr66yRvVzqCIVA2iFuZj0Mulmqmj0i0Vh/CHzesXZODi10wauewxv19Iie7Bjo0v3ahxjTSfvG3T8emZ7Us+Q06W8gLZ0IvHHXy0yKvsg9VgFTX51RaW1KHHBO4DehOvwLcJRcuADfHlZDhrwtUbQdA6cWAnZoezQy2np/Dp7hMC34m,iv:kUKBtPeLWola7isgEo+QDq1RZkbR26G0AoBzy7iubiE=,tag:/kUG0/G7U83dp8p9AgyJXg==,type:str]
|
||||
private: ENC[AES256_GCM,data:NVKHVh5Ap1of3j3xAXbscIX3Psa6EolJ/wuhZu0ZkvcgLLS+Oi9NFqqiBdMQw6DrL5Os+GeA2rVSlCh5/mfntUMH5FTqnRRMeiQ0aaXPS93fxlD5jsrJH7BfTLkH7aijANiAf+Hy3pdfVELD5iiKYEGimRAU3UR3Yf0t/D9TbikO+alyZ6SpaDJMSpccYLD9riEqAUsWsWOc8Gd7K2vB7h0D5uePyFFcVw3pvYweRs5S4KlOisdz9eG6CNVaG/YjL6dlvILVxWwAx34AqY3Ul7FkpZ0tennba8Yz/i/fMp3mxZX7FcDmga2DekvybU4ff30SPv9xEtnFenI/ElKIH/duSjo3wBf8xJ0+EKHXulwhmR9lpvYCfjXYvjtJDhoof2Yw9Tc+dCUcTSdTex92NJBAXLEfL2BTRqszFwhJB3RQ5xNItLilSdmuDElPvhMpNfX1c1RsqjMmlxd4MJYDIo6TiBAQ1eEP5CQG8nWfZesmGCefSBmRlAAy+rWHT2gpGtVCUUwhcBlCHs9X5MmsBHDKrcmQIrMfoQHJ7etVRjhW3+s+np7ldjnTadVqo/or53wpHWg/SCMCaAdMKxPU+APEueaIPxKP3ce3WmMaH7qrgHUFo8EOx0FYaoqxuN2JAW/Ap00JOfN3fvwvjHZwvg47SO/F4hboRqsWaryHIFhlaCcBnMs0/hszbc/w9nkhJdirqCYss8URUvtoKYa1G6quCswd+BC+5aQyQP4SU+VMhw0ESWbZXzOzqypFvr+DH1BvOX3/aGZfN2aCJTbHqaoLaqwP0b5UTEdt/uW8vH9iApnQqsOiZhdB+RCLMkKNaFRR36k1bbI+RQibLOq9QL+bwoSQ9eA0bPpPBLPrL8I0zPBv506f72mqiH690gC/wtdRn6ujXV298nvMRQc1HbjCIexyALS9v/mvhUalxUmYlkf3eLribleQmbDtf5Ehg2oCcx93Zya+mSB9zgR2WRNq7AXO6tm2UO+3jr5xG6E6+J7lhUh0kmJBY7ScFU+LgogtwyJml4xAbNxCcmx+1WKUFCctlvOBZiVo8QB5vTMG6WYcOZZ8of3EeldiodCD14vQ+dNhmagiiQmFk0xBG2LjwTJvDkq3dRET7VZfRUnhrGdibLGykT9HvflVX+0kvBsYLvwKUvuy/HM2dvr+aNvhUm7H03tHygZK3cv0bq/v93jqo/5tvjNxDW4Fr0qHvRMsbwFXURmzuw5SMTx6dtPBKoE65oR0Ueo1yh+r2rKzFMKjfVFSq9HReD2V9iqUoTWduTMzsX0pCSiUvIPMNArt5szJtC3uzZRLOedz0bKR9lTfOG96M9iFpy9sLH0CNekvGy7az2sD++PVqzpsPVUlmp11+AQPFF/F9wPsjuoQiEOh3gIEuUsqyyuBqaFUmEBhWnOoNb8RGOIDF/TXzWvvrRaDw3E5RJ6ATS8SppPK2vYlzaS1Oj9+KX2JWCvuYgOv4NJkQ8R4fnKPKTmuU4D/BEaTfkbPvsYjocgfU6ENxtFHsCqc0Am/5NZOjwZVhcoIiEBbih3g8N2+Kqv8+1/HbaB4NGLwh4GLahYIzqRyWT8IoF5Qml160h2vKZCH7BK01bCSbXppWxs7Jbs0cOnb0cLsuMrHNnYlgGTQUA6A/zUq9pEipjT0Sheu6MQrbEzGCosvKHikJ6UoDN8SGgnVZ+w6l/TairatvG9guEyfM7uG6oF2ohLSEtqmzlyS6VsiiU3FIup4awh1g2fq//DKrttUX3dOHx2ByVR1xESBbQZaK5zdYlVxuBqZjWLBLi/c6eUkJobjrbcx8kvdCc4Yeh/tO5k+Ym+gdgO/V68M4cg5j8qlC8J/YsGtMgSlmE9FbScGT8VCfCfaZAC1gONls5asEMZHF5/HH2Q6nNwMtlvfIJ4RHwj/EyoE/gC9kr7Mv1OIMl14aBx1OFzGGUtlssdyQOhGfBJIthQIwq+kRqRDSSyvLGxlvidsUnmrs6XmJQiaIxflj1aCbhmN3QgsT6klXtnn+959x8TX+TvLW7DfS6PKJyeg5DQKuV1A2hnBdyDAAHJuur/k3YbJxvp0nMWQfGGo+nCvAfSpN6hvyUYbriD/pduk9qTcICZJFI3IDDQksF82HanaMWtQnoIUb+TKiDHi6tYr0r6JCtv9x/LLKFjJ0Cq/cjMOxv5a69XNRvbQq7mhwv9bLF2XS7g6CNFLYFxVymJx/OIEXtqmq0AV/C0CRXdW4BYctJCRU71W61VDc16Bb7lfG0deuU3ufdfDaT8MQE0R2/97nAF4sdurpqLLAeP5T/AzDTHk1dgL/cDuKrQ7RSX1SpPgKZPMzSQ/+LjRI0sqHff6nQpdothYLgC2IQZAwDWrI91Xg8OeqJcDQTDVUolMk/+qiGRmMT96dl03hUqyrPpWIdipYqAXKw58djQ2wvcVz0h6ksv03W33ZpwQEqsHBYlA1nCxoCxTR5VlO3uhRNXLPVOrP2BmnnfeknlNevTwRQWA1pQuvgB2JWdYbtnJvdLK+dSvemZhAqOqQSCM6zyh4tUaw5R/oHlBgTosaj28oEQQqQ737PsAcyhpjZUYJ4TWyOg8ng5DH2Js40jomml8VsWIS8V9Cw3vmwn4FUeeKCw8DqzH+LIX6omtzgAQHUVSuOah46u6Cuuw8+adoVy81vXW45uEIj9YpKjrmu5bplWJQrGJMuZAmHOm/F6BQphMVtOhncmpzhghtKjpJhMUlVGvk5WVQmX4YiihBg9el32bTqGEPrpuGZyfrYj6+gB73dP3Ey8JpHIxlp0QVpYUvGbxsgxYKCuETweJfh/q+hby90E7FaHkDkFPBKrWYHD+A4p/AVgmKiIt4rP3pb05EkMUv0ujz8Oro0BmidEKJS5N2diIr5tB6ao3y//FZ7beuLGp03P1Ann4YDxrRp+/75g/xY9zc1WTWe0ugA1Ine4kAH+1wE//NzLTIrrI0J0TJFzpta76jf/S7sWDYyXnUHl1OSBVVUeVpgQGJeaGMLPZrkUD3fNnAf4mntEy0WTLQcCuSPDIRLftMzTb+rATGGK9edwAbF/L4JwMt+n5v0nfcNLnJUwkSvFYTL0gHf3kDxisIblx/gdFT6BotJFz0uQNOoBUMdpXMtC5XcmbmqznKMSlBBkRrrftjqkWslUgYWfu1OB+Uo17yI3yPZpD/PVsK8Q/uKx2VW3sTA5+CilLc5+TVucYWu/hfArgqgNtI4Qo16Cyv+2gnQE13qHGfC2IAnrynnPcVqpG8KUaF3F8DkC9aAoOP0C+c1s6vk6e2iFU2bB5eUKsCmgu1jToVZEacXG4v/hjfx+XunMAELPp6CRV9MDp+7MoGPIIRHcDzlqL8uOKe84CM29qsGBShZXEc03ZyAf/45fVcppO0hZJbmQIHS7AOy56yW/TziH2IlGe+iAr76Z3/EZjxHDpBhcp3flg448Pg7Cwssq8Pd5UYQ276wgGeO05ZbdAPPdhvsEFuU8SXcVXakBO14qKBKu8GlFFqk4n9z69hMCsTw63MD+KDTQEMuJ6DAvW7RUKBKKrU+xWUvE+n+GAg8A+Ff01ttjf1xJNhNKiSrAxZAHnnzBHIR7Cj6aHmpZvgQSYdTfpX/nhZ5jMc8Jfkg5oA34APxmZBxHK5/E4wJecYMWlfcuLfNn7FyVCN7JRM0iNUS4trCdSX4OhbNIAfzXEbwuGNdBRiGqha5xYV4Z28KxzyqFtXupOHYiZNtZyYGL6f1m4ZTNbGweEk0632hpaJwc4I1AYaWHZ3o02/qzczr2hjfVGKVODp0r6gX64LfuoT/m4/123qj1maJ74zVaP/LnEZJXks3LWu5TlIIt3Cq80/73am9fsaoWNFnVVERfmG/vrBfVO40fJT89Bh5QKPAHCC4nbie/WDGshImVKFHoMT0KH5NFZdIdHSWGcvnc41dMNuwowd6Z/Aie3G2PDPrOr2n/Dv7DxYfB8HgP87l5mirhxlNS1mQOH4DkKkUFkBFNa2+0vIBJmdrf+0SBxev6yZgZbO6GKDR/Fkd99p5qaGd5bRjFg/7A3ZUFiYYnX40AoRR6bhkEyECEtW3B+jd7GOnF0jZFC9wUt3mgpi+v/EiLMoi887nQ/a2SotRd7+y3VKA7hUMAsbM4VfkzPz+LVhhrSU/LF3XkEMlWSpO2fBja8t3xZVtdVaZiFkVxfcla+TBcKr3Po0b7fmzbqVdLvgz/9Zle1s042m+5wKMotHyUMuG/N+78/CGpvqwdad3Cpz8g8C/fX7OVjoVTmhKYOr98Zms0Dr4xOD+Hnb7dNRfojGyuJ3x9UPOzu5zGxkv365iskiBJliALT,iv:BO+OifdPxtMUb83G9By19/O6DtF4D2jT1tmPjXdsNvA=,tag:DVj+JfIeBs3VFwhgZqzTeA==,type:str]
|
||||
sops:
|
||||
lastmodified: "2025-12-26T12:09:51Z"
|
||||
mac: ENC[AES256_GCM,data:Gvoax7ZMLV+TPiHM/CbUphR8x6p9C75Tr9RJW3CMTugEWRlQGuuDS0Q8BWIAOJ/eFEU9a+xC03QjuVb2AykntkOrf2KQYGSMiqkP944CKTn4CrD9c34+koZ9QFmJb5ICVtwGN/ZQevgffSXW/2h8U7gjCj4V/XO47CO0sTPvHYw=,iv:ddH0If9PtDlUJWqK7aV4UyiUxXfxKSWTcT7HypCjYlk=,tag:aJbSurfZIHKiX3FTfozneg==,type:str]
|
||||
lastmodified: "2026-03-25T11:22:55Z"
|
||||
mac: ENC[AES256_GCM,data:QmbEO1eovjBJvuZu2pai+V+5qMWhsBmQSCYvFqRPe1P5cH4eDYwOs24kvjN4FKF55FGPLf9olKMj65wtrX5ve7g5ntvnRbE0lTL0Cm08OvKUk2Bj2tW2Fu+Im7zZrSoQY4WTx533zXHGwvlgEeDT7MPdCTdmoyVUknRgBk2PXOQ=,iv:VT3sNoEEEXrQBdL+dbB9bSnyDxwMH90giVcnMDmy2bM=,tag:VLGTjPw4ZrI0PggVTD9e5Q==,type:str]
|
||||
pgp:
|
||||
- created_at: "2025-01-17T21:38:02Z"
|
||||
- created_at: "2026-02-27T16:44:37Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAy9TuQ4zAbDHARAAqOla+gYyHsbLreus848fUZ4Qy1MEFaS4MH9CQYA3ysMh
|
||||
Mb+DmxMlh3waHni/0pqAjNULLZzSOg/TUCHWKcrxC+ublxm9oC5z8K/MSvJJFHNu
|
||||
hA4qQfN3Cl1w7XXZZmfp2+SaTQPKxED1InPt4Nn0Ay73nmo0ze4RM7LBvM17gqYH
|
||||
GnYLVbj12BB1TlkLwTG0OAttIVKcOHYxpACoYmztT5vtgqH4isDe1ukYNpxTBs1c
|
||||
g7BKxEOkPmOYBBUvBspDCkpD7aKuWCM6yA4cRBuR+NxJhIF46fTgfq1PydhR7YLA
|
||||
6etcZfA6ZDcJsuSeZyuUUuqikjvJRWW3ERP1+vkvD/w4muFk3gwfHv4DfmiY/k/k
|
||||
RXLV0VMuZZpd8iekuJHFqc8lszC6jnos2AZ/g8KfwA4WZhZnNau4F6u8jk1KcUHt
|
||||
eQ0A96qbNS5cWhRgFuvL3YzJpG9R5WcKquUEe0dRqqAsX+uMfgKzk6VcESD/bSqs
|
||||
EygLVmnsoh3DaJqtLldcELkGCzty1+sMXiyDSpR1OaYvJcVIK9BjEjXbYu4k9StJ
|
||||
O7JDaV4BTHw6IwDdQN2hhlFTLEWGtJN8F3Ovhscdwo8GiLSTRF4NZ7hJaUKPBGJA
|
||||
dm+yUjej7cjoyD6QhzYj77SQ1c8EtKSnt0VTWJtaDg1jN6bvNj8nCYZnJ4Xl4D7S
|
||||
XgGVf5/2UofoyOw9JtVkk99wUHN9nFJgxwDMWGDm+3qWqY4wp6Ak39Wo6M/JfzWO
|
||||
yFH+d6kqkMf605/+uq150QpeolqbVV2c0jZcIFA+etYix9iyvZdxHA8RTVy0Bgc=
|
||||
=jZST
|
||||
hQIMAy9TuQ4zAbDHAQ//Qb0DRkQVFdX1U6qkD5DrgRrARk1WCH8K5KaVNFWPleqT
|
||||
VrcEHO2x5exclSmhJ1YKlUsQezs/55FDgCoN+mykjfzLUDhhVvHbvd87p97t9dkh
|
||||
/taXAT4nsKleUMtSorVDyRGSaJQFKu7aDSi7iD2CYRbGCSqWbnAc/gr5FcHkFnzj
|
||||
U6pPcPWVZYJfAL57kBdEawMdCmp9ins1cfpCZoZS1SH2FcCMbSojkZSkbRBW0xwW
|
||||
SVLT1nGwEuQZk109XAsEpkc72rlLpvoQKgBWh33eqvJRCqrNImzyPeKwYJftAee6
|
||||
5JcCUVGPtvcmxHgU41a4vn6ff5CeeUhgMVcjInm0pQrUWWFFpi0VGlr5smxw7NtZ
|
||||
puba3n1gRD9v1uNY7Mru0ZLKqe1W/cjTNXGuvsk/Xy057Y/CEZj5+EHvBQJQ/tzF
|
||||
R7cBCBL689aZz0CTqk580icftPqYCKJ/CHPEcb8cjHQ8/Z18p+JDhKfFxMIRNXFV
|
||||
2xwcodPM4VhQ392ySBvNYOKrN+lvdTxOJLSbt+yio7cIslvVmIZoYhgn+a8SxAQk
|
||||
boG7F+sZ/RM43u4OmmJsI+rL42+px5LLByP+OXYW2pBFgT1VcEAthzP6T5G3aHdy
|
||||
ZIc3+TA1ioec97kARLtO3j1BasktT3Fx54wFMu6X45x2TOGLrPMWGSFcARG2RDfS
|
||||
XgFZcD7OM728Xo1aGOFX7KSGnw+MmFNmaNYFvUGWtJjxY/bQKwenFt+YSMysXFU1
|
||||
ZICJ72lkBTwLzzKfv9E6VGa9+8TJJlkeHZhmPHNdQTlQvtyo7zmkxBo1Z+y0ayY=
|
||||
=s253
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 3AC6F170F01133CE393BCD94BE948AFD7E7873BE
|
||||
- created_at: "2025-01-17T21:38:02Z"
|
||||
- created_at: "2026-02-27T16:44:37Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMA5qa+llcB15aAQ//Qxav8CPF8zNzSIYd1Nut5wVTYHy4cZBoXdPxFQ3O+okJ
|
||||
QNR1w/xbPtNuFRukPuHzBuFjS7bXe97WEIgFf7eyyifXy1xO/J/WYSXvzP9R/Lwk
|
||||
nYowM8UCffLCHMsiSL/lZIPkU1rXYQQBMUOENSkU2tMJhI6SWoAOObGv/MDyX0Cn
|
||||
AOlomUerPPIFJ5FoRMOe1fYs2vLn5soOsFlgeeJYzp93q+USPpYlB6nYVP22TsD6
|
||||
bnB7v1wR3zgP/iDDv9PfF9qXUyWJcsVZ3v/Ze8V4t8d3X9DKhl3IV5W1oIjbsaq8
|
||||
IKqpgX9qmO+p+zLeUCx11Mj1I5tfL70xYB6/F+pZUY6GOl9A64iuNMJ7mfTgNaeU
|
||||
LwUgblZpovhCi1ExuItAOKRrNwJEg5zEPGf9BmRJ89ZOztxlkqevVzpTi4TRYPn4
|
||||
FGXNLHGevcJjPBPwiWQADVavz/6Kw8kUzwiWQtdfYSJbPI0mb9KPJ0btVGp0hSL4
|
||||
4T/Fw70LHoluA6yjqPlZQESRuoCquYlJSZiZ20E3ktqIwzm48INu32JuqXF+msfP
|
||||
kV+saikKZZoKIxeUB4ZAg120nhgR3riZBRw1iBJYqYGzn8woCtPxeFKh483Rowqi
|
||||
yFOKCSy+DC8EPq5+MbBuksnKAynKxs69JnU+MCvqUkZjN/bheNN3ONXOV7aP1X/S
|
||||
XgEKD4RJS2qIMZvogw7po6ZokC9b6/hFfIuPA3twbu/Ll5sJLySQigNgUp/MnEMi
|
||||
j+yO03/SVtimS2lkR1CB1+YIiI4IDGyw6FHlU+IFx70OmR+uftboSA+l3tp18aQ=
|
||||
=kpwG
|
||||
hQIMA5qa+llcB15aAQ//WC6hKdcyWxHa6Y0dhjAadUb77DbzPRi7VYGCoZ33PibN
|
||||
crg/dgst0VQJOzf0VSpFwrqs7epj3OY1fz+ZegxB6GImkzwdgc5bifdaETR1i5E2
|
||||
FYRulz6BNh3iLvNiHK4T3oGNb0a85Lr41XUpjousEQSZkL/Hq1h2tWYB+IoqCn3r
|
||||
KZqtfJI5Vyv1Ls1WNrFtLzvGgtZAoXSpuxuGtgTuftLR/m5pTrkkmmNpqkfsTYrT
|
||||
QeWwsAnp9Dg0caliRH2kz92tyH0NOq7Y0K7tMLb15ns+29GR17KPpGDz0I5sSJZn
|
||||
PEcjoSuEzr3XLcR+g/QaqNoOffyJ1tTOquozgHOs4Ks52ilE9aSY+oNvWD3qk4zc
|
||||
v29J1drH+07igVFfr7wrmDKDkCTfotIawejq99WR5/roSaBupCtkXZh/WfG1XLdq
|
||||
M9SxID2vt0FRPka58zFJMRpgFZe1TihHYCNBt0nPh/U3TzrT0X5fG+23S9kITYt/
|
||||
lXowiNusXVJ4ppQ2c2rtq2JezJ5wp6xhp41bYNCvbRK6R50WwYxG/LdyqzfjDzLO
|
||||
+buTtYA7X8d1hDlW4FekDIzZpoXztfwZ2qisHfkCbhWkRBp0mOL1iVOy3JRwPSqO
|
||||
Zg+yKkX8ajVHFNE+TnyjufF1eXizJqPLWcvMT5TE2Jq02ywXhqDcYmvgnGi3olTS
|
||||
XgEmLcqoM3AFnJYM2wWUw2y+PwjC2hobC8rZbpgzpk92kdW8Oh8fhwnlUAcY51Zt
|
||||
/UTHzAbN5JzqUhaC5ABTXMnUJd1kkG8SND0lVOecFQSyF4b5QEBSm93zXH31sgA=
|
||||
=IgdZ
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 0C143D8AFF5FBCD2293897658E66EDB0546158DF
|
||||
- created_at: "2025-01-17T21:38:02Z"
|
||||
- created_at: "2026-02-27T16:44:37Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMA7kGE6KvUCZzAQ//WWbM1yyL0ldJMvpHtMEnsuUMOjbT63pxoThuep1UclRD
|
||||
7M8B0Hvi6GU4HzayXfkpW1fUalpJSwsP9Aeewq0pz16nnoHGukQjO3CHXQ2gtvip
|
||||
JwinImuSfAnQCGGUvaly1JRny9ytZJE7o6DCMmQFQDCjgrgA2ZaUjAKcMnGuPSZs
|
||||
IwnThW4NMjooZhhCBvnWLq9A5cGuhhMVQ4tzlQEUxZZJV1ySiAGu9QkhdMeyHUQS
|
||||
88LYdKpujVlmXYAtkqbwZ1YXcC/DQZnLnt3bVf6i/SzWuvbezAM8BTXn9PJTK58i
|
||||
nw720g7XdEDmH/1Uy6vxQEqsh/lJQFFpuNhnELRQrf0Co9CDUFODQHNz3ZhD1Oad
|
||||
irakoPR1iEdaDPlVlB079GEteoxKdewJZFPEjRgB2U8+dhOED/ZDbU+0ECRtXQ7F
|
||||
Ctd5nq7AQTOWMj9BXvm3wTE35nhpL9ov/NX1My20o9JULoixsYpYSGP1QZhOK2Dc
|
||||
O1wRgsU/R9p6bEDW/eGJ8FlavPkoy7lLaZC/GFtFUa72Da5jAvDIB1sAn5ArhOrx
|
||||
lj1m4g+HhMitrMV7TSJ97kqM8o5REdEbs+BhwIdcYdmScf9qotYthBkJLz+SIyGj
|
||||
FDd8KLcMxoFVM/GQSzoAdqfeoycQpbF6Tmv4NrKzj1ID8EzCZCIaufcT85L2ohrS
|
||||
WAGwruMsuu6FNgdvrZXyOu20cba1055Vb96Q9ESrjNdDE542b+MeNcdc9Xk8N0HE
|
||||
oxmj0k50D2Fm77HvwKOwwGdRQcbFFynbB6mJ7LYOkjgYJN4Z/9zgtEQ=
|
||||
=p5J/
|
||||
hQIMA7kGE6KvUCZzAQ//VtWatqX53BTQxImBo3HRWNhTVx9zW1DNi0GvUYIDUoyb
|
||||
4x5XG5eGbP6x7z2hdvV1Gd8rzBcAL81O8k917Ax1u2+YGVfwTo83OPFrjoLU8qud
|
||||
XyMu7vW2qjBlgWmDjNyWYUjFiJx32m16sFeS5cf0w3ozGUgn8frVkYiAWDRWvpHE
|
||||
SpUuJqxLLPwgwIIT1d8QncHWe7uPLzxiusI0eAeFqkd4BiI5R4qDSldj/PNQYHYi
|
||||
yzoMmkhAZaIYjYsDkUGJAFXjLx9WKnD14s5PeqX/VNYLFRjgAyht5HdKVq24lL64
|
||||
DAwlZoraObiSocr3La2NOAwQHpRCggH3eMWyRPCghnTWO3Axlin85OFxhLzurWQj
|
||||
8DPFP3Mynv45Fz5SzIb7aHm0pFbjrCiRnEGyVtDbTzdvB7IzffBUxHqKng5Hi9y5
|
||||
7tJjLEM9nS4bXbD1dlU51voARKRM2uLph3ALvZhwpe1XLYqBW4VEzJsPhcaDf54I
|
||||
3kfCrnewTf7yaH/isv/njut2XaSYw9nCxkjAyNR3A2J7Vge5BNequP0dVJZWPIKU
|
||||
/jBVh6K1Hxk/KM9lXbdz2sdy37YDm2KDk9k74Fzpt+NaE8FNZW0/XETgGAwksiK1
|
||||
yxu8x+79qmUX0RhmYwFeri47/uydAPUWF4XqQmw4g2G0FwHSCEqOECHkSKTa8ODS
|
||||
WAGTLhr//YXMNi+JvBDFcKSW/N1uOETNxnL+rEmJ2AHJkAF8EHUugouhPprFYYDd
|
||||
0fFWHMhSkW4TCq2YoHBc8LN9Kpf9As019euYrROgNgQ0kx80qzsPs28=
|
||||
=g3EJ
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 0f0c4c2f9877cb8a53efadacb90613a2af502673
|
||||
- created_at: "2026-02-27T16:44:37Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAymX2D7hlI1UARAAslfFnR3hd4wjyEdkqNG33yccH/Sj1LLmkHOumOF9zXDt
|
||||
q3BI7LwFhTjjAWV59UO8neV/449P/5B9XR9gEd7USCM80rnSv5T0wcKPUfclq3DI
|
||||
EN348d95fWvOOBos7UnPlCABMCvc4+8oWYlLIVUWFxH+pakSG3zr2EpyvqBzbZqx
|
||||
n+FilMsxf5Gd5bvqwQAhDjPy/Pjr61y2ksDZpkvbetcve/QRRGL0smjl2dS1k1Rf
|
||||
N79LgPFxtkfo4CURjUk6hkMfb5ZoeHQFfos1B48pmxKaBmeX2f4Wt4UktzA/o8MY
|
||||
PubLeFJQdyYF3WKGYssvgFI/3IdiotQ4R5EKJu71ww0eSMZ/jt2a9cstdSFz7OWp
|
||||
AoIlRM9MnfyafWlztzIByyJwedLSGyd/o8ZrRX7xYFYWgobabC1bagECL3/tU9WE
|
||||
vzWIG9c7jKDEm7M0ijESuYCsSdKhCaQbn7pu4kzPcoFIlrwLx4ONO0o+OBTyDxxL
|
||||
P/UWOb9yM0YaGuhgQwJq64e6QBd3af1FmhR6Jwfz2fYq9QE+OFYPFx7DVz4QPRKI
|
||||
Wi6sG01Q8gMGU12DfFdBoTSBAGREI4RCw4qs9lRMPEuTb8S6vZXc2rlg3BStnJWA
|
||||
FYijdFlxqPpMJ2I368r6MfFgxCnBzxwVRp0ON5QtOX/NanHJKUCgHj+EybFDBNHS
|
||||
WAGOEBJ1ZPAyAc55PVEb+QlhO9+J/zFGD+bZTQB3SZwHZUgx1DdwT8o3lOjLDeng
|
||||
eGP4rPdhA/ZwC6SB4n2HzdYBMc6aRcMpm6++p1PrMHYaK4S65sQenOI=
|
||||
=mBZV
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 515a19ef3f9b98442331d89b2997d83ee1948d54
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.11.0
|
||||
|
|
|
|||
|
|
@ -8,6 +8,14 @@ terraform {
|
|||
username = "phfroidmont"
|
||||
}
|
||||
required_providers {
|
||||
hcloud = {
|
||||
source = "hetznercloud/hcloud"
|
||||
version = "~> 1.49"
|
||||
}
|
||||
null = {
|
||||
source = "hashicorp/null"
|
||||
version = "~> 3.2"
|
||||
}
|
||||
hetznerdns = {
|
||||
source = "timohirt/hetznerdns"
|
||||
version = ">= 2.2.0"
|
||||
|
|
@ -28,4 +36,3 @@ data "sops_file" "secrets" {
|
|||
provider "hetznerdns" {
|
||||
apitoken = data.sops_file.secrets.data["hcloud.dns_token"]
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -68,6 +68,14 @@ resource "hetznerdns_record" "hel1_a" {
|
|||
ttl = 600
|
||||
}
|
||||
|
||||
resource "hetznerdns_record" "ws_a" {
|
||||
zone_id = data.hetznerdns_zone.banditlair_zone.id
|
||||
name = "ws"
|
||||
value = hcloud_server.relay1.ipv4_address
|
||||
type = "A"
|
||||
ttl = 600
|
||||
}
|
||||
|
||||
resource "hetznerdns_record" "grafana_a" {
|
||||
zone_id = data.hetznerdns_zone.banditlair_zone.id
|
||||
name = "grafana"
|
||||
|
|
@ -382,6 +390,14 @@ resource "hetznerdns_record" "froidmont_a" {
|
|||
ttl = 600
|
||||
}
|
||||
|
||||
resource "hetznerdns_record" "rl_a" {
|
||||
zone_id = data.hetznerdns_zone.banditlair_zone.id
|
||||
name = "rl"
|
||||
value = hcloud_server.relay1.ipv4_address
|
||||
type = "A"
|
||||
ttl = 600
|
||||
}
|
||||
|
||||
resource "hetznerdns_record" "website_marie_a" {
|
||||
zone_id = data.hetznerdns_zone.froidmont_zone.id
|
||||
name = "osteopathie"
|
||||
|
|
|
|||
44
terraform/hcloud.tf
Normal file
44
terraform/hcloud.tf
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
provider "hcloud" {}
|
||||
|
||||
resource "hcloud_ssh_key" "phfroidmont_stellaris" {
|
||||
name = "phfroidmont-stellaris"
|
||||
public_key = file("${path.module}/../ssh_keys/phfroidmont-stellaris.pub")
|
||||
}
|
||||
|
||||
resource "hcloud_ssh_key" "froidmpa_desktop" {
|
||||
name = "froidmpa-desktop"
|
||||
public_key = file("${path.module}/../ssh_keys/froidmpa-desktop.pub")
|
||||
}
|
||||
|
||||
resource "hcloud_ssh_key" "elios_desktop" {
|
||||
name = "elios-desktop"
|
||||
public_key = file("${path.module}/../ssh_keys/elios-desktop.pub")
|
||||
}
|
||||
|
||||
resource "hcloud_server" "relay1" {
|
||||
name = "relay1"
|
||||
server_type = "cx23"
|
||||
image = "ubuntu-24.04"
|
||||
location = "nbg1"
|
||||
|
||||
public_net {
|
||||
ipv4_enabled = true
|
||||
ipv6_enabled = false
|
||||
}
|
||||
|
||||
ssh_keys = [
|
||||
hcloud_ssh_key.phfroidmont_stellaris.id,
|
||||
hcloud_ssh_key.froidmpa_desktop.id,
|
||||
hcloud_ssh_key.elios_desktop.id,
|
||||
]
|
||||
}
|
||||
|
||||
module "nixos_anywhere_install" {
|
||||
source = "github.com/nix-community/nixos-anywhere//terraform/install"
|
||||
|
||||
target_host = hcloud_server.relay1.ipv4_address
|
||||
instance_id = hcloud_server.relay1.id
|
||||
flake = "${path.module}/..#relay1"
|
||||
|
||||
depends_on = [hcloud_server.relay1]
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue