From 457ab6199dbcb51948bb73eadb52df8f47088387 Mon Sep 17 00:00:00 2001 From: sstent Date: Sun, 26 Feb 2023 14:49:22 +0000 Subject: [PATCH] sync --- .sops.yaml | 6 +- .../sstent/configs => dotfiles}/mrconfig | 0 .../sstent/configs => dotfiles}/nicotine | 0 home-manager/{ => global}/beets.nix | 17 ++++- home-manager/global/default.nix | 32 +++++++++ home-manager/users/sstent/default.nix | 29 ++++---- .../sstent/{packages => }/python-packages.nix | 0 home-manager/users/sstent/secrets.yaml | 66 ------------------- hosts/common/default.nix | 27 +++++++- hosts/common/sops.nix | 3 +- modules/home-manager/ssh-proxy.nix | 4 +- .../secrets.yaml => secrets/host-secrets.yaml | 5 +- secrets/user-secrets.yaml | 40 +++++++++++ 13 files changed, 139 insertions(+), 90 deletions(-) rename home-manager/{users/sstent/configs => dotfiles}/mrconfig (100%) rename home-manager/{users/sstent/configs => dotfiles}/nicotine (100%) rename home-manager/{ => global}/beets.nix (94%) rename home-manager/users/sstent/{packages => }/python-packages.nix (100%) delete mode 100644 home-manager/users/sstent/secrets.yaml rename hosts/wsl2/secrets.yaml => secrets/host-secrets.yaml (89%) create mode 100644 secrets/user-secrets.yaml diff --git a/.sops.yaml b/.sops.yaml index ca273b4..9d4b9ae 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -5,11 +5,15 @@ keys: - &GO3_WSL_NIXOS age187fdx6pc2559tjh03jrcwp6yj8whd70h666g8a0ptyr0z49tfcsssdx6au - &STU_ID age1r86w07gy3nm2ltkqx7wcv94wzneeqmqvcm88nzw4g902kdgwgvdqvjumrj creation_rules: - - path_regex: secrets.yaml$ + - path_regex: host-secrets.yaml$ key_groups: - age: - *adminkey - *STUPC_WSL_UBUNTU_2204 - *STUPC_WSL_NIXOS - *GO3_WSL_NIXOS + - path_regex: user-secrets.yaml$ + key_groups: + - age: + - *adminkey - *STU_ID \ No newline at end of file diff --git a/home-manager/users/sstent/configs/mrconfig b/home-manager/dotfiles/mrconfig similarity index 100% rename from home-manager/users/sstent/configs/mrconfig rename to home-manager/dotfiles/mrconfig diff --git a/home-manager/users/sstent/configs/nicotine b/home-manager/dotfiles/nicotine similarity index 100% rename from home-manager/users/sstent/configs/nicotine rename to home-manager/dotfiles/nicotine diff --git a/home-manager/beets.nix b/home-manager/global/beets.nix similarity index 94% rename from home-manager/beets.nix rename to home-manager/global/beets.nix index 12ce734..ea37c96 100644 --- a/home-manager/beets.nix +++ b/home-manager/global/beets.nix @@ -1,7 +1,19 @@ { config, pkgs, lib, ... }: +with lib; -{ - xdg.configFile."beets/config.old".source = config.lib.file.mkOutOfStoreSymlink config.sops.secrets.test.path; +let cfg = config.custom.beets; +in { + options.custom.beets = { + enable = mkOption { + type = types.bool; + default = false; + description = "Enable Beets"; + }; + }; + + config = mkIf cfg.enable { + + # xdg.configFile."beets/config.old".source = config.lib.file.mkOutOfStoreSymlink /run/user/1000/secrets/test; programs.beets = { enable = true; @@ -149,5 +161,6 @@ }; }; +}; } diff --git a/home-manager/global/default.nix b/home-manager/global/default.nix index 9b9b40f..faf62e9 100644 --- a/home-manager/global/default.nix +++ b/home-manager/global/default.nix @@ -1,8 +1,36 @@ { inputs, lib, pkgs, config, outputs, ... }: { + imports = [ + ./beets.nix ] ++ (builtins.attrValues outputs.homeManagerModules); +###dotfiles path variable + options._dotfiles = lib.mkOption { + type = lib.types.str; + default = "${inputs.self}/home-manager/dotfiles"; + description = "Path to the dotfiles in this repository"; + }; + +###secrets path variable + options._secrets = lib.mkOption { + type = lib.types.str; + default = "/run/user/1000/secrets/"; + description = "Path to the Secrets runtime"; + }; + + +###secretstore path variable + options._secretstore = lib.mkOption { + type = lib.types.str; + default = "${inputs.self}/secrets/"; + description = "Path to the Secrets storage"; + }; + +config = { + + + nixpkgs = { overlays = builtins.attrValues outputs.overlays; config = { @@ -19,8 +47,12 @@ }; }; + + + programs = { home-manager.enable = true; git.enable = true; }; +}; } \ No newline at end of file diff --git a/home-manager/users/sstent/default.nix b/home-manager/users/sstent/default.nix index 1b5558d..cbee9cf 100644 --- a/home-manager/users/sstent/default.nix +++ b/home-manager/users/sstent/default.nix @@ -4,8 +4,6 @@ { inputs, outputs, lib, config, pkgs, ... }: { imports = [ ../../global - ../../beets.nix - ]; home.username = "sstent"; home.homeDirectory = "/home/sstent"; @@ -14,17 +12,18 @@ sops = { age.sshKeyPaths = [ "/home/sstent/.ssh/id_ed25519" ]; defaultSopsFile = ./secrets.yaml; - secrets.test = { - # sopsFile = ./secrets.yml.enc; # optionally define per-secret files + # secrets.test = { + # # sopsFile = ./secrets.yml.enc; # optionally define per-secret files - # %r gets replaced with a runtime directory, use %% to specify a '%' - # sign. Runtime dir is $XDG_RUNTIME_DIR on linux and $(getconf - # DARWIN_USER_TEMP_DIR) on darwin. - # path = "${config.xdg.configHome}/.ssh/test"; - }; + # # %r gets replaced with a runtime directory, use %% to specify a '%' + # # sign. Runtime dir is $XDG_RUNTIME_DIR on linux and $(getconf + # # DARWIN_USER_TEMP_DIR) on darwin. + # # path = "%r/test.txt"; + # }; }; - # xdg.configFile."beets/config.old".source = config.sops.secrets.test.path; + # home.file."/home/sstent/.config/beets/test".source = config.lib.file.mkOutOfStoreSymlink /run/user/1000/secrets/test; + # Let Home Manager install and manage itself. @@ -34,7 +33,7 @@ # azure-cli ansible # sshpass - (import ./packages/python-packages.nix { pkgs = pkgs; }) + (import ./python-packages.nix { pkgs = pkgs; }) pyinfra sshpass nmap @@ -55,11 +54,15 @@ # deploy-rs ]; - services.ssh-proxy.enable = true; + custom = { +ssh-proxy.enable = true; +beets.enable = true; + + }; services.keybase.enable = true; services.kbfs.enable = true; -home.file.".mrconfig".source = configs/mrconfig; +home.file.".mrconfig".source = "${config._dotfiles}/mrconfig"; # xdg.configFile."beets/config.yaml".source = ./beets_config.yaml; programs = { dircolors.enable = true; diff --git a/home-manager/users/sstent/packages/python-packages.nix b/home-manager/users/sstent/python-packages.nix similarity index 100% rename from home-manager/users/sstent/packages/python-packages.nix rename to home-manager/users/sstent/python-packages.nix diff --git a/home-manager/users/sstent/secrets.yaml b/home-manager/users/sstent/secrets.yaml deleted file mode 100644 index 0eeeb48..0000000 --- a/home-manager/users/sstent/secrets.yaml +++ /dev/null @@ -1,66 +0,0 @@ -test: ENC[AES256_GCM,data:MXrxw3LMjCGBi0FL2+dkD0X9Zy5rg+YwUJ5awXtHyU2THPT9FCq91GXE46w3Kw==,iv:TPdKm1OA3wkDpAsluNLkV4+UxcWJccrM4RxEwgZYdeY=,tag:6ZGgi7yj08ahYVDEDSTRdg==,type:str] -example_key: ENC[AES256_GCM,data:fdvxCEw8a7dIN7DEBQ==,iv:y48ctWttnKAmk17hv8LYghj/ls3Z6Pmf9uYM2Fa4k7U=,tag:GWQk49rU3w4KN+vXfsolTw==,type:str] -#ENC[AES256_GCM,data:lZfFV3V634IPjn1Hl4XbbQ==,iv:jsU7QrW4hpYDimllcHUsJI8as8eqvUUf9It5YB2qyR0=,tag:lGgki5ETk88DcWDoYCGLlw==,type:comment] -example_array: - - ENC[AES256_GCM,data:Uygqu3jmGb24gUd62fM=,iv:rxu8qWHlniR5QPwMISGTrX3f2fJvnpW0ot6JVdLmwbc=,tag:IFLRHU2nbceQMHL8BH+SGA==,type:str] - - ENC[AES256_GCM,data:QrYVdSUufPqh1Z4PdK4=,iv:Aa4g8erpPmYI480nPFHAZqm0To+kReHlYXX3ksBmtFg=,tag:BakZ4i0cfvCgee7uE/CijQ==,type:str] -example_number: ENC[AES256_GCM,data:dgBeAvtODesgKQ==,iv:r42I6isKq+1sAMUy9aHlSyEaCd6YgRNjxjUOv2PWgCg=,tag:tu9MvwnlI2PYHZAXoP1qBQ==,type:float] -example_booleans: - - ENC[AES256_GCM,data:A+CplA==,iv:+IurcetC1JzfbhTDdVZX4x3cqSQ+Pf14h4yyJNnb/+E=,tag:UKPcp6Ox52AcXheSGbfvKw==,type:bool] - - ENC[AES256_GCM,data:1VT8RWc=,iv:QWfC9a2W4XR6fQVWTmyv+blEgVswXQY4vRPLyL+ZCUg=,tag:sfF2WoBuDx2NhTPY/8wTIQ==,type:bool] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1jvqe2j70h97844nkz34z9k4epx3uahx50cx75ss8mty2dnxlrf7qqv9a0g - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3Rm41Q3UyUllMU3dMbk0y - Mi9Ndk1jRkNkNjVkUDdvYlVjTUh6R2dOTUFNClNHbzZZY05NVlhWZUNGK28wRG9T - dk5kUS90TXJmY0ROQk03VWhVTVpxQ28KLS0tIHV4NVpadW41eU1yRkF1eXVscHlp - czVmRmFtVUd6VDFHQkZJL3NTZUZFWFkKEuFAX+Ggwy8rpJBVeV1mLUXGw1gG9xor - a0qkRQ3VNiGtbmGD+Pra6tFKxEfs0q04qOa7sBuyNqwkmK2VJmlf2g== - -----END AGE ENCRYPTED FILE----- - - recipient: age1jvf8rd8krchw3ph0w2let8clvyuzcdhq2ug6sm7tx86refc2z5vq4w6lxr - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3VGwwR1BBTlBPZkloS09N - dUFnc0Jaa08wS1N5V3JQd3pMSDk2cUp2WkVZCjIxcDIvRjNjVXJUY2l6dTl3amNL - UVFlVUtmcUtTN0hHakNxT04xeXZHMU0KLS0tIG9tQ0JhdThJRnFVZGVWbVJoUGR3 - ZHRZeGVET09hV3NiWjFJamxOdklCSE0K2ceTz1Y7QS6eqbEpI9Z7nF5wsv/33+fX - eUYpAhdJVEe7ClSADJyQ/sZUwOdd2w2+YcpDBlRUD/z562BcxZtNww== - -----END AGE ENCRYPTED FILE----- - - recipient: age1e0g0rrfdmp5f8f4xgkyp8zgxw2v5t3ldlm2t822xekdz0z6qj49q6aesuw - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYcENQM3RkSU5WVGtVeldW - VG42aFphRjJjRXZKN0tXZ3RHV1lrY3JMNWljCm9pUlZ0U2pGNUh1RVA4NktBVFhX - TFJsWUhHZ0dXTzNibFgyYnRWaEx1b2sKLS0tIG80QlRoOFliWFcxYWtrZnVkZU15 - bHhPYkJQVzkxbmJ0dDVoaUVXK1I0akEKG5IaeRGUaxe9SUPl6JMVRrIu5zj4Uztx - c1rajIUsqdElRFZQaGIimXRYv63MJQrQnmDl6Q1VmoozDZTLbHW87g== - -----END AGE ENCRYPTED FILE----- - - recipient: age187fdx6pc2559tjh03jrcwp6yj8whd70h666g8a0ptyr0z49tfcsssdx6au - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSSHRKa2gzc0I4bENiakZR - RVVjVHc5bTI2UXBuZHNneXE3TkdMWHNWZEFBCjVPQm91V0Mzd2RTV3RSMnlkVXE0 - WFA1VzNEdkJUUi9SMldxaVNyQ0tIVHMKLS0tIGZwbHRIdW43WkZ1VGZXTkhjMVJH - YXhVRlpXVC8zVHFVMUprdm1maFZXSDgK8wsMa8MX2cXcmLMLqsm1jg5VWQ9cMJgp - 24uz6/KiXj2bKaKWilG1A+2bwEzaYr2/Nr/Oy5FOsNOQ4f070dDuyw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1r86w07gy3nm2ltkqx7wcv94wzneeqmqvcm88nzw4g902kdgwgvdqvjumrj - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqRnlTbjRxTUxDSjQ5T0Rk - K0JDeFNMaGJSL3V0RjdlZitKazFpTDFaUEg0Ckp5bVg3allyQmlJb3dReW42VXZ0 - QzdDcFRRbW8yU21RQ3hYZGc3Mlk5M3MKLS0tIDNPR0o1ZXFEdkpTVjJ4cjZ4VWhl - YmJrOWxXZEtnZkVoRVh6WUlWcStrS1kK7pr+7ymzpr8hiKULpeojmzpadSCufiFQ - It7c2aVHslB8406U3oJ6k6wgMxIkcqIAaVfPklNir9rGAphSlCkVrg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-02-25T14:11:19Z" - mac: ENC[AES256_GCM,data:ZQ6xfGZCkp/C+QVDQt9q6L6UNBxcVPhOhnUUVFmmMvH9qrt3vekhg3AIg5FmcNhOKEbZ9r+N0F+24EBZT4a0txnHUJQAHK1XC7iuKB44UpR1obrOKON8XN+Zl/tXvQkTjzo52MwiV/S8tOtmjiG+NTOUESbtQSBFIYSx2uAMQGk=,iv:5U3BIuom17XmbbsZ+mehzkRz88YM9KBctPm3WonePfY=,tag:22YMbAO22M5m8bimjsQOng==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/hosts/common/default.nix b/hosts/common/default.nix index 4f29498..3d9c3b1 100644 --- a/hosts/common/default.nix +++ b/hosts/common/default.nix @@ -6,6 +6,29 @@ ./sops.nix ] ++ (builtins.attrValues outputs.nixosModules); +###dotfiles path variable + options._dotfiles = lib.mkOption { + type = lib.types.str; + default = "${inputs.self}/home-manager/dotfiles"; + description = "Path to the dotfiles in this repository"; + }; + +###secrets path variable + options._secrets = lib.mkOption { + type = lib.types.str; + default = "/run/user/1000/secrets/"; + description = "Path to the Secrets runtime"; + }; + + +###secretstore path variable + options._secretstore = lib.mkOption { + type = lib.types.str; + default = "${inputs.self}/secrets/"; + description = "Path to the Secrets storage"; + }; + +config = { system.stateVersion = "22.11"; home-manager = { @@ -14,8 +37,6 @@ sharedModules = [ inputs.sops-nix.homeManagerModules.sops ]; - - }; nixpkgs = { @@ -34,5 +55,5 @@ nix.extraOptions = '' experimental-features = nix-command flakes ''; - +}; } \ No newline at end of file diff --git a/hosts/common/sops.nix b/hosts/common/sops.nix index 73003b5..54b3ba7 100644 --- a/hosts/common/sops.nix +++ b/hosts/common/sops.nix @@ -5,7 +5,8 @@ ]; sops = { - defaultSopsFile = ./secrets.yaml; + # defaultSopsFile = ./secrets.yaml; + defaultSopsFile = "${config._secretsstore}/host-secrets.yaml" age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; # secrets.discogs_json = { # mode = "0440"; diff --git a/modules/home-manager/ssh-proxy.nix b/modules/home-manager/ssh-proxy.nix index 0b29df9..0ab9ce0 100644 --- a/modules/home-manager/ssh-proxy.nix +++ b/modules/home-manager/ssh-proxy.nix @@ -1,9 +1,9 @@ { lib, pkgs, config, ... }: with lib; -let cfg = config.services.ssh-proxy; +let cfg = config.custom.ssh-proxy; in { - options.services.ssh-proxy = { + options.custom.ssh-proxy = { enable = mkOption { type = types.bool; default = false; diff --git a/hosts/wsl2/secrets.yaml b/secrets/host-secrets.yaml similarity index 89% rename from hosts/wsl2/secrets.yaml rename to secrets/host-secrets.yaml index 8cd8b1f..0ab779f 100644 --- a/hosts/wsl2/secrets.yaml +++ b/secrets/host-secrets.yaml @@ -1,4 +1,5 @@ discogs_json: ENC[AES256_GCM,data:5Wkw2kOqbb8MF9oZ8rgEzW8+TpxSFz/ivhu+8hBdgaxIuOiPyqoxSh7beqyalDxs4lCOACaQurDrkOClWuLCK1DAOFNvfz8NmDzsYMl4N6CZ1j9DJHGEB6L7O2Bn2USAzOHOwM+e6s6bJqE=,iv:iv3g3DBXTTFU/dHC4xigSTyQ5BKoYq3NJHt7rKEUHQA=,tag:c7nCoXs/ZmSJVGekmOfT6g==,type:str] +sstent_password: ENC[AES256_GCM,data:5reJ4dU/iXxe,iv:kpu2fIWE51uaVcStZCzMiIc/FbUjEqwslUikhaROOtI=,tag:Muq+hz0OU0MAd49Ty1vy9g==,type:str] hello: ENC[AES256_GCM,data:Ud5OrxfxTTd+hODqAVPNQ+uBm1TfoZBOX4Kuf9sYesdXvVAXfRs7nfl/oc1CxA==,iv:7OkyOuVdF/EP935qEKoCajBOjj2vXcZIta0w+cA/oRo=,tag:E5gdJgq4mID80VEWUFzy0g==,type:str] example_key: ENC[AES256_GCM,data:/RfLk6gTT0kIMCBSoQ==,iv:j3Vfq0YUSpUX69enVUM/YIw8nf2VFmywZTrqsUCz9V8=,tag:zxWFJcASmACnNi4UzSgADg==,type:str] #ENC[AES256_GCM,data:840IJuzeLeueawtP2Fsu7w==,iv:eyGxQuV7VjOu/28Rhgjo4brcgCad4QVCEVwebrLvUaY=,tag:B7AKsAOAZ3+Z5PYGIoRIyg==,type:comment] @@ -51,8 +52,8 @@ sops: ekIrNmxVTndjRzFYbmNzcnpiMytNRVkKcUCt552xTRH7GP+X8zcv+WcKFcHJe/1G WRQWzG3jNnjmLIGM4NwCFgUYnjHsxo8P+2KcWFZan4mnLRIq/aSwfw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-02-24T21:02:17Z" - mac: ENC[AES256_GCM,data:t0tLVazTGvBSj2e754Pdi9xZZnvJvI6+00sJmRsUFD84ujempwNAbPDSRdOqBLOuO2vSqN3DMmRmzQp4lzboXUd1SdD5mADIql4p7BQ70Pdt34Qteg2C3YaeeWPRn5UvKHHtUDMffiPB8B6ULm9fVRaWCj54nS0BUCvfFX7CXio=,iv:BJ9wVtuHdOmuVJkr0TzDGOctdiPos50TU3EqZDfyA/I=,tag:5W0u4zWmRh3HmF466X47Lg==,type:str] + lastmodified: "2023-02-26T14:49:13Z" + mac: ENC[AES256_GCM,data:x9xkXbzBeCWdl4M9qtxV3d1AhlkMcAfWXlSDex20jW0JII22x9Oxe6UqkpvybWdhjn/PtlwVuDgh/p4qPPEybcNz8UCAiez1GNrtrN0Q6/+2BArk0JHvEwowWk1oEiq5CKY0QFaK5ZodZ/qKZ/+3VE6V6dsw+sJRII1FqjBYfMQ=,iv:D57m3TCcBnd3jI/RCq6Jh+bX4Djt35ffar0Vh0pUpa8=,tag:9Wmv2lb+w4XvwiW1OoeI7Q==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/secrets/user-secrets.yaml b/secrets/user-secrets.yaml new file mode 100644 index 0000000..a5959c0 --- /dev/null +++ b/secrets/user-secrets.yaml @@ -0,0 +1,40 @@ +discogs_json: ENC[AES256_GCM,data:kfEuBbM1vrcNHXnM8jOFk1bChTlYCX1Cv3n/VH0y7twv07yCo46bc+eXDOW4i4TEX5OR+lWj2XGMNM7W3DCsklfDNRGXbvr+14eG2pKIMA7DRQd0Vc3sCT8fC49J07/fh80iU3t6MCgrBaQ=,iv:CByN4avO0cJxUhXe1UP92/Gq/EhTq9J+p4JwxqVsFrM=,tag:rBLZIeYLQiLsNMF7XvWcCQ==,type:str] +hello: ENC[AES256_GCM,data:6U3OsmteD67NYqvHnrnM8XzT2mROLMya038qCiB40H+NRlFuhgYQZdxdywc1wUQh9w==,iv:Nw2Hz7wpYxalxsP0oazzKmI1coEUrYwcg7KgilDsH5w=,tag:4nh9yOpRpHI6nKm2MZzT4A==,type:str] +example_key: ENC[AES256_GCM,data:UgxbdIQ445t3jFR9Zg==,iv:cLIsoVdUEvN/pAvRNUHkGtysPK4OASKXm2RC94VSAVU=,tag:asrAHUWn9Uu/5bRkAyi79w==,type:str] +#ENC[AES256_GCM,data:Adg2NNOaxEzRTs9hUhW7hw==,iv:YMxfMgJ/x2cHnVYakqhIbuP20BozK3x6z/9ISBUj0Io=,tag:8uSNyItwk2O+yNIrLof55g==,type:comment] +example_array: + - ENC[AES256_GCM,data:8NboB8/Q5A2m/42XTX4=,iv:Tn34hwQnF+nJq0eClir/50N+OUmKotie8Seuluk9qIQ=,tag:pGG43+yAz+y0d7+XjXojRg==,type:str] + - ENC[AES256_GCM,data:fgPEQefhiShejX0iTHk=,iv:GQMs5p5BdUbgvj1ktgOVOMUL/gcdxGPMGeOOnrvcUnk=,tag:I/YlTUX1OzvPg+uL4/BSew==,type:str] +example_number: ENC[AES256_GCM,data:k9pSbFmfGJxggQ==,iv:1Xtgw5fopMCdVrFn8H9ZGUkK8mJKIt/90q4FaxIPGL0=,tag:RaInuJ3Jem2n/feHDjwUWQ==,type:float] +example_booleans: + - ENC[AES256_GCM,data:lKyY1g==,iv:VKRog0Yj/vF3M40TyJADQq0LDBFznBVSxjl3/SIJio4=,tag:XZZH89494Ws7+K6Tmf/QlQ==,type:bool] + - ENC[AES256_GCM,data:Fm0yMm8=,iv:FjxPBhJLMfjpVd8cNeTR5mAU7Fx9TIqUV6w/2IBfu3w=,tag:2S5AHvtApEByXjZKKUZSoA==,type:bool] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1jvqe2j70h97844nkz34z9k4epx3uahx50cx75ss8mty2dnxlrf7qqv9a0g + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4UjNiUjlqak1vVDk2djY5 + R1dyVWIxejN0UUVJK09janRLQXRrTGdQWHdBCmFxZm9xSHJCVHlFNFJNY2JGMlVC + YVgreFpGWWVtYmtvcXVGVS83NzF4aFkKLS0tIG03Vk9kV3hHSzcrZnRmOWlPMU11 + TGFRcGpNbEI2aDV6Zmtua2pPMUxuNTAK8Y7ne/PUPcqsShppsycuimjctu/N4oFp + kFfMx2AVMln/1hk3Co3gKmFKJMKH3BKFuHN8ilhmhznqeHDngmwj9g== + -----END AGE ENCRYPTED FILE----- + - recipient: age1r86w07gy3nm2ltkqx7wcv94wzneeqmqvcm88nzw4g902kdgwgvdqvjumrj + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0SmJXdlNPRVlVVFpMb2d0 + S1IvZE84UHFlZ25WaHBiM3ZCSkM5MTNNdmw0CkVnbnErSkVPc1B5eHUrNE93VWJN + VkpmQ0NuTE44akIwMHpVQUpoSlVZM0kKLS0tIDhGZ0lLUU92bTF0Q0ZIRjR5TTJN + UXBZSFhvS0ovS1ZvbHJKWXlNRlp0RXMKmggbbiJCLGVqpkTr+f+hB6rxWN+Q/aFm + sC/nzdX/ORUPOVn7IOrDX/To3Ub8A7leFFcHPcO5jV/Tgc3WzFLFGg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-02-26T14:44:35Z" + mac: ENC[AES256_GCM,data:Huy+Bh1dayYXerRVdlgeiyvxWnh0rb/XzUn5MUWfPznV8dnlFMRmOEALpHWvXvcjLqU9kMrNeDuVrAd2pt9PYV0F1C3bxx1Y6u46NZuOgqypZX6dbs1H5HaRETNyBA4f040v8+o5t4wxQ34IhrgJehj6cX0FvrQBRdfaTZtCx+k=,iv:oKG0FdOQj/gf4ntKcLu4cS9qMX5AjhW37N1Ay08H/Dc=,tag:2m5E0+wTNsSqOLhh7wf34g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3