diff --git a/config/basic/boot.nix b/config/basic/boot.nix index 48b5fca..6de7eba 100644 --- a/config/basic/boot.nix +++ b/config/basic/boot.nix @@ -2,13 +2,14 @@ config, lib, pkgs, + globals, ... }: { boot = lib.mkIf (!config.boot.isContainer) { initrd.systemd = { enable = true; - emergencyAccess = config.secrets.secrets.global.users.root.passwordHash; + emergencyAccess = globals.users.root.hashedPassword; extraBin.ip = "${pkgs.iproute2}/bin/ip"; extraBin.cryptsetup = "${pkgs.cryptsetup}/bin/cryptsetup"; users.root.shell = "${pkgs.bashInteractive}/bin/bash"; diff --git a/config/basic/default.nix b/config/basic/default.nix index 6cd2e55..ff08112 100644 --- a/config/basic/default.nix +++ b/config/basic/default.nix @@ -20,6 +20,7 @@ ../../modules/deterministic-ids.nix ../../modules/distributed-config.nix + ../../modules/globals.nix ../../modules/meta.nix ../../modules/iwd.nix ../../modules/secrets.nix diff --git a/config/basic/system.nix b/config/basic/system.nix index cb0ded1..7276665 100644 --- a/config/basic/system.nix +++ b/config/basic/system.nix @@ -77,8 +77,5 @@ let local = config.node.secretsDir + "/secrets.nix.age"; in - { - global = ../../secrets/secrets.nix.age; - } - // lib.optionalAttrs (config.node.name != null && lib.pathExists local) { inherit local; }; + lib.optionalAttrs (config.node.name != null && lib.pathExists local) { inherit local; }; } diff --git a/config/services/actual.nix b/config/services/actual.nix index 596e861..4683cb0 100644 --- a/config/services/actual.nix +++ b/config/services/actual.nix @@ -1,7 +1,7 @@ { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 3000 ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 3000 ]; }; imports = [ ../actual.nix ]; services.actual = { diff --git a/config/services/adguardhome.nix b/config/services/adguardhome.nix index 67365f2..8dba90a 100644 --- a/config/services/adguardhome.nix +++ b/config/services/adguardhome.nix @@ -1,8 +1,8 @@ -{ config, lib, ... }: +{ config, ... }: { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ config.services.adguardhome.port ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ config.services.adguardhome.port ]; }; services.adguardhome = { enable = true; @@ -30,11 +30,11 @@ ]; }; user_rules = [ - "||adguardhome.${config.secrets.secrets.global.domains.web}^$dnsrewrite=${lib.net.cidr.host config.secrets.secrets.global.net.ips.elisabeth config.secrets.secrets.global.net.privateSubnetv4}" - "||nc.${config.secrets.secrets.global.domains.web}^$dnsrewrite=${lib.net.cidr.host config.secrets.secrets.global.net.ips.elisabeth config.secrets.secrets.global.net.privateSubnetv4}" - "||immich.${config.secrets.secrets.global.domains.web}^$dnsrewrite=${lib.net.cidr.host config.secrets.secrets.global.net.ips.elisabeth config.secrets.secrets.global.net.privateSubnetv4}" - "||smb.${config.secrets.secrets.global.domains.web}^$dnsrewrite=${lib.net.cidr.host config.secrets.secrets.global.net.ips.elisabeth-samba config.secrets.secrets.global.net.privateSubnetv4}" - "||fritz.box^$dnsrewrite=${lib.net.cidr.host 1 config.secrets.secrets.global.net.privateSubnetv4}" + # "||adguardhome.${config.secrets.secrets.global.domains.web}^$dnsrewrite=${lib.net.cidr.host config.secrets.secrets.global.net.ips.elisabeth config.secrets.secrets.global.net.privateSubnetv4}" + # "||nc.${config.secrets.secrets.global.domains.web}^$dnsrewrite=${lib.net.cidr.host config.secrets.secrets.global.net.ips.elisabeth config.secrets.secrets.global.net.privateSubnetv4}" + # "||immich.${config.secrets.secrets.global.domains.web}^$dnsrewrite=${lib.net.cidr.host config.secrets.secrets.global.net.ips.elisabeth config.secrets.secrets.global.net.privateSubnetv4}" + # "||smb.${config.secrets.secrets.global.domains.web}^$dnsrewrite=${lib.net.cidr.host config.secrets.secrets.global.net.ips.elisabeth-samba config.secrets.secrets.global.net.privateSubnetv4}" + # "||fritz.box^$dnsrewrite=${lib.net.cidr.host 1 config.secrets.secrets.global.net.privateSubnetv4}" ]; dhcp.enabled = false; ratelimit = 60; diff --git a/config/services/blog.nix b/config/services/blog.nix index f2caa5e..cc00cc5 100644 --- a/config/services/blog.nix +++ b/config/services/blog.nix @@ -1,4 +1,10 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + globals, + ... +}: let prestart = pkgs.writeShellScript "blog-pre" '' if [ ! -d ./.ssh ]; then @@ -8,18 +14,20 @@ let ssh-keygen -t ed25519 -N "" -f .ssh/id_ed25519 fi if [ ! -d ./blog ]; then - ${ - lib.getExe pkgs.git - } clone --recurse-submodules ssh://git@forge.lel.lol:9922/patrick/blog.git ||\ + ${lib.getExe pkgs.git} clone --recurse-submodules ssh://git@forge.lel.lol:9922/patrick/blog.git ||\ echo "failed to clone the repository did you forget to add the ssh key?" fi ''; -in { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 80 ]; +in +{ + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 80 ]; }; - environment.systemPackages = [ pkgs.signal-cli pkgs.cargo ]; + environment.systemPackages = [ + pkgs.signal-cli + pkgs.cargo + ]; services.nginx = { enable = true; user = "blog"; @@ -31,12 +39,14 @@ in { "[forge.lel.lol]:9922".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWoGqHwkLVFXJwYcKs3CjQognvlZmROUIgkvvUgNalx"; }; - environment.persistence."/persist".directories = [{ - directory = "/var/lib/blog"; - user = "blog"; - group = "blog"; - mode = "0700"; - }]; + environment.persistence."/persist".directories = [ + { + directory = "/var/lib/blog"; + user = "blog"; + group = "blog"; + mode = "0700"; + } + ]; systemd.timers.blog-update = { wantedBy = [ "timers.target" ]; timerConfig = { @@ -60,14 +70,17 @@ in { else echo "Commiting newest changes" git -c user.name="blog-bot" \ - -c user.email="blog-bot@${config.secrets.secrets.global.domains.mail_public}" \ + -c user.email="blog-bot@${globals.domains.mail_public}" \ commit -m "Automatic commit for blog on $(date -u -I)" fi git pull --rebase git push ${lib.getExe pkgs.zola} -r public build ''; - path = [ pkgs.openssh pkgs.git ]; + path = [ + pkgs.openssh + pkgs.git + ]; serviceConfig = { Requires = "blog"; Type = "oneshot"; diff --git a/config/services/ddclient.nix b/config/services/ddclient.nix index 754e8e9..c2c9893 100644 --- a/config/services/ddclient.nix +++ b/config/services/ddclient.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, globals, ... }: { age.secrets.cloudflare_token_dns = { rekeyFile = config.node.secretsDir + "/cloudflare_api_token.age"; @@ -8,12 +8,12 @@ networking.enableIPv6 = false; services.ddclient = { enable = true; - zone = config.secrets.secrets.global.domains.web; + zone = globals.domains.web; protocol = "Cloudflare"; username = "token"; usev4 = "webv4, webv4='https://cloudflare.com/cdn-cgi/trace', webv4-skip='ip='"; usev6 = ""; passwordFile = config.age.secrets.cloudflare_token_dns.path; - domains = [ config.secrets.secrets.global.domains.web ]; + domains = [ globals.domains.web ]; }; } diff --git a/config/services/firefly.nix b/config/services/firefly.nix index 3a531d3..b4d5f6b 100644 --- a/config/services/firefly.nix +++ b/config/services/firefly.nix @@ -1,9 +1,14 @@ -{ config, nodes, ... }: +{ + config, + nodes, + globals, + ... +}: { i18n.supportedLocales = [ "all" ]; - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 80 ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 80 ]; }; age.secrets.appKey = { @@ -16,12 +21,12 @@ services.firefly-iii = { enable = true; enableNginx = true; - virtualHost = "money.${config.secrets.secrets.global.domains.web}"; + virtualHost = globals.services.firefly.domain; settings = { - APP_URL = "https://money.${config.secrets.secrets.global.domains.web}"; + APP_URL = "https://${globals.services.firefly.domain}"; TZ = "Europe/Berlin"; - TRUSTED_PROXIES = nodes.elisabeth.config.wireguard.elisabeth.ipv4; - SITE_OWNER = "firefly-admin@${config.secrets.secrets.global.domains.mail_public}"; + TRUSTED_PROXIES = nodes.nucnix-nginx.config.wireguard.services.ipv4; + SITE_OWNER = "firefly-admin@${globals.domains.mail_public}"; APP_KEY_FILE = config.age.secrets.appKey.path; AUTHENTICATION_GUARD = "remote_user_guard"; AUTHENTICATION_GUARD_HEADER = "X-User"; diff --git a/config/services/forgejo.nix b/config/services/forgejo.nix index b3f1bd5..233d26f 100644 --- a/config/services/forgejo.nix +++ b/config/services/forgejo.nix @@ -1,13 +1,11 @@ { config, + globals, nodes, pkgs, lib, ... }: -let - forgejoDomain = "forge.${config.secrets.secrets.global.domains.web}"; -in { age.secrets.resticpasswd = { generator.script = "alnum"; @@ -27,8 +25,8 @@ in passwordFile = config.age.secrets.resticpasswd.path; hetznerStorageBox = { enable = true; - inherit (config.secrets.secrets.global.hetzner) mainUser; - inherit (config.secrets.secrets.global.hetzner.users.forgejo) subUid path; + inherit (globals.hetzner) mainUser; + inherit (globals.hetzner.users.forgejo) subUid path; sshAgeSecret = "forgejoHetznerSsh"; }; paths = [ config.services.forgejo.stateDir ]; @@ -52,9 +50,9 @@ in home = config.services.forgejo.stateDir; }; - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ config.services.forgejo.settings.server.HTTP_PORT ]; }; @@ -86,7 +84,7 @@ in group = "stalwart-mail"; mode = "440"; }; - services.idmail.provision.mailboxes."forge@${config.secrets.secrets.global.domains.mail_public}" = { + services.idmail.provision.mailboxes."forge@${globals.domains.mail_public}" = { password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-forgejo-passwd-hash.path}}%"; owner = "admin"; }; @@ -116,9 +114,9 @@ in # federation.ENABLED = true; mailer = { ENABLED = true; - SMTP_ADDR = "smtp.${config.secrets.secrets.global.domains.mail_public}"; - FROM = "forge@${config.secrets.secrets.global.domains.mail_public}"; - USER = "forge@${config.secrets.secrets.global.domains.mail_public}"; + SMTP_ADDR = "smtp.${globals.domains.mail_public}"; + FROM = "forge@${globals.domains.mail_public}"; + USER = "forge@${globals.domains.mail_public}"; SEND_AS_PLAIN_TEXT = true; }; oauth2_client = { @@ -137,8 +135,8 @@ in server = { HTTP_ADDR = "0.0.0.0"; HTTP_PORT = 3000; - DOMAIN = forgejoDomain; - ROOT_URL = "https://${forgejoDomain}/"; + DOMAIN = globals.services.forgejo.domain; + ROOT_URL = "https://${globals.services.forgejo.domain}/"; LANDING_PAGE = "login"; SSH_PORT = 9922; }; @@ -176,7 +174,7 @@ in "--key" clientId "--auto-discover-url" - "https://auth.${config.secrets.secrets.global.domains.web}/oauth2/openid/${clientId}/.well-known/openid-configuration" + "https://auth.${globals.domains.web}/oauth2/openid/${clientId}/.well-known/openid-configuration" "--scopes" "email" "--scopes" diff --git a/config/services/homebox.nix b/config/services/homebox.nix index 488b7b3..c0f2b9e 100644 --- a/config/services/homebox.nix +++ b/config/services/homebox.nix @@ -1,7 +1,7 @@ { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 3000 ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 3000 ]; }; services.homebox = { enable = true; diff --git a/config/services/idmail.nix b/config/services/idmail.nix index d97c80c..aaf49f2 100644 --- a/config/services/idmail.nix +++ b/config/services/idmail.nix @@ -1,12 +1,13 @@ { inputs, config, + globals, ... }: let - domain = config.secrets.secrets.global.domains.mail_public; - idmailDomain = "alias.${domain}"; - priv_domain = config.secrets.secrets.global.domains.mail_private; + domain = globals.domains.mail_public; + idmailDomain = globals.services.idmail.domain; + priv_domain = globals.domains.mail_private; mkRandomSecret = { generator.script = "alnum"; diff --git a/config/services/immich.nix b/config/services/immich.nix index eb95b5f..0353abe 100644 --- a/config/services/immich.nix +++ b/config/services/immich.nix @@ -3,11 +3,12 @@ pkgs, nodes, config, + globals, ... }: let version = "v1.119.1"; - immichDomain = "immich.${config.secrets.secrets.global.domains.web}"; + immichDomain = "immich.${globals.domains.web}"; ipImmichMachineLearning = "10.89.0.10"; ipImmichPostgres = "10.89.0.12"; @@ -57,10 +58,10 @@ let }; notifications.smtp = { enabled = true; - from = "immich@${config.secrets.secrets.global.domains.mail_public}"; + from = "immich@${globals.domains.mail_public}"; transport = { - username = "immich@${config.secrets.secrets.global.domains.mail_public}"; - host = "smtp.${config.secrets.secrets.global.domains.mail_public}"; + username = "immich@${globals.domains.mail_public}"; + host = "smtp.${globals.domains.mail_public}"; port = 465; }; }; @@ -91,7 +92,7 @@ let clientId = "immich"; # clientSecret will be dynamically added in activation script - issuerUrl = "https://auth.${config.secrets.secrets.global.domains.web}/oauth2/openid/${clientId}"; + issuerUrl = "https://auth.${globals.domains.web}/oauth2/openid/${clientId}"; scope = "openid email profile"; storageLabelClaim = "preferred_username"; }; @@ -163,7 +164,7 @@ in group = "stalwart-mail"; mode = "440"; }; - services.idmail.provision.mailboxes."immich@${config.secrets.secrets.global.domains.mail_public}" = { + services.idmail.provision.mailboxes."immich@${globals.domains.mail_public}" = { password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-immich-passwd-hash.path}}%"; owner = "admin"; }; @@ -193,8 +194,8 @@ in passwordFile = config.age.secrets.resticpasswd.path; hetznerStorageBox = { enable = true; - inherit (config.secrets.secrets.global.hetzner) mainUser; - inherit (config.secrets.secrets.global.hetzner.users.immich) subUid path; + inherit (globals.hetzner) mainUser; + inherit (globals.hetzner.users.immich) subUid path; sshAgeSecret = "immichHetznerSsh"; }; backupPrepareCommand = '' @@ -242,15 +243,15 @@ in vcpu = 12; }; - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 3000 ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 3000 ]; }; networking.nftables.chains.forward.into-immich-container = { after = [ "conntrack" ]; rules = [ - "iifname elisabeth ip saddr ${nodes.elisabeth.config.wireguard.elisabeth.ipv4} tcp dport 2283 accept" + "iifname elisabeth ip saddr ${nodes.nucnix-nginx.config.wireguard.services.ipv4} tcp dport 2283 accept" "iifname podman1 oifname lan accept" ]; }; diff --git a/config/services/invidious.nix b/config/services/invidious.nix index 6d94ae5..28e670d 100644 --- a/config/services/invidious.nix +++ b/config/services/invidious.nix @@ -1,8 +1,8 @@ -{ config, ... }: +{ globals, ... }: { services.invidious = { enable = true; - domain = "yt.${config.secrets.secrets.global.domains.web}"; + inherit (globals.services.invidious) domain; sig-helper.enable = true; settings = { external_port = 443; @@ -33,8 +33,8 @@ } ]; - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 3000 ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 3000 ]; }; } diff --git a/config/services/kanidm.nix b/config/services/kanidm.nix index 8873847..0330a88 100644 --- a/config/services/kanidm.nix +++ b/config/services/kanidm.nix @@ -1,11 +1,13 @@ -{ config, pkgs, ... }: -let - kanidmdomain = "auth.${config.secrets.secrets.global.domains.web}"; -in { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 3000 ]; + globals, + config, + pkgs, + ... +}: +{ + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 3000 ]; }; environment.persistence."/persist".directories = [ { @@ -56,8 +58,8 @@ in package = pkgs.kanidm.withSecretProvisioning; enableServer = true; serverSettings = { - domain = kanidmdomain; - origin = "https://${kanidmdomain}"; + inherit (globals.services.kanidm) domain; + origin = "https://${globals.services.kanidm.domain}"; tls_chain = config.age.secrets.kanidm-cert.path; tls_key = config.age.secrets.kanidm-key.path; bindaddress = "0.0.0.0:3000"; @@ -83,8 +85,8 @@ in }; systems.oauth2.paperless = { displayName = "paperless"; - originUrl = "https://ppl.${config.secrets.secrets.global.domains.web}/accounts/oidc/kanidm/login/callback/"; - originLanding = "https://ppl.${config.secrets.secrets.global.domains.web}/"; + originUrl = "https://${globals.services.paperless.domain}/accounts/oidc/kanidm/login/callback/"; + originLanding = "https://${globals.services.paperless.domain}/"; basicSecretFile = config.age.secrets.oauth2-paperless.path; scopeMaps."paperless.access" = [ "openid" @@ -103,8 +105,8 @@ in }; systems.oauth2.nextcloud = { displayName = "nextcloud"; - originUrl = "https://nc.${config.secrets.secrets.global.domains.web}/"; - originLanding = "https://nc.${config.secrets.secrets.global.domains.web}/"; + originUrl = "https://${globals.services.nextcloud.domain}/"; + originLanding = "https://${globals.services.nextcloud.domain}/"; basicSecretFile = config.age.secrets.oauth2-nextcloud.path; allowInsecureClientDisablePkce = true; scopeMaps."nextcloud.access" = [ @@ -125,10 +127,10 @@ in systems.oauth2.immich = { displayName = "Immich"; originUrl = [ - "https://immich.${config.secrets.secrets.global.domains.web}/auth/login" - "https://immich.${config.secrets.secrets.global.domains.web}/api/oauth/mobile-redirect" + "https://${globals.services.immich.domain}/auth/login" + "https://${globals.services.immich.domain}/api/oauth/mobile-redirect" ]; - originLanding = "https://immich.${config.secrets.secrets.global.domains.web}/"; + originLanding = "https://${globals.services.immich.domain}/"; basicSecretFile = config.age.secrets.oauth2-immich.path; allowInsecureClientDisablePkce = true; enableLegacyCrypto = true; @@ -149,8 +151,8 @@ in systems.oauth2.oauth2-proxy = { displayName = "Oauth2-Proxy"; - originUrl = "https://oauth2.${config.secrets.secrets.global.domains.web}/oauth2/callback"; - originLanding = "https://oauth2.${config.secrets.secrets.global.domains.web}/"; + originUrl = "https://${globals.services.oauth2-proxy.domain}/oauth2/callback"; + originLanding = "https://${globals.services.oauth2-proxy.domain}/"; basicSecretFile = config.age.secrets.oauth2-proxy.path; scopeMaps."adguardhome.access" = [ "openid" @@ -202,8 +204,8 @@ in }; systems.oauth2.forgejo = { displayName = "Forgejo"; - originUrl = "https://forge.${config.secrets.secrets.global.domains.web}/user/oauth2/kanidm/callback"; - originLanding = "https://forge.${config.secrets.secrets.global.domains.web}/"; + originUrl = "https://${globals.services.forgejo.domain}/user/oauth2/kanidm/callback"; + originLanding = "https://${globals.services.forgejo.domain}/"; basicSecretFile = config.age.secrets.oauth2-forgejo.path; scopeMaps."forgejo.access" = [ "openid" @@ -223,10 +225,10 @@ in public = true; displayName = "Netbird"; originUrl = [ - "https://netbird.${config.secrets.secrets.global.domains.web}/peers" - "https://netbird.${config.secrets.secrets.global.domains.web}/add-peers" + "https://${globals.services.netbird.domain}/peers" + "https://${globals.services.netbird.domain}/add-peers" ]; - originLanding = "https://netbird.${config.secrets.secrets.global.domains.web}/"; + originLanding = "https://${globals.services.netbird.domain}/"; preferShortUsername = true; enableLocalhostRedirects = true; enableLegacyCrypto = true; diff --git a/config/services/maddy.nix b/config/services/maddy.nix index 044ab12..41a8ed3 100644 --- a/config/services/maddy.nix +++ b/config/services/maddy.nix @@ -4,11 +4,12 @@ config, pkgs, lib, + globals, ... }: let - priv_domain = config.secrets.secrets.global.domains.mail_private; - domain = config.secrets.secrets.global.domains.mail_public; + priv_domain = globals.domains.mail_private; + domain = globals.domains.mail_public; mailDomains = [ priv_domain domain @@ -41,8 +42,8 @@ in passwordFile = config.age.secrets.resticpasswd.path; hetznerStorageBox = { enable = true; - inherit (config.secrets.secrets.global.hetzner) mainUser; - inherit (config.secrets.secrets.global.hetzner.users.maddy) subUid path; + inherit (globals.hetzner) mainUser; + inherit (globals.hetzner.users.maddy) subUid path; sshAgeSecret = "maddyHetznerSsh"; }; paths = [ diff --git a/config/services/netbird.nix b/config/services/netbird.nix index ea66105..255014a 100644 --- a/config/services/netbird.nix +++ b/config/services/netbird.nix @@ -1,8 +1,13 @@ -{ config, lib, ... }: { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ + config, + lib, + globals, + ... +}: +{ + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 80 # dashboard 3000 # management 8012 # signal @@ -47,20 +52,20 @@ clients.main = { port = 51820; environment = { - NB_MANAGEMENT_URL = "https://netbird.${config.secrets.secrets.global.domains.web}"; - NB_ADMIN_URL = "https://netbird.${config.secrets.secrets.global.domains.web}"; + NB_MANAGEMENT_URL = "https://${globals.services.netbird.domain}"; + NB_ADMIN_URL = "https://${globals.services.netbird.domain}"; NB_HOSTNAME = "home"; }; }; server = { enable = true; - domain = "netbird.${config.secrets.secrets.global.domains.web}"; + inherit (globals.services.netbird) domain; dashboard = { enableNginx = true; settings = { - AUTH_AUTHORITY = "https://auth.${config.secrets.secrets.global.domains.web}/oauth2/openid/netbird"; + AUTH_AUTHORITY = "https://${globals.services.kanidm.domain}/oauth2/openid/netbird"; # Fix Kanidm not supporting fragmented URIs AUTH_REDIRECT_URI = "/peers"; AUTH_SILENT_REDIRECT_URI = "/add-peers"; @@ -69,7 +74,7 @@ relay = { authSecretFile = config.age.secrets.relaySecret.path; - settings.NB_EXPOSED_ADDRESS = "rels://netbird.${config.secrets.secrets.global.domains.web}:443"; + settings.NB_EXPOSED_ADDRESS = "rels://${globals.services.netbird.domain}:443"; }; coturn = { @@ -82,12 +87,12 @@ # DNS server should do the lookup this is not used dnsDomain = "internal.invalid"; singleAccountModeDomain = "netbird.patrick"; - oidcConfigEndpoint = "https://auth.${config.secrets.secrets.global.domains.web}/oauth2/openid/netbird/.well-known/openid-configuration"; + oidcConfigEndpoint = "https://${globals.services.kanidm.domain}/oauth2/openid/netbird/.well-known/openid-configuration"; settings = { TURNConfig = { Secret._secret = config.age.secrets.coturnSecret.path; }; - Signal.URI = "netbird.${config.secrets.secrets.global.domains.web}:443"; + Signal.URI = "${globals.services.netbird.domain}:443"; HttpConfig = { # This is not possible # failed validating JWT token sent from peer y1ParZkbzVMQGeU/KMycYl75v90i2O6EwgO1YQZnSFs= with error rpc error: code = Internal desc = unable to fetch account with claims, err: user ID is empty diff --git a/config/services/nextcloud.nix b/config/services/nextcloud.nix index 459d3d7..5feb651 100644 --- a/config/services/nextcloud.nix +++ b/config/services/nextcloud.nix @@ -3,11 +3,9 @@ pkgs, config, nodes, + globals, ... }: -let - hostName = "nc.${config.secrets.secrets.global.domains.web}"; -in { age.secrets.mailnix-passwd = { @@ -28,7 +26,7 @@ in group = "stalwart-mail"; mode = "440"; }; - services.idmail.provision.mailboxes."nextcloud@${config.secrets.secrets.global.domains.mail_public}" = { + services.idmail.provision.mailboxes."nextcloud@${globals.domains.mail_public}" = { password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-nextcloud-passwd-hash.path}}%"; owner = "admin"; }; @@ -57,7 +55,7 @@ in services.postgresql.package = pkgs.postgresql_16; services.nextcloud = { - inherit hostName; + hostName = globals.services.nextcloud.domain; enable = true; package = pkgs.nextcloud30; configureRedis = true; @@ -79,7 +77,7 @@ in phpOptions."opcache.interned_strings_buffer" = "32"; settings = { default_phone_region = "DE"; - trusted_proxies = [ nodes.elisabeth.config.wireguard.elisabeth.ipv4 ]; + trusted_proxies = [ nodes.nucnix-nginx.config.wireguard.services.ipv4 ]; overwriteprotocol = "https"; maintenance_window_start = 2; enabledPreviewProviders = [ @@ -97,13 +95,13 @@ in ]; mail_smtpmode = "smtp"; - mail_smtphost = "smtp.${config.secrets.secrets.global.domains.mail_public}"; + mail_smtphost = "smtp.${globals.domains.mail_public}"; mail_smtpport = 465; mail_from_address = "nextcloud"; mail_smtpsecure = "ssl"; - mail_domain = config.secrets.secrets.global.domains.mail_public; + mail_domain = globals.domains.mail_public; mail_smtpauth = true; - mail_smtpname = "nextcloud@${config.secrets.secrets.global.domains.mail_public}"; + mail_smtpname = "nextcloud@${globals.domains.mail_public}"; loglevel = 2; }; config = { @@ -123,9 +121,9 @@ in "L+ ${config.services.nextcloud.datadir}/config/mailer.config.php - - - - ${mailer-passwd-conf}" ]; - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 80 ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 80 ]; }; networking = { # Use systemd-resolved inside the container diff --git a/config/services/nginx.nix b/config/services/nginx.nix new file mode 100644 index 0000000..7705926 --- /dev/null +++ b/config/services/nginx.nix @@ -0,0 +1,186 @@ +{ + config, + nodes, + lib, + globals, + ... +}: +let + ipOf = name: nodes.${globals.services.${name}.host}.config.wireguard.services.ipv4; +in +{ + wireguard.services = { + client.via = "nucnix"; + }; + services.netbird.server.proxy = + let + cfg = nodes.elisabeth-netbird.config.services.netbird.server; + in + { + domain = "${globals.services.netbird.domain}"; + enable = true; + enableNginx = true; + signalAddress = "${nodes.elisabeth-netbird.config.wireguard.services.ipv4}:${toString cfg.signal.port}"; + relayAddress = "${nodes.elisabeth-netbird.config.wireguard.services.ipv4}:${toString cfg.relay.port}"; + managementAddress = "${nodes.elisabeth-netbird.config.wireguard.services.ipv4}:${toString cfg.management.port}"; + dashboardAddress = "${nodes.elisabeth-netbird.config.wireguard.services.ipv4}:80"; + }; + services.nginx = + let + blockOf = + hostName: + { + virtualHostExtraConfig ? "", + maxBodySize ? "500M", + port ? 3000, + upstream ? hostName, + protocol ? "http", + ... + }: + { + upstreams.${hostName} = { + servers."${ipOf upstream}:${toString port}" = { }; + extraConfig = '' + zone ${hostName} 64k ; + keepalive 5 ; + ''; + }; + virtualHosts.${globals.services.${hostName}.domain} = { + forceSSL = true; + useACMEHost = "web"; + locations."/" = { + proxyPass = "${protocol}://${hostName}"; + proxyWebsockets = true; + X-Frame-Options = "SAMEORIGIN"; + }; + extraConfig = + '' + client_max_body_size ${maxBodySize} ; + '' + + virtualHostExtraConfig; + }; + }; + proxyProtect = + hostName: + { + allowedGroup ? true, + ... + }@cfg: + lib.mkMerge [ + (blockOf hostName cfg) + { + virtualHosts.${globals.services.${hostName}.domain} = { + locations."/".extraConfig = '' + auth_request /oauth2/auth; + error_page 401 = /oauth2/sign_in; + + # pass information via X-User and X-Email headers to backend, + # requires running with --set-xauthrequest flag + auth_request_set $user $upstream_http_x_auth_request_preferred_username; + # Set the email to our own domain in case user change their mail + auth_request_set $email "''${upstream_http_x_auth_request_preferred_username}@${globals.domains.web}"; + proxy_set_header X-User $user; + proxy_set_header X-Email $email; + + # if you enabled --cookie-refresh, this is needed for it to work with auth_request + auth_request_set $auth_cookie $upstream_http_set_cookie; + add_header Set-Cookie $auth_cookie; + ''; + locations."/oauth2/" = { + proxyPass = "http://oauth2-proxy"; + extraConfig = '' + proxy_set_header X-Scheme $scheme; + proxy_set_header X-Auth-Request-Redirect $scheme://$host$request_uri; + ''; + }; + + locations."= /oauth2/auth" = { + proxyPass = + "http://oauth2-proxy/oauth2/auth" + + lib.optionalString allowedGroup "?allowed_groups=${hostName}_access"; + extraConfig = '' + internal; + + proxy_set_header X-Scheme $scheme; + # nginx auth_request includes headers but not body + proxy_set_header Content-Length ""; + proxy_pass_request_body off; + ''; + }; + }; + } + ]; + in + lib.mkMerge [ + { + enable = true; + recommendedSetup = true; + virtualHosts."${globals.services.netbird.domain}".useACMEHost = "web"; + } + (blockOf "vaultwarden" { maxBodySize = "1G"; }) + (blockOf "forgejo" { maxBodySize = "1G"; }) + (blockOf "immich" { + maxBodySize = "5G"; + virtualHostExtraConfig = '' + proxy_buffering off; + proxy_request_buffering off; + ''; + }) + (proxyProtect "adguardhome" { }) + (proxyProtect "oauth2-proxy" { allowedGroup = false; }) + (blockOf "paperless" { maxBodySize = "5G"; }) + (proxyProtect "ttrss" { port = 80; }) + (proxyProtect "invidious" { }) + (blockOf "yourspotify" { port = 80; }) + (blockOf "blog" { port = 80; }) + (blockOf "homebox" { }) + (proxyProtect "ollama" { }) + (proxyProtect "firefly" { port = 80; }) + (blockOf "apispotify" { + port = 3000; + upstream = "yourspotify"; + }) + (blockOf "nextcloud" { + maxBodySize = "5G"; + port = 80; + }) + (blockOf "kanidm" { + protocol = "https"; + virtualHostExtraConfig = '' + proxy_ssl_verify off ; + ''; + }) + ]; + + age.secrets.cloudflare_token_acme = { + rekeyFile = config.node.secretsDir + "/cloudflare_api_token.age"; + mode = "440"; + group = "acme"; + }; + security.acme = { + acceptTerms = true; + defaults = { + email = globals.accounts.email."1".address; + dnsProvider = "cloudflare"; + dnsPropagationCheck = true; + reloadServices = [ "nginx" ]; + credentialFiles = { + "CF_DNS_API_TOKEN_FILE" = config.age.secrets.cloudflare_token_acme.path; + "CF_ZONE_API_TOKEN_FILE" = config.age.secrets.cloudflare_token_acme.path; + }; + }; + }; + security.acme.certs.web = { + domain = globals.domains.web; + extraDomainNames = [ "*.${globals.domains.web}" ]; + }; + users.groups.acme.members = [ "nginx" ]; + environment.persistence."/state".directories = [ + { + directory = "/var/lib/acme"; + user = "acme"; + group = "acme"; + mode = "0755"; + } + ]; +} diff --git a/config/services/oauth2-proxy.nix b/config/services/oauth2-proxy.nix index e253998..e576a62 100644 --- a/config/services/oauth2-proxy.nix +++ b/config/services/oauth2-proxy.nix @@ -1,8 +1,13 @@ -{ config, nodes, ... }: { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 3000 ]; + config, + nodes, + globals, + ... +}: +{ + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 3000 ]; }; age.secrets.oauth2-cookie-secret = { @@ -13,7 +18,7 @@ services.oauth2-proxy = { enable = true; - cookie.domain = ".${config.secrets.secrets.global.domains.web}"; + cookie.domain = ".${globals.domains.web}"; cookie.secure = true; cookie.expire = "900m"; cookie.secret = null; @@ -22,26 +27,26 @@ reverseProxy = true; httpAddress = "0.0.0.0:3000"; - redirectURL = "https://oauth2.${config.secrets.secrets.global.domains.web}/oauth2/callback"; + redirectURL = "https://oauth2.${globals.domains.web}/oauth2/callback"; setXauthrequest = true; extraConfig = { code-challenge-method = "S256"; - whitelist-domain = ".${config.secrets.secrets.global.domains.web}"; + whitelist-domain = ".${globals.domains.web}"; set-authorization-header = true; pass-access-token = true; skip-jwt-bearer-tokens = true; upstream = "static://202"; - oidc-issuer-url = "https://auth.${config.secrets.secrets.global.domains.web}/oauth2/openid/oauth2-proxy"; + oidc-issuer-url = "https://auth.${globals.domains.web}/oauth2/openid/oauth2-proxy"; provider-display-name = "Kanidm"; #client-secret-file = config.age.secrets.oauth2-client-secret.path; }; provider = "oidc"; scope = "openid email"; - loginURL = "https://auth.${config.secrets.secrets.global.domains.web}/ui/oauth2"; - redeemURL = "https://auth.${config.secrets.secrets.global.domains.web}/oauth2/token"; - validateURL = "https://auth.${config.secrets.secrets.global.domains.web}/oauth2/openid/oauth2-proxy/userinfo"; + loginURL = "https://auth.${globals.domains.web}/ui/oauth2"; + redeemURL = "https://auth.${globals.domains.web}/oauth2/token"; + validateURL = "https://auth.${globals.domains.web}/oauth2/openid/oauth2-proxy/userinfo"; clientID = "oauth2-proxy"; email.domains = [ "*" ]; }; diff --git a/config/services/octoprint.nix b/config/services/octoprint.nix index 733cd19..8f58c90 100644 --- a/config/services/octoprint.nix +++ b/config/services/octoprint.nix @@ -3,9 +3,9 @@ disabledModules = [ "services/misc/octoprint.nix" ]; imports = [ "${inputs.nixpkgs-octoprint}/nixos/modules/services/misc/octoprint.nix" ]; - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ config.services.octoprint.port ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ config.services.octoprint.port ]; }; environment.persistence."/persist".directories = [ { diff --git a/config/services/ollama.nix b/config/services/ollama.nix index a8bbb4e..1973408 100644 --- a/config/services/ollama.nix +++ b/config/services/ollama.nix @@ -1,8 +1,8 @@ { config, ... }: { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ config.services.open-webui.port ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ config.services.open-webui.port ]; }; services.ollama = { host = "localhost"; diff --git a/config/services/paperless.nix b/config/services/paperless.nix index 3ee0f4a..609731f 100644 --- a/config/services/paperless.nix +++ b/config/services/paperless.nix @@ -1,12 +1,12 @@ { pkgs, nodes, + globals, config, lib, ... }: let - paperlessdomain = "ppl.${config.secrets.secrets.global.domains.web}"; paperlessBackupDir = "/var/cache/backups/paperless"; in { @@ -34,8 +34,8 @@ in passwordFile = config.age.secrets.resticpasswd.path; hetznerStorageBox = { enable = true; - inherit (config.secrets.secrets.global.hetzner) mainUser; - inherit (config.secrets.secrets.global.hetzner.users.paperless) subUid path; + inherit (globals.hetzner) mainUser; + inherit (globals.hetzner.users.paperless) subUid path; sshAgeSecret = "paperlessHetznerSsh"; }; paths = [ paperlessBackupDir ]; @@ -64,9 +64,9 @@ in before = [ "restic-backups-main.service" ]; }; - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ config.services.paperless.port ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ config.services.paperless.port ]; }; age.secrets.paperless-admin-passwd = { @@ -83,10 +83,10 @@ in consumptionDir = "/paperless/consume"; mediaDir = "/paperless/media"; settings = { - PAPERLESS_URL = "https://${paperlessdomain}"; - PAPERLESS_ALLOWED_HOSTS = paperlessdomain; - PAPERLESS_CORS_ALLOWED_HOSTS = "https://${paperlessdomain}"; - PAPERLESS_TRUSTED_PROXIES = nodes.elisabeth.config.wireguard.elisabeth.ipv4; + PAPERLESS_URL = "https://${globals.services.paperless.domain}"; + PAPERLESS_ALLOWED_HOSTS = globals.services.paperless.domain; + PAPERLESS_CORS_ALLOWED_HOSTS = "https://${globals.services.paperless.domain}"; + PAPERLESS_TRUSTED_PROXIES = nodes.nucnix-nginx.config.wireguard.services.ipv4; PAPERLESS_APPS = "allauth.socialaccount.providers.openid_connect"; @@ -98,7 +98,7 @@ in provider_id = "kanidm"; name = "Kanidm"; client_id = "paperless"; - settings.server_url = "https://auth.${config.secrets.secrets.global.domains.web}/oauth2/openid/${client_id}/.well-known/openid-configuration"; + settings.server_url = "https://${globals.services.kanidm.domain}/oauth2/openid/${client_id}/.well-known/openid-configuration"; } ]; }; diff --git a/config/services/pr-tracker.nix b/config/services/pr-tracker.nix deleted file mode 100644 index 61c2c5f..0000000 --- a/config/services/pr-tracker.nix +++ /dev/null @@ -1,143 +0,0 @@ -{ - config, - nodes, - lib, - pkgs, - ... -}: -let - prestart = pkgs.writeShellScript "pr-tracker-pre" '' - if [ ! -d ./nixpkgs ]; then - ${lib.getExe pkgs.git} clone https://github.com/NixOS/nixpkgs.git - fi - ''; -in -{ - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 3000 ]; - }; - networking.firewall.allowedTCPPorts = [ 3000 ]; - environment.persistence."/persist".directories = [ - { - directory = "/var/lib/pr-tracker"; - user = "pr-tracker"; - group = "pr-tracker"; - mode = "0700"; - } - ]; - age.secrets.maddyPasswd = { - generator.script = "alnum"; - owner = "pr-tracker"; - }; - age.secrets.prTrackerEnv = { - rekeyFile = config.node.secretsDir + "/env.age"; - owner = "pr-tracker"; - }; - age.secrets.prTrackerWhiteList = { - rekeyFile = config.node.secretsDir + "/white-list.age"; - owner = "pr-tracker"; - }; - nodes.maddy = { - age.secrets.pr-trackerPasswd = { - inherit (config.age.secrets.maddyPasswd) rekeyFile; - inherit (nodes.maddy.config.services.maddy) group; - mode = "640"; - }; - services.maddy.ensureCredentials = { - "pr-tracker@${config.secrets.secrets.global.domains.mail_public}".passwordFile = - nodes.maddy.config.age.secrets.pr-trackerPasswd.path; - }; - }; - systemd.sockets.pr-tracker = { - listenStreams = [ "0.0.0.0:3000" ]; - wantedBy = [ "sockets.target" ]; - }; - systemd.services.pr-tracker = { - path = [ pkgs.git ]; - serviceConfig = { - User = "pr-tracker"; - Group = "pr-tracker"; - StateDirectory = "pr-tracker"; - WorkingDirectory = "/var/lib/pr-tracker"; - LimitNOFILE = "1048576"; - PrivateTmp = true; - PrivateDevices = true; - StateDirectoryMode = "0700"; - Restart = "always"; - ExecStartPre = prestart; - ExecStart = '' - ${lib.getExe pkgs.pr-tracker} --url "https://pr-tracker.${config.secrets.secrets.global.domains.web}"\ - --user-agent "Patricks pr-tracker" \ - --path nixpkgs --remote origin \ - --email-white-list ${config.age.secrets.prTrackerWhiteList.path} \ - --email-address pr-tracker@${config.secrets.secrets.global.domains.mail_public} \ - --email-server smtp.${config.secrets.secrets.global.domains.mail_public} \ - ''; - EnvironmentFile = config.age.secrets.prTrackerEnv.path; - - # Hardening - CapabilityBoundingSet = ""; - LockPersonality = true; - MemoryDenyWriteExecute = true; - PrivateUsers = true; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - ProtectProc = "invisible"; - ProcSubset = "pid"; - ProtectSystem = "strict"; - RestrictAddressFamilies = [ - "AF_INET" - "AF_INET6" - "AF_NETLINK" - ]; - RestrictNamespaces = true; - RestrictRealtime = true; - SystemCallArchitectures = "native"; - SystemCallFilter = [ - "@system-service" - "@pkey" - ]; - UMask = "0077"; - }; - }; - systemd.timers.pr-tracker-update = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnBootSec = "30m"; - OnUnitActiveSec = "30m"; - }; - }; - users.groups.pr-tracker = { }; - users.users.pr-tracker = { - isSystemUser = true; - group = "pr-tracker"; - home = "/var/lib/pr-tracker"; - }; - - systemd.services.pr-tracker-update = { - script = '' - ${lib.getExe pkgs.git} -C nixpkgs fetch - ${lib.getExe pkgs.curl} http://localhost:3000/update - ''; - serviceConfig = { - Requires = "pr-tracker"; - Type = "oneshot"; - User = "pr-tracker"; - Group = "pr-tracker"; - StateDirectory = "pr-tracker"; - WorkingDirectory = "/var/lib/pr-tracker"; - LimitNOFILE = "1048576"; - PrivateTmp = true; - PrivateDevices = true; - StateDirectoryMode = "0700"; - ExecStartPre = prestart; - EnvironmentFile = config.age.secrets.prTrackerEnv.path; - }; - }; -} diff --git a/config/services/samba.nix b/config/services/samba.nix index 9baf7b9..de76b1c 100644 --- a/config/services/samba.nix +++ b/config/services/samba.nix @@ -1,4 +1,9 @@ -{ config, lib, ... }: +{ + config, + lib, + globals, + ... +}: let shares = lib.removeAttrs config.services.samba.settings [ "global" ]; in @@ -26,8 +31,8 @@ in passwordFile = config.age.secrets.resticpasswd.path; hetznerStorageBox = { enable = true; - inherit (config.secrets.secrets.global.hetzner) mainUser; - inherit (config.secrets.secrets.global.hetzner.users.smb) subUid path; + inherit (globals.hetzner) mainUser; + inherit (globals.hetzner.users.smb) subUid path; sshAgeSecret = "resticHetznerSsh"; }; paths = [ "/bunker" ]; diff --git a/config/services/ttrss.nix b/config/services/ttrss.nix index 0003124..e914415 100644 --- a/config/services/ttrss.nix +++ b/config/services/ttrss.nix @@ -1,8 +1,8 @@ { config, pkgs, ... }: { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ 80 ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 80 ]; }; services.freshrss = { enable = true; diff --git a/config/services/vaultwarden.nix b/config/services/vaultwarden.nix index 2ef9645..26d1812 100644 --- a/config/services/vaultwarden.nix +++ b/config/services/vaultwarden.nix @@ -2,11 +2,9 @@ config, lib, nodes, + globals, ... }: -let - vaultwardenDomain = "pw.${config.secrets.secrets.global.domains.web}"; -in { age.secrets.vaultwarden-env = { rekeyFile = config.node.secretsDir + "/vaultwarden-env.age"; @@ -41,8 +39,8 @@ in passwordFile = config.age.secrets.resticpasswd.path; hetznerStorageBox = { enable = true; - inherit (config.secrets.secrets.global.hetzner) mainUser; - inherit (config.secrets.secrets.global.hetzner.users.vaultwarden) subUid path; + inherit (globals.hetzner) mainUser; + inherit (globals.hetzner.users.vaultwarden) subUid path; sshAgeSecret = "vaultwardenHetznerSsh"; }; paths = [ config.services.vaultwarden.backupDir ]; @@ -70,7 +68,7 @@ in group = "stalwart-mail"; mode = "440"; }; - services.idmail.provision.mailboxes."vaultwarden@${config.secrets.secrets.global.domains.mail_public}" = { + services.idmail.provision.mailboxes."vaultwarden@${globals.domains.mail_public}" = { password_hash = "%{file:${nodes.mailnix.config.age.secrets.idmail-vaultwarden-passwd-hash.path}}%"; owner = "admin"; }; @@ -101,21 +99,23 @@ in passwordIterations = 1000000; invitationsAllowed = true; invitationOrgName = "Vaultwarden"; - domain = "https://${vaultwardenDomain}"; + domain = "https://${globals.services.vaultwarden.domain}"; - smtpHost = "smtp.${config.secrets.secrets.global.domains.mail_public}"; - smtpFrom = "vaultwarden@${config.secrets.secrets.global.domains.mail_public}"; + smtpHost = "smtp.${globals.domains.mail_public}"; + smtpFrom = "vaultwarden@${globals.domains.mail_public}"; smtpPort = 465; smtpSecurity = "force_tls"; - smtpUsername = "vaultwarden@${config.secrets.secrets.global.domains.mail_public}"; + smtpUsername = "vaultwarden@${globals.domains.mail_public}"; smtpEmbedImages = true; }; environmentFile = config.age.secrets.vaultwarden-env.path; }; - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ config.services.vaultwarden.config.rocketPort ]; + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ + config.services.vaultwarden.config.rocketPort + ]; }; # Replace uses of old name diff --git a/config/services/yourspotify.nix b/config/services/yourspotify.nix index aa7535c..3cad3b2 100644 --- a/config/services/yourspotify.nix +++ b/config/services/yourspotify.nix @@ -1,8 +1,8 @@ { config, pkgs, ... }: { - wireguard.elisabeth = { - client.via = "elisabeth"; - firewallRuleForNode.elisabeth.allowedTCPPorts = [ + wireguard.services = { + client.via = "nucnix"; + firewallRuleForNode.nucnix-nginx.allowedTCPPorts = [ 3000 80 ]; diff --git a/flake.lock b/flake.lock index c3996f8..c3cbcde 100644 --- a/flake.lock +++ b/flake.lock @@ -1637,11 +1637,11 @@ "treefmt-nix": "treefmt-nix_3" }, "locked": { - "lastModified": 1734374811, - "narHash": "sha256-+an6TysKwyWWeC7MeWGoHcULR9gc7TeXyszMAzvwRRo=", + "lastModified": 1734695484, + "narHash": "sha256-wmUjUxaXpItyGzafb96oVuJu/0qM6VEBKehIQ2cC1dg=", "ref": "refs/heads/main", - "rev": "85a6a4df38b05ed2d70e530d43de9820b3231e4a", - "revCount": 25, + "rev": "99cbcc03d9ce737e53fbdab3213ce136fbca8bbe", + "revCount": 26, "type": "git", "url": "https://forge.lel.lol/patrick/nixp-meta.git" }, diff --git a/flake.nix b/flake.nix index cae7645..67656ee 100644 --- a/flake.nix +++ b/flake.nix @@ -116,6 +116,7 @@ imports = [ ./nix/agenix-rekey.nix ./nix/devshell.nix + ./nix/globals.nix ./nix/hosts.nix ./nix/pkgs.nix ./nix/patch.nix diff --git a/globals.nix b/globals.nix new file mode 100644 index 0000000..afe994b --- /dev/null +++ b/globals.nix @@ -0,0 +1,123 @@ +{ + config, + lib, + inputs, + ... +}: +let + inherit (config) globals; + # Try to access the extra builtin we loaded via nix-plugins. + # Throw an error if that doesn't exist. + rageImportEncrypted = + assert lib.assertMsg (builtins ? extraBuiltins.rageImportEncrypted) + "The extra builtin 'rageImportEncrypted' is not available, so repo.secrets cannot be decrypted. Did you forget to add nix-plugins and point it to `./nix/extra-builtins.nix` ?"; + builtins.extraBuiltins.rageImportEncrypted; +in +{ + imports = [ + (rageImportEncrypted inputs.self.secretsConfig.masterIdentities ./secrets/global.nix.age) + ]; + globals = { + net.vlans = { + home = rec { + id = 10; + cidrv4 = "10.99.${toString id}.0/24"; + cidrv6 = "fd${toString id}::/64"; + }; + services = rec { + id = 20; + cidrv4 = "10.99.${toString id}.0/24"; + cidrv6 = "fd${toString id}::/64"; + }; + devices = rec { + id = 30; + cidrv4 = "10.99.${toString id}.0/24"; + cidrv6 = "fd${toString id}::/64"; + }; + iot = rec { + id = 40; + cidrv4 = "10.99.${toString id}.0/24"; + cidrv6 = "fd${toString id}::/64"; + }; + guests = rec { + id = 50; + cidrv4 = "10.99.${toString id}.0/24"; + cidrv6 = "fd${toString id}::/64"; + }; + }; + services = { + adguardhome = { + domain = "adguardhome.${globals.domains.web}"; + host = "nucnix-adguardhome"; + }; + forgejo = { + domain = "forge.${globals.domains.web}"; + host = "elisabeth-forgejo"; + }; + immich = { + domain = "immich.${globals.domains.web}"; + host = "elisabeth-immich"; + }; + nextcloud = { + domain = "nc.${globals.domains.web}"; + host = "elisabeth-nextcloud"; + }; + ollama = { + domain = "ai.${globals.domains.web}"; + host = "elisabeth-ollama"; + }; + paperless = { + domain = "ppl.${globals.domains.web}"; + host = "elisabeth-paperless"; + }; + ttrss = { + domain = "rss.${globals.domains.web}"; + host = "elisabeth-ttrss"; + }; + vaultwarden = { + domain = "pw.${globals.domains.web}"; + host = "elisabeth-vaultwarden"; + }; + yourspotify = { + domain = "sptfy.${globals.domains.web}"; + host = "elisabeth-yourspotify"; + }; + apispotify = { + domain = "apisptfy.${globals.domains.web}"; + host = "elisabeth-apispotify"; + }; + kanidm = { + domain = "auth.${globals.domains.web}"; + host = "elisabeth-kanidm"; + }; + oauth2-proxy = { + domain = "oauth2.${globals.domains.web}"; + host = "elisabeth-oauth2-proxy"; + }; + actual = { + domain = "actual.${globals.domains.web}"; + host = "elisabeth-actual"; + }; + firefly = { + domain = "money.${globals.domains.web}"; + host = "elisabeth-firefly"; + }; + homebox = { + domain = "homebox.${globals.domains.web}"; + host = "elisabeth-homebox"; + }; + invidious = { + domain = "yt.${globals.domains.web}"; + host = "elisabeth-invidious"; + }; + blog = { + domain = "blog.${globals.domains.web}"; + host = "elisabeth-blog"; + }; + netbird = { + domain = "netbird.${globals.domains.web}"; + host = "elisabeth-netbird"; + }; + }; + }; +} diff --git a/hosts/elisabeth/fs.nix b/hosts/elisabeth/fs.nix index 771905f..d157f0c 100644 --- a/hosts/elisabeth/fs.nix +++ b/hosts/elisabeth/fs.nix @@ -1,4 +1,9 @@ -{ config, lib, ... }: +{ + config, + lib, + # globals, + ... +}: { disko.devices = { disk = { @@ -127,7 +132,8 @@ }; wireguard.scrtiny-patrick.server = { - host = config.secrets.secrets.global.domains.web; + #host = globals.domains.web; + host = "3.3.3.3"; port = 51831; reservedAddresses = [ "10.44.0.0/16" diff --git a/hosts/elisabeth/guests.nix b/hosts/elisabeth/guests.nix index 5a53f0c..9217cec 100644 --- a/hosts/elisabeth/guests.nix +++ b/hosts/elisabeth/guests.nix @@ -4,177 +4,9 @@ inputs, lib, minimal, - nodes, ... }: -let - domainOf = - hostName: - let - domains = { - adguardhome = "adguardhome"; - forgejo = "forge"; - immich = "immich"; - nextcloud = "nc"; - ollama = "ai"; - paperless = "ppl"; - ttrss = "rss"; - vaultwarden = "pw"; - yourspotify = "sptfy"; - apispotify = "apisptfy"; - kanidm = "auth"; - oauth2-proxy = "oauth2"; - actual = "actual"; - firefly = "money"; - homebox = "homebox"; - invidious = "yt"; - blog = "blog"; - }; - in - "${domains.${hostName}}.${config.secrets.secrets.global.domains.web}"; - # TODO hard coded elisabeth nicht so schön - ipOf = hostName: nodes."elisabeth-${hostName}".config.wireguard.elisabeth.ipv4; -in { - services.netbird.server.proxy = - let - cfg = nodes.elisabeth-netbird.config.services.netbird.server; - in - { - domain = "netbird.${config.secrets.secrets.global.domains.web}"; - enable = true; - enableNginx = true; - signalAddress = "${nodes.elisabeth-netbird.config.wireguard.elisabeth.ipv4}:${toString cfg.signal.port}"; - relayAddress = "${nodes.elisabeth-netbird.config.wireguard.elisabeth.ipv4}:${toString cfg.relay.port}"; - managementAddress = "${nodes.elisabeth-netbird.config.wireguard.elisabeth.ipv4}:${toString cfg.management.port}"; - dashboardAddress = "${nodes.elisabeth-netbird.config.wireguard.elisabeth.ipv4}:80"; - }; - services.nginx = - let - blockOf = - hostName: - { - virtualHostExtraConfig ? "", - maxBodySize ? "500M", - port ? 3000, - upstream ? hostName, - protocol ? "http", - ... - }: - { - upstreams.${hostName} = { - servers."${ipOf upstream}:${toString port}" = { }; - extraConfig = '' - zone ${hostName} 64k ; - keepalive 5 ; - ''; - }; - virtualHosts.${domainOf hostName} = { - forceSSL = true; - useACMEHost = "web"; - locations."/" = { - proxyPass = "${protocol}://${hostName}"; - proxyWebsockets = true; - X-Frame-Options = "SAMEORIGIN"; - }; - extraConfig = - '' - client_max_body_size ${maxBodySize} ; - '' - + virtualHostExtraConfig; - }; - }; - proxyProtect = - hostName: - { - allowedGroup ? true, - ... - }@cfg: - lib.mkMerge [ - (blockOf hostName cfg) - { - virtualHosts.${domainOf hostName} = { - locations."/".extraConfig = '' - auth_request /oauth2/auth; - error_page 401 = /oauth2/sign_in; - - # pass information via X-User and X-Email headers to backend, - # requires running with --set-xauthrequest flag - auth_request_set $user $upstream_http_x_auth_request_preferred_username; - # Set the email to our own domain in case user change their mail - auth_request_set $email "''${upstream_http_x_auth_request_preferred_username}@${config.secrets.secrets.global.domains.web}"; - proxy_set_header X-User $user; - proxy_set_header X-Email $email; - - # if you enabled --cookie-refresh, this is needed for it to work with auth_request - auth_request_set $auth_cookie $upstream_http_set_cookie; - add_header Set-Cookie $auth_cookie; - ''; - locations."/oauth2/" = { - proxyPass = "http://oauth2-proxy"; - extraConfig = '' - proxy_set_header X-Scheme $scheme; - proxy_set_header X-Auth-Request-Redirect $scheme://$host$request_uri; - ''; - }; - - locations."= /oauth2/auth" = { - proxyPass = - "http://oauth2-proxy/oauth2/auth" - + lib.optionalString allowedGroup "?allowed_groups=${hostName}_access"; - extraConfig = '' - internal; - - proxy_set_header X-Scheme $scheme; - # nginx auth_request includes headers but not body - proxy_set_header Content-Length ""; - proxy_pass_request_body off; - ''; - }; - }; - } - ]; - in - lib.mkMerge [ - { - enable = true; - recommendedSetup = true; - virtualHosts."netbird.${config.secrets.secrets.global.domains.web}".useACMEHost = "web"; - } - (blockOf "vaultwarden" { maxBodySize = "1G"; }) - (blockOf "forgejo" { maxBodySize = "1G"; }) - (blockOf "immich" { - maxBodySize = "5G"; - virtualHostExtraConfig = '' - proxy_buffering off; - proxy_request_buffering off; - ''; - }) - (proxyProtect "adguardhome" { }) - (proxyProtect "oauth2-proxy" { allowedGroup = false; }) - (blockOf "paperless" { maxBodySize = "5G"; }) - (proxyProtect "ttrss" { port = 80; }) - (proxyProtect "invidious" { }) - (blockOf "yourspotify" { port = 80; }) - (blockOf "blog" { port = 80; }) - (blockOf "homebox" { }) - (proxyProtect "ollama" { }) - (proxyProtect "firefly" { port = 80; }) - (blockOf "apispotify" { - port = 3000; - upstream = "yourspotify"; - }) - (blockOf "nextcloud" { - maxBodySize = "5G"; - port = 80; - }) - (blockOf "kanidm" { - protocol = "https"; - virtualHostExtraConfig = '' - proxy_ssl_verify off ; - ''; - }) - ]; guests = let @@ -219,11 +51,9 @@ in ../../config/services/${guestName}.nix { node.secretsDir = config.node.secretsDir + "/${guestName}"; - networking.nftables.firewall.zones.untrusted.interfaces = - if lib.length config.guests.${guestName}.networking.links < 2 then - config.guests.${guestName}.networking.links - else - [ ]; + networking.nftables.firewall.zones.untrusted.interfaces = lib.mkIf ( + lib.length config.guests.${guestName}.networking.links == 1 + ) config.guests.${guestName}.networking.links; } ]; }; @@ -233,11 +63,11 @@ in backend = "microvm"; microvm = { system = "x86_64-linux"; - interfaces."lan" = { }; + interfaces.lan = { }; baseMac = config.secrets.secrets.local.networking.interfaces.lan01.mac; }; extraSpecialArgs = { - inherit (inputs.self) nodes; + inherit (inputs.self) nodes globals; inherit (inputs.self.pkgs.x86_64-linux) lib; inherit inputs minimal stateVersion; }; @@ -247,15 +77,11 @@ in mkContainer = guestName: cfg: { ${guestName} = mkGuest guestName cfg // { backend = "container"; - container.macvlans = [ "lan" ]; + container.macvlans = [ "lan-services" ]; extraSpecialArgs = { - inherit - lib - nodes - inputs - minimal - stateVersion - ; + inherit (inputs.self) nodes globals; + inherit (inputs.self.pkgs.x86_64-linux) lib; + inherit inputs minimal stateVersion; }; }; }; diff --git a/hosts/elisabeth/net.nix b/hosts/elisabeth/net.nix index ab03195..09ec30c 100644 --- a/hosts/elisabeth/net.nix +++ b/hosts/elisabeth/net.nix @@ -1,96 +1,151 @@ -{ config, lib, ... }: +{ + config, + lib, + globals, + ... +}: +let + inherit (lib) + flip + mapAttrsToList + mkMerge + genAttrs + attrNames + ; +in { networking = { inherit (config.secrets.secrets.local.networking) hostId; }; - systemd.network.networks = { - "10-lan01" = { - address = [ - (lib.net.cidr.hostCidr config.secrets.secrets.global.net.ips.${config.node.name} - config.secrets.secrets.global.net.privateSubnetv4 - ) - ]; - gateway = [ (lib.net.cidr.host 1 config.secrets.secrets.global.net.privateSubnetv4) ]; - #matchConfig.MACAddress = config.secrets.secrets.local.networking.interfaces.lan01.mac; - matchConfig.Name = "lan"; - dhcpV6Config.UseDNS = false; - dhcpV4Config.UseDNS = false; - ipv6AcceptRAConfig.UseDNS = false; - networkConfig = { - MulticastDNS = true; + networking.nftables.firewall.zones = genAttrs (attrNames globals.net.vlans) (name: { + interfaces = [ "lan-${name}" ]; + }); + systemd.network.netdevs = mkMerge ( + flip mapAttrsToList globals.net.vlans ( + name: + { + id, + ... + }: + { + "40-vlan-${name}" = { + netdevConfig = { + Name = "vlan-${name}"; + Kind = "vlan"; + }; + vlanConfig.Id = id; + }; + "50-macvlan-${name}" = { + netdevConfig = { + Name = "lan-${name}"; + Kind = "macvlan"; + }; + extraConfig = '' + [MACVLAN] + Mode=bridge + ''; + }; + } + ) + ); + systemd.network.networks = mkMerge ( + [ + { + "40-vlans" = { + matchConfig.Name = "lan01"; + networkConfig.LinkLocalAddressing = "no"; + }; + } + ] + ++ (flip mapAttrsToList globals.net.vlans ( + name: + { + cidrv4, + cidrv6, + ... + }: + { + "40-vlans".vlan = [ "vlan-${name}" ]; + "10-vlan-${name}" = { + matchConfig.Name = "vlan-${name}"; + # This interface should only be used from attached macvtaps. + # So don't acquire a link local address and only wait for + # this interface to gain a carrier. + networkConfig.LinkLocalAddressing = "no"; + linkConfig.RequiredForOnline = "carrier"; + extraConfig = '' + [Network] + MACVLAN=lan-${name} + ''; + }; + "20-lan-${name}" = { + address = [ + (lib.net.cidr.hostCidr 1 cidrv4) + ]; + matchConfig.Name = "lan-${name}"; + networkConfig = { + MulticastDNS = true; + IPv6PrivacyExtensions = "yes"; + IPv4Forwarding = "yes"; + IPv6SendRA = true; + IPv6AcceptRA = false; + DHCPPrefixDelegation = true; + }; + ipv6Prefixes = [ + { Prefix = cidrv6; } + ]; + }; + } + )) + ); + networking.nftables.firewall = { + snippets.nnf-ssh.enable = lib.mkForce false; + rules = { + ssh = { + from = [ + "home" + ]; + to = [ "local" ]; + allowedTCPPorts = [ 22 ]; }; }; }; - boot.initrd.systemd.network = { - enable = true; - networks = { - # redo the network cause the livesystem has macvlans - "10-lan01" = { - address = [ - (lib.net.cidr.hostCidr config.secrets.secrets.global.net.ips.${config.node.name} - config.secrets.secrets.global.net.privateSubnetv4 - ) - ]; - gateway = [ (lib.net.cidr.host 1 config.secrets.secrets.global.net.privateSubnetv4) ]; - matchConfig.MACAddress = config.secrets.secrets.local.networking.interfaces.lan01.mac; - dhcpV6Config.UseDNS = false; - dhcpV4Config.UseDNS = false; - ipv6AcceptRAConfig.UseDNS = false; - networkConfig = { - IPv6PrivacyExtensions = "yes"; - MulticastDNS = true; + + boot.initrd = { + + availableKernelModules = [ + "8021q" + ]; + systemd.network = { + enable = true; + networks = { + # redo the network cause the livesystem has macvlans + "10-lanhome" = { + address = [ + # (lib.net.cidr.hostCidr 1 globals.net.vlans.home.cidrv4) + ]; + matchConfig.Name = "vlan-home"; + networkConfig = { + IPv6PrivacyExtensions = "yes"; + }; + }; + "40-vlans" = { + matchConfig.MACAddress = config.secrets.secrets.local.networking.interfaces.lan01.mac; + vlan = [ + "vlan-home" + ]; + }; + }; + netdevs = { + "10-vlan-home" = { + netdevConfig = { + Name = "vlan-home"; + Kind = "vlan"; + }; + # vlanConfig.Id = globals.net.vlans.home.id; }; }; }; }; - networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" ]; - wireguard.elisabeth.server = { - host = - lib.net.cidr.host config.secrets.secrets.global.net.ips.${config.node.name} - config.secrets.secrets.global.net.privateSubnetv4; - reservedAddresses = [ - "10.42.0.0/20" - "fd00:1764::/112" - ]; - openFirewall = true; - }; - # To be able to ping containers from the host, it is necessary - # to create a macvlan on the host on the VLAN 1 network. - networking.macvlans.lan = { - interface = "lan01"; - mode = "bridge"; - }; - - age.secrets.cloudflare_token_acme = { - rekeyFile = ./secrets/cloudflare_api_token.age; - mode = "440"; - group = "acme"; - }; - security.acme = { - acceptTerms = true; - defaults = { - email = config.secrets.secrets.global.devEmail; - dnsProvider = "cloudflare"; - dnsPropagationCheck = true; - reloadServices = [ "nginx" ]; - credentialFiles = { - "CF_DNS_API_TOKEN_FILE" = config.age.secrets.cloudflare_token_acme.path; - "CF_ZONE_API_TOKEN_FILE" = config.age.secrets.cloudflare_token_acme.path; - }; - }; - }; - security.acme.certs.web = { - domain = config.secrets.secrets.global.domains.web; - extraDomainNames = [ "*.${config.secrets.secrets.global.domains.web}" ]; - }; - users.groups.acme.members = [ "nginx" ]; - environment.persistence."/state".directories = [ - { - directory = "/var/lib/acme"; - user = "acme"; - group = "acme"; - mode = "0755"; - } - ]; } diff --git a/hosts/elisabeth/secrets/generated/dhparams.pem.age b/hosts/elisabeth/secrets/generated/dhparams.pem.age deleted file mode 100644 index d432a23..0000000 --- a/hosts/elisabeth/secrets/generated/dhparams.pem.age +++ /dev/null @@ -1,20 +0,0 @@ -age-encryption.org/v1 --> X25519 WretELIMVw/omsoHEMGR7PsFsfiUEfyUmlKMzmrw+wA -IW+zJKWSMfZiKs1LQwuAtej7ZDEvDt5oY+wfWpZoB1c --> piv-p256 XTQkUA A5MNklHowU6rYbcJBT/+dW0v9Gex5IJ1sC5ksuRsfu1k -VPN/pCvMXi6Uc1uk6yuySK/e8bSjJ66zm4W62leQpBk --> piv-p256 ZFgiIw Ah5jjfu6nrqXrW7YqfIEKWF3PrLOmEEM5LhRvi5EJVmE -MaVt5imJLBgM3NEw7tc18g9jMwPRl9c5RgCFzDIl8hk --> piv-p256 5vmPtQ AqViuuU1xW/ngBTWFMjZax9SaQyZ/COo0fHNOwq/8Hkb -MDD3bD8PMS3AWPougqz/BXGGZGGnFPafZ0dc7Xqa0VM --> piv-p256 ZFgiIw AuTg62739Zom64yEb4FZfA5lyeW9YP9h+3iDQJcQZSuM -TtwsPfCJi6bYH8tpPSdf9ZQlpXUC6t/AT1wM2aCXcNM --> "-grease -n7GU3iZJjAz/ul8nNXzXYtrR ---- mvuAEeT2IOYZKF9u/htBSJSAxKuzLjx4hR65yyHzPK4 -f?e.*'L 7ծB=Q&c?*W#"$Ee~?1Aa1ElƶxƼ\f'Xb"Kf ohy|I5h%?CK R5C! T7'=zIS&A&lv$JYRL DVO"åў LS|\St,Ŏǀwɬ,]>Q8uL~L&h `pX)l -`ӸL/R Dja5@=5|@R- a돐Xs^`ab^0qrٙF%CYk&%ʪ7VUj2.K'c!Ȱ+A [ r&j[Gt2D}-Hž40奣&W,;}ؒ5ð -Zm^[=L a( -4=N8==KQl^mA?*$+VǗ%UZ"2B7b>M(bAV^پa1bgA,:ŭR.RZ6M! BQEl -ӹ~q= JR{#fwQC>cOfq.eY@_붹 X25519 Mv11pZInyrNKXp9yT3maeq+nLpYWEKGSTog8bpa/KWw -ybH+dojanR8n4Ubq1H9D7CE5ipz9y3nqUnqw/6h9VNY --> piv-p256 XTQkUA A3oYQXSUKuRPADT5kQEcZdgnkWuquWC2IMTYY7PHxU2g -dHajYp4/VOsBjdhQD1+UmX47F0v6q54zAFtJk82H1Os --> piv-p256 ZFgiIw As8XHst+QSiFmM+jsDEPunagwwGsy9XG5ECAH3p4nUzp -qRxV2IOLGyMvsGIIKEj5wsjPzv8VB3s8UsXZ5tSJwxE --> piv-p256 5vmPtQ At3pi/3ckCTfglnBNUOo3Iw182iBhm4/BdpEo6j51FZi -hJlqdt9g3g/BnvoXzjpjJgaRaNQlNgebF1SvGxLFTkw --> piv-p256 ZFgiIw A3idLYAMWytoYJMcEl3wMbmWYxkFKMgQyBBp6KT/+OsY -29hfrgCAF+wRMQD4f+cItT63oOp0lx05FqpCKZTNyXs --> 9O-grease < `3z5 sj+v -Qp3zpkMRcdwm62T+5GuIsMOd8dP1UetRc2x+z95NyQGM4lgNwjV2yoGPFNo8igPR -Hd7p4XkjjEcYtS9jv8m+pZbIi2KRdVCMLRC8f+Av7Y2ONQI ---- ViopD9rjKx8zdT8FHjYlB+N0MUsQT9imiTv8dlzF6RU -z灹 ~{rːƦo]-!;$dJ<|Is*ӷv$ \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-actual.pub b/secrets/wireguard/elisabeth/keys/elisabeth-actual.pub deleted file mode 100644 index db258a8..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-actual.pub +++ /dev/null @@ -1 +0,0 @@ -n3HlzW2vkFj565rNTLcZHgJbBip9MXe4s1rctRWi1TQ= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-adguardhome.age b/secrets/wireguard/elisabeth/keys/elisabeth-adguardhome.age deleted file mode 100644 index dbca36d..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-adguardhome.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 OJ8Lc0YjxJytlBJ14MMt6cuzyNeXkdOnh+mFymRz52U -sqSNr/vm5OZvaoiLTMxCcncIKtsGaZFfgHUXxFEfyiA --> piv-p256 XTQkUA AhTYzUCOiOKq4EEU/bjl/eAkeDwo8o4YNVGKWw5Fuhux -ryBAAFjmFQM+4BLL66/Uvbb9Rtwb+neZS//aXYtHucY --> piv-p256 ZFgiIw AtoEavPlKH74ztkeKOqRyPrzWQ7HLgE4yRrPxhGhRBX5 -K1X0z4320HfFUDfNlYVJ73y6dp8ZtUXm31A86lud1cI --> piv-p256 5vmPtQ AkNdVLt9VK/jBtew/8P70REU+qLxfsa8/4hsHaUD89cI -0odU8kcEA2hLHi5j8MW9twXX8zskKLudJPwyFT4/h0Q --> piv-p256 ZFgiIw Axrpxh2W6qRG46jz+DLqIf74ZaSregbkUpKGlf/YFxcx -0pPiAtjPImcD+tnw4iKqiUPMW3q/edcX9z9/ZhEo67A --> L1Uvx5wl-grease |&LSN XV(8oXE S*[P j6 -JxdNfsiy1wJneYw90pf7Nlu7maEmuoC+KEXNpEB65P9TO16LfEobXUd5jwd+qjKG -GbvBchGQbYb5lFuVFbcgQDaI2Smadf4/IZZIfQ ---- UXIgkYtiD7ga9iZQAypc3agc0j8i1lbtdvNUphx2VZo -`~pKbFQS"Y2 ;r#UuOqx{.ߣe[vEE LխIM"mC \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-adguardhome.pub b/secrets/wireguard/elisabeth/keys/elisabeth-adguardhome.pub deleted file mode 100644 index 8e838f3..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-adguardhome.pub +++ /dev/null @@ -1 +0,0 @@ -np/SufIR7ds1sqhdyEOf3bBXmvauVFnvcprB2osMAQE= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-blog.age b/secrets/wireguard/elisabeth/keys/elisabeth-blog.age deleted file mode 100644 index 4b9d5c6..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-blog.age +++ /dev/null @@ -1,17 +0,0 @@ -age-encryption.org/v1 --> X25519 eVtVzXtvsEgbNOdIy4VDn1FbpMAoSZ89cHEoFF+zDls -0naCdMLWG6MRREA/+OC+xbjxDnPXXfcwdvhGY9bmF3I --> piv-p256 ZFgiIw A0b4W+z9JJLdoeLsceIWTgfq9AGhGCYzghM8A/xxi73q -9z6A/Xk39YcMlY6vflm/HEvMjjrfC8hcp9SVIZ601Xs --> piv-p256 XTQkUA As6ZR0tijPVbIGJJQE7ebHDJVuMdvEF7uSecCAFZBr8q -f6KhqssOYi6Lm7xpNaQEtHKZ6qyd3/lRLDI7Id0+1I8 --> piv-p256 ZFgiIw AuJ8buC0fCg9gT9DpLSAfVFpYue6nKwq1Q4RLZU0eIfy -+UP/GGc/qW8wznHYVsW7xFuK4/pLgvesoODaafsZDhs --> piv-p256 5vmPtQ AyrqpWUElWE9Ai+DeV1lUq+nHAqaZFZkMTPPIu0DiesF -S5T0MFAArqnNXtwrYGzAi5rK+BkWn/Gs8U6vtqijIwc --> 0Skk=zN=-grease E: ]pN}4 -zV/hyZHiaSckbVGuS+oNFItTxcLKTyL8G4G+Btzcym1Afm0CCrXL5fc/ss7tQ7Mx -ac7JEfvv9cCnAezvog ---- rvFVqJgSmwEk/Qy4x/LoIlAuJ6JtWxFvInGyO7lv96k -4Nࣅ -/LҩCI*˨2.!.1 a@3T9)]tmI-&5t \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-blog.pub b/secrets/wireguard/elisabeth/keys/elisabeth-blog.pub deleted file mode 100644 index 229d1e9..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-blog.pub +++ /dev/null @@ -1 +0,0 @@ -DVpnYaoXKKk37IbTyG08bTWogBAD9N/s2PVodeHFaXo= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-firefly.age b/secrets/wireguard/elisabeth/keys/elisabeth-firefly.age deleted file mode 100644 index e1640a7..0000000 Binary files a/secrets/wireguard/elisabeth/keys/elisabeth-firefly.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-firefly.pub b/secrets/wireguard/elisabeth/keys/elisabeth-firefly.pub deleted file mode 100644 index e06741c..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-firefly.pub +++ /dev/null @@ -1 +0,0 @@ -9xRD/oWYa5zpt7Om257Aj7U9IV6zKo4OqDBUxVzHo2A= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-forgejo.age b/secrets/wireguard/elisabeth/keys/elisabeth-forgejo.age deleted file mode 100644 index bb01348..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-forgejo.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 eycLfsdMAUw2tJj5x33PGrfpUpivh/HTPa68TmTPmGQ -sTqEotydAfRHRRjI1JzO04OKBoHyVy0yk1wbdE4Psjc --> piv-p256 XTQkUA AhCVTIgeo2WfoMZOvjZpf+YrQtruXlc5zt4u7giH6iOM -XYE/PHqHLWdTTYeBa12wIEMYp4dWa1uUkIRVB1SZ32U --> piv-p256 ZFgiIw Akz/mZ2lQ/ZdzCX5R9rbM75WrMuJNGUYQ/jmsAzD8S25 -a57G5Ceu7PcT0RK3gxbUmkqQoD6x3yjciqOU4JR69OM --> piv-p256 5vmPtQ AzJjFtgTTuJxJRj2vJGJyOEnlYSa1teV4HPliIpffFHx -mLYOWr6SuCu5kgMUnTMDmXDpUZO6gnwm3V3qXRMxKDU --> piv-p256 ZFgiIw A/OaBb5aN3DKxTAK4n2WtYvKGLZmRb4YCzlih9re4PcF -b45rIFE73gyGiRimMTREoMVSxWPbho8kwM0NzPGeNV4 --> TjQN9Fe6-grease 90VQ v=D -p4sbV1E ---- Wv+ihDw2UuzFYlPz6bQN/9kpXygD1+IWXzhM3g/q/ZQ -W+Gd$xz5˕a5zM~7j!hFdP0Mk/p \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-forgejo.pub b/secrets/wireguard/elisabeth/keys/elisabeth-forgejo.pub deleted file mode 100644 index 67e34ce..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-forgejo.pub +++ /dev/null @@ -1 +0,0 @@ -7MnECQQR91RRR4S2M7iW0h8wDn4Ewhj7R2Z+y8AAg2A= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-homebox.age b/secrets/wireguard/elisabeth/keys/elisabeth-homebox.age deleted file mode 100644 index d611b91..0000000 Binary files a/secrets/wireguard/elisabeth/keys/elisabeth-homebox.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-homebox.pub b/secrets/wireguard/elisabeth/keys/elisabeth-homebox.pub deleted file mode 100644 index e6178b1..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-homebox.pub +++ /dev/null @@ -1 +0,0 @@ -QZ8sx7wJ0pMAfxyA1hDgcemyI26/Vfaf7TICofiXPhM= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-immich.age b/secrets/wireguard/elisabeth/keys/elisabeth-immich.age deleted file mode 100644 index 459c1a0..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-immich.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 QmW1YFkf2wn5zgzh1wLmb+dLk0+1/D6FWUEKg7mxciw -OR7j2nCl9FxcKBxMsJN0i3jrv5UQOxDGnwfmye7DYxo --> piv-p256 XTQkUA AnTdNy1t0SAaeHIG91KQmlMVpAKqmalwfktAg91FL4aB -Z+jBzSM0JmJFzcqMe3N7r0HdFGeOnDVGh4ROYTYVP08 --> piv-p256 ZFgiIw Alks31//hpPgAS3ADktyVTQdT/Ab4Yu8FajsmWBijhqD -PzmjkWcHT8sEeKvIZLWNaUkFhR92YQ0Vs0SkG1c+lpQ --> piv-p256 5vmPtQ A0t2/mWwCHc/UpwYvkObwJZ1gTqMYyjhljelgQCXNM+m -5q3i0ClG03ASXtlqBHMbhCFYSPem3d8y3lkFeEUW0eI --> piv-p256 ZFgiIw AxL98VRYkHkM+uDSBWTI8bjdgvboJQ3o5l0M6ICq9IbF -N+Sb5dU3rksUVD4QFNu6U0jgs8Mo71CGWn4GiUb5CAU --> e=H-grease T :(0"zbb` 7" -TkofyvqI9KJyWtPh3r4GLt0zpT5CJxo720xjJihdUjHeOLp4oVbhV1z2J2dsfJdG -vuZ3EBDXzhYYtLfVyQZltSKRSOw+5za9b7MEdKaulAMPeRo ---- qoqvdfP6fW3lXoN6DP2Qvl1NFXB4S3iipvV8gUiu/CY - Ǐ/hK?8CCWQ{ٹi{,ιCEG\G8jP{6BLbOnR(($ \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-immich.pub b/secrets/wireguard/elisabeth/keys/elisabeth-immich.pub deleted file mode 100644 index 1cd5a7f..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-immich.pub +++ /dev/null @@ -1 +0,0 @@ -V/8fGOARvXPqD+bZmn1n6E+/6R5bhP7kO15eKJctqTE= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-invidious.age b/secrets/wireguard/elisabeth/keys/elisabeth-invidious.age deleted file mode 100644 index 0219ba9..0000000 Binary files a/secrets/wireguard/elisabeth/keys/elisabeth-invidious.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-invidious.pub b/secrets/wireguard/elisabeth/keys/elisabeth-invidious.pub deleted file mode 100644 index d427d93..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-invidious.pub +++ /dev/null @@ -1 +0,0 @@ -34nMC0dvuS70Rn+685ExtKqQcEHdJvUzVvTcTZNwoVM= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-kanidm.age b/secrets/wireguard/elisabeth/keys/elisabeth-kanidm.age deleted file mode 100644 index b08546a..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-kanidm.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 fFaEXRFuLeEW1V7DL243Zno37t1iA/ZoNatPCeh2LAc -bJ0y06//wH8ik5U1bfFifh+pmeOR0YpkZQoGscjMWSw --> piv-p256 XTQkUA Aidtub6Z2JRPQDYO7Kz6bt+dQ2pmoNmbWxtViDt6F4GK -2sJMJfb4s/7KLjbjscvj7PktYrq+Y63GtAq8FQHiq9M --> piv-p256 ZFgiIw Aw59iVn6zdxOepPlOge2b7As/G4+xWlVFYaVKkQOGwnw -m5PFMiGMV84Z6RY33ThrInsEKJTz92XFywunORtcw7c --> piv-p256 5vmPtQ AuWWwbt+X8944l9dQdrop5cU7Yba4d6iNtgDcaOecfsH -l8/suY98Y0OLbYwhuLU6TYr7p9ZgTa5MvH/RvNwkWKQ --> piv-p256 ZFgiIw A0QKpC1NyUusFefjUhHLQ+/0+nNWl928B1bZuXluWAQl -OcC8nBvW5KvozJSGX9gIyO8sh3DBxo9tOMQUhqjxKSk --> v6t-grease -XjsK/Era/aby9lXJis4lXJrRGLUyyiwjo+jCOUwazvB5ZegR+2hXI8zjd78CgvXX -Iw ---- oYdppQraw32pbZ3RTXwoIv7A18Ul4wGCECPeZuxxvtI -&'ض.[7~r=sOu2u;hTzO}F,e+zT..+vUD \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-kanidm.pub b/secrets/wireguard/elisabeth/keys/elisabeth-kanidm.pub deleted file mode 100644 index 84fcb18..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-kanidm.pub +++ /dev/null @@ -1 +0,0 @@ -/89yv+rT1lqLAtDoIynHCEgHcrv6lwfoPTp7/4GP4ks= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-netbird.age b/secrets/wireguard/elisabeth/keys/elisabeth-netbird.age deleted file mode 100644 index 1029bf0..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-netbird.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 zghXrLqQhlVqAAbMi1k8gvG5IjG9boIJCyEx63DwwGo -/ae8dzj7mPxZdpciA+lLiR6H/WCrIvTkUfaXGP+RZiY --> piv-p256 XTQkUA A4PgmdpN1WmH++JUTIdADZBqDrCQ2N8HP9FzQ7DtyJuU -CIzSKNP8YYYfMycueE564094XeKJ9mNEceAuUEnvFFI --> piv-p256 ZFgiIw AgxtRiqyF4Fo6Us/l8vXhWl2tQakCQGwd1Dogf/Wqnyv -Gi9O1lFR2hhfkXoC7cmlpT+iHx0DxeDFmuU9i+Gc4Ms --> piv-p256 5vmPtQ AsbmH20Pc58VF7tBnoE5iqzlrsahCDTHkvuyAQ4W5SPy -BcJr9QsIDanypSNZ0UWrt0VnJK99LM0FOmCQWc+2rPY --> piv-p256 ZFgiIw A5CT86jvz263c1GoDrtGVBXZx9EZeQwCL2d/tCXGqay3 -8kHhsuD77fPPLPe8JYTuHNcCtp0VJcdrTg220BVdyGc --> v-"@h-grease sJN %C \ ?mh0`=L -FarOmtacPX3pzMNzucQdNxI8MpVZdumJghhEPiukRJxp5+3InvEp7lvBhtZv49i3 -QPoKNFjUweN6aXA9Vs1cpSQ ---- k49nSQRFr22Pc4QtH0WlYQ2/yMpBXSJasmQ97ZcxLkU -^shʏLv++'8{ZC}ZPQ0U$:Y1NO l' \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-netbird.pub b/secrets/wireguard/elisabeth/keys/elisabeth-netbird.pub deleted file mode 100644 index 9ef8bfe..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-netbird.pub +++ /dev/null @@ -1 +0,0 @@ -yv8nqlqgBxDIf6oYrn01FRKoKnqZPfdenWIFHxfSLiA= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-nextcloud.age b/secrets/wireguard/elisabeth/keys/elisabeth-nextcloud.age deleted file mode 100644 index c6f3baa..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-nextcloud.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 iEBzJEtJTSmO3Sh0BMklgsGOBgVaiCYESkyvEjNRqg4 -f8QwJYgLHLCrILE3QjeTiRL3B7o/YyzJry43O2m4v1w --> piv-p256 XTQkUA A9pZLJ7fdKXK8/vAvk0dxotvScae5Y4nNXNDCwIPRm5M -AIsWjvaRKXLsKrPnncf70FmLBzZCoCApDutow7YBYNA --> piv-p256 ZFgiIw AgeKhANA0G02k3DHnLD6m3fr6JKEDboK5mxScP8azmnT -lLW7QTJRhTlfg1rWl5tmHlkSL3jtU3Q6XcNlCW839Wg --> piv-p256 5vmPtQ AkkCLbo5aWnOow68CsrVModJBDJmaberAIothw92Uj6W -iwVUFQkCOHg5e+EwuKZq21hkCk/8ZgyT2FrqD1vvMbs --> piv-p256 ZFgiIw A5ldqhV8Y7KIzQ7iKleWUqirmt9/YC5kqmP7mR+b779K -I2OwnqfBAZOHQ8R3kiz20PUJA7PJlaUsh5Q9+W2XDyY --> m*X-grease -tpDjVLTPOYTlDyBgstO+1xHdCTwc8iW0rOKpgqNF1iZH+e76Q7fUqt7OSSshyFqf -EZzGvqkemxXNLccD8VJXeeU5zLA4LqBEmNiK36zPzEMoJO8xEJ7SsmTtufY ---- RYsqETvw8iUKHCkw8z5mKPtEUds3e5WRn7o+llL33u0 -wypjl}س/V4"m@yZxu,pn=,:`Ʉ/0>3 \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-nextcloud.pub b/secrets/wireguard/elisabeth/keys/elisabeth-nextcloud.pub deleted file mode 100644 index 7565ecb..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-nextcloud.pub +++ /dev/null @@ -1 +0,0 @@ -qV+5b1yOMnHBE5hgKbJSDWnmvb15yt9XF37Le00C8wE= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-oauth2-proxy.age b/secrets/wireguard/elisabeth/keys/elisabeth-oauth2-proxy.age deleted file mode 100644 index b5f2668..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-oauth2-proxy.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 g1vqWzZctykJkoxT61vjFHJUqeNOKSg0bf3wCYB7MDc -D4JZnpctpgjZaIn5WK3/hpY9R5XhQHWnHFJ+Uh48ZIs --> piv-p256 XTQkUA A64jIlHXaqPB+WBfZFOrOihV6EF7Y2yt5BxVtGydv/E/ -JJ/yeiDQSl2NINj2sSN/TUzdNhgmrtI6NcPcp45tLSk --> piv-p256 ZFgiIw AmP5WWw0UADOv+ilwqnbRYtq4sQUPPIAANFNjf33yqKr -B5FRnKIDqLPAlFzrpZXjoiH6BhE51GRocvGhRrGFEv0 --> piv-p256 5vmPtQ AoFOKSUyPwm3C/KmrC7z38CFMXr/Ct9mzvil7bHjg4jV -hFV3hQGKo8zPOybLDnRYlyeNTX5kFb8AOwBrgZ0JTb0 --> piv-p256 ZFgiIw A8SpfqzsNh/My9UQSiBNFKH8p29bLNs3NfbBkAQbbr+0 -xeittOKnGG63GDguhqN2fYMg0LiLkqU3b7XStbDrrNY --> y-grease x#' X25519 Fpotjtu7lksK7LzYZTkTP7OXF2etf6k/jAs3qT63pyg -Az3CTRHiYmqI9mVSvt61WgbQa1Sw7tTI/GwuwGNm2Rk --> piv-p256 ZFgiIw AwwKW8KYhA3dsUgANUxvffEiFLOadwllahNrchfzQTfq -AO08XTSUINWT5eY1EgPqHHSY/y0gsgszz3psNnGSauA --> piv-p256 XTQkUA AuxujxLf1wM1siHqnkbayQ6C4KZbsAzdUO/8dsiTRohe -1AUfKkOngKRI4jPG820VihSIP5ms9jH8MvHlEBiwVAE --> piv-p256 ZFgiIw AqLEvSEzM5D4K/W67DVz7icte3mw5+FqFtBiv4Ba2xua -mbrEOcAnkiXq1Phh1SlnTjDuhLma+4hqv8FMceymOzQ --> piv-p256 5vmPtQ AzENFlgqOyGbU/FXskgenHamZs/H+78mS9PWsYoXXqae -pyx2IlIw+p+7dAUg5Ohj1cKxW/9S51LjR2A47aNgH0c --> AJ/nN^^b-grease P%To4qn; llf1 (\|f~06 -ROV54+I9IMrCY2DvOXDRsY4otebllTMp6ddWYA ---- PGvDf7ZhjEQzcNDXVlDw4Qehrs/lg7hi22vu/2lo0N8 -{ryԝ_{f#ß`M}є<id=pbnE- -$th:;.9w \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-ollama.pub b/secrets/wireguard/elisabeth/keys/elisabeth-ollama.pub deleted file mode 100644 index 9010873..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-ollama.pub +++ /dev/null @@ -1 +0,0 @@ -wODUgMHl+qSCB8O1purynIY/AaPyIJ4kCFCEHmRedEk= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-paperless.age b/secrets/wireguard/elisabeth/keys/elisabeth-paperless.age deleted file mode 100644 index f57fb82..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-paperless.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 m8FrH/TJL5v2er4GSGnDNLJGaTiRaiXYtxk7pGMMJnY -o6eINCtC6MdZUy3t5K7jWbWyp66YIILG8ndYxmRp974 --> piv-p256 XTQkUA Al8tF63UnANIwwup8gZEEcFb4DdF+6LDbe24InqpVfjb -dPAkYSsEe2vqmXx7k84bK0PYxiI8UKFHZzHswnSSQjs --> piv-p256 ZFgiIw AqUv2b0Mg00xIF9QoCa2u6YBrMJAMJQ5q5TkJlT94pyL -q6LsNNkptP6KHorvFTeVfbhQVWeKRcgl7dnaY23hDGM --> piv-p256 5vmPtQ AqIVMtD5c/hClFfSEjjEC/YEhuB1yk1Lgmse9yCkfdkA -V9/tCgauksldhaCRp8WZ9WfOSFPq4NOZptk+mp5dZI8 --> piv-p256 ZFgiIw A3LfSXJschjsAQHGwmkaHDeezim1DjR4T8n9hSpGj0I5 -rHpCP8fa0VxPYV6qAKYQLg6Jreyq++HDV/nUQJzTVzw --> ]-grease ?+jZ e jc:Xwo$ -O92bCAaMkQpSsOKzFztoIy94sjgyZs4RfFoBz9Zcwb+P3IaHUpTGvW8wyYOGNcm8 -2FLljf/kFZtHxtV8W7GtVnFDj0uwrMnClCnen329/46Ou6pHDcJ+/Q ---- swSl+llzwbh5ymR1l6iRQlTM0j+70PAw0v8xhZA/jlY -6W5B IVSs$#Cl:Ʋ+8+2ZRĥ"㤽o \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-paperless.pub b/secrets/wireguard/elisabeth/keys/elisabeth-paperless.pub deleted file mode 100644 index c6a8966..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-paperless.pub +++ /dev/null @@ -1 +0,0 @@ -k0IBTHKntu0plDUIApo0ZOa3XlAh2Wea09nih4Ahij8= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-pr-tracker.age b/secrets/wireguard/elisabeth/keys/elisabeth-pr-tracker.age deleted file mode 100644 index d30e0c0..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-pr-tracker.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 sJWb1AB1ani7iSARBKiza76F4BZ/1RT+nYo+h3SCvDM -G9r4LID6JVa+CbM+goWlorWNAutTfCWCRXkMKe68GnQ --> piv-p256 ZFgiIw AimY8gt/sR16sX1pmQ7KsWjklSprUl5xQT51DJ2CBrmo -35Gchuo7PlxnVg7nCmPX2l+Hwpqkn11Deh/gINotDK4 --> piv-p256 XTQkUA A4Y83D0/vdl4f2gr8g09YO5xTM2en6/zdXTA4tlXTzse -pt0/k460n/rw0pGQVmbBvWkmscra5wL7Q4pUfC1aqJs --> piv-p256 ZFgiIw A7kGeBnc71Bei30JFsrUPlhOYRfP/WwrtNYxyZ94blmd -tQcInK3OPdN5uYugFZc6JNMgMMrBHrNrfPLgK1GQuOU --> piv-p256 5vmPtQ A2cBNFJA8IFoZcUGhwpTCrrh9v+ffe6UhbJkhYvfv310 -zf161XjBEKWYDLwaWw+wGuCGJJFD6NatL3BgSQACB38 --> --grease \tv Z&IiJD *{Xl~2`' FOEGQ+s -hnw8ilMQCmjeH1dsP0p0Y6fY0X7l5goCmTR07RFMnXRH2Y7FQzSe5Ipg16+V9Rmj -1+RZABaebmFQFAJwtfFmeLXzsFVn0sMtflMR/wmunn+RuZ0XfzHzM0QOU2g ---- rdxJZDoceAdq9YF8GoDLcHz5UInJlcXCrOgr3/XxI/Q -Ч"V\ү/SwqH(H(=aPiǔ_:KS1tإ \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-pr-tracker.pub b/secrets/wireguard/elisabeth/keys/elisabeth-pr-tracker.pub deleted file mode 100644 index a8a442b..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-pr-tracker.pub +++ /dev/null @@ -1 +0,0 @@ -HKftlC7tQXYToYo0VLHqvdnZxQfNtJ8u0QDN3mLgqiA= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-ttrss.age b/secrets/wireguard/elisabeth/keys/elisabeth-ttrss.age deleted file mode 100644 index c40a975..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-ttrss.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 jCMM6Kfzndo9RElgyE/ufEMYrpwsowEpuYQ+U7NypCo -MBpF5pwy9moVqDHGudv0OxxG6UtdbKfvdphs89h3mi0 --> piv-p256 XTQkUA Asa11BAxSalte9zAy9P2TCw+OlzgPHHmVZJ0idqMUTOq -I7Uc1mXKZZCJ2sJ0vFvXzo0a173AwtO5IBQZ4LTfjuI --> piv-p256 ZFgiIw AxkNUN4odgmfqbKIddw7LtY5SEDB0oxMOg+/vo3ooiMZ -rX4mq9JYyp6secsjIclReA4hDdSumaEeVava7TtO36M --> piv-p256 5vmPtQ Au5aRQkGYLFwjjZGs/z/HDpVIwAMLK+O2FHK4tI+gxNw -HQYY3BJvG912yNOhne/e5Bosoa0N9i/d3Arsi1otmsQ --> piv-p256 ZFgiIw AhGklGMPM/rAaye57Fz2PO1CIMBNjRPyP1sgsBsFhdUL -ITdXsq7gZ/13qqTsvfh+8FReiBmIpRwI+vDL+UBQKGY --> ^}`pou-grease Wfm6eR *q.w\ ifZ #dT9 -vd8IjtgnVmIKwldS7/Ii71SzniVtW9G6tCCiSmPM3tZE1EaYy0Z/6KuKPyz+tWst -Y+i4j7okriIH645tQXaI0oHcx4VZFn+JyRdX7mYNldwoNW3OKA ---- bAVe+xtXMtXfbGWz8TC+Wvbpmb8d5YVtUtdYqIG6Qfo -CKv3mJ[l~0r)+2?Ѧ\U"MVQ'B*X@$DІXydJf9 \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-ttrss.pub b/secrets/wireguard/elisabeth/keys/elisabeth-ttrss.pub deleted file mode 100644 index ef955af..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-ttrss.pub +++ /dev/null @@ -1 +0,0 @@ -9kyNM6XKz6HRLBECG/xRwplVZ7o6SEIxTPDuTvcPxw0= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-vaultwarden.age b/secrets/wireguard/elisabeth/keys/elisabeth-vaultwarden.age deleted file mode 100644 index 0a46690..0000000 Binary files a/secrets/wireguard/elisabeth/keys/elisabeth-vaultwarden.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-vaultwarden.pub b/secrets/wireguard/elisabeth/keys/elisabeth-vaultwarden.pub deleted file mode 100644 index 23368fd..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-vaultwarden.pub +++ /dev/null @@ -1 +0,0 @@ -SX7PZcM1u/eJZM/ghvBDS7am6HZzlsxhK537HWp62VQ= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-yourspotify.age b/secrets/wireguard/elisabeth/keys/elisabeth-yourspotify.age deleted file mode 100644 index e61e5c1..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-yourspotify.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 8Xu4B4tsiFMALzzDr8aIj1srctAEZ1QKYzT9wTs0DwU -0URbUZ1UlEdZpo8vT/LiJHW5RERO61S7RrJYviO6OYQ --> piv-p256 XTQkUA A2ZwHHpSy6EzWxhfouDwh+PO//N1isE6TPUwAVPaAW2c -ljLdsmhEgsDRlz0y5Waea2FEm0k1L4W8igzYHz+/amk --> piv-p256 ZFgiIw AohzN9q6Jo0LVuuYmxzhfizqlRPnuAlYIKx6dvMYvcq/ -lSHu87hQJNVNHDTnMc9Se693+yELopkk6hFmUclLiuc --> piv-p256 5vmPtQ AsBXiyuQmIaO2+Z2GTyT/rdhai2ahEkYkcO+dYsibZX4 -DE5cSckHALqUdEYBe8Tpioo/DnD+DBpV/0pWZwvd2eI --> piv-p256 ZFgiIw AgSNI31rf5CH8Gy+3ulIla3MgNkLfaHO/wKtfu4XTG/Y -n10QiolManskviiW3ogFtTpbzr1Mcs7/nFCxO6IQvdg --> &\+nN-grease -xHRCwm5QRd8kTNpD9BNQflDjSoMEES64Y2yIHfbaEhJlLEp3MR+m2RzayFNxOfpr -zRjUwvQfjlhkS4bXLmYf5HHtBApMMX4 ---- Ucy5PhVNSDJP+v6m5QDaZcomuvr5Z4XveQSTJwCAMsM -Ha -5tTv3D۳^?ݸ\hu9.`E٬ cVBHG̞G \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/elisabeth-yourspotify.pub b/secrets/wireguard/elisabeth/keys/elisabeth-yourspotify.pub deleted file mode 100644 index 0285233..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth-yourspotify.pub +++ /dev/null @@ -1 +0,0 @@ -zipMs/ic3IPILamMOvnGWZU+PYdyA1i9UzC9UxRMXXc= diff --git a/secrets/wireguard/elisabeth/keys/elisabeth.age b/secrets/wireguard/elisabeth/keys/elisabeth.age deleted file mode 100644 index dbce60a..0000000 Binary files a/secrets/wireguard/elisabeth/keys/elisabeth.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/keys/elisabeth.pub b/secrets/wireguard/elisabeth/keys/elisabeth.pub deleted file mode 100644 index 90fdcb0..0000000 --- a/secrets/wireguard/elisabeth/keys/elisabeth.pub +++ /dev/null @@ -1 +0,0 @@ -01wz/sO0PIlwtKTfR2z8pQKzFt4kO5CSq57f32y2F0Q= diff --git a/secrets/wireguard/elisabeth/keys/nucnix-adguardhome.age b/secrets/wireguard/elisabeth/keys/nucnix-adguardhome.age deleted file mode 100644 index ec388f9..0000000 Binary files a/secrets/wireguard/elisabeth/keys/nucnix-adguardhome.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/keys/nucnix-adguardhome.pub b/secrets/wireguard/elisabeth/keys/nucnix-adguardhome.pub deleted file mode 100644 index fcabb70..0000000 --- a/secrets/wireguard/elisabeth/keys/nucnix-adguardhome.pub +++ /dev/null @@ -1 +0,0 @@ -F3tFnEGn58ahB2p4hI4xFRfwyK7SU3+Dx598DcLAQlA= diff --git a/secrets/wireguard/elisabeth/keys/octoprint.age b/secrets/wireguard/elisabeth/keys/octoprint.age deleted file mode 100644 index 1cd9d64..0000000 Binary files a/secrets/wireguard/elisabeth/keys/octoprint.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/keys/octoprint.pub b/secrets/wireguard/elisabeth/keys/octoprint.pub deleted file mode 100644 index 0da9cb1..0000000 --- a/secrets/wireguard/elisabeth/keys/octoprint.pub +++ /dev/null @@ -1 +0,0 @@ -eIq8a4zS+xAcuilz8dw2znMm8xzMmYm3jg7wvAX5UV8= diff --git a/secrets/wireguard/elisabeth/keys/patricknix.age b/secrets/wireguard/elisabeth/keys/patricknix.age deleted file mode 100644 index e8197bb..0000000 --- a/secrets/wireguard/elisabeth/keys/patricknix.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 kZNXioiEjSwPSSCQfLIUHJ/Po3Kjyzexkm9JOT02CUU -ZDtL78nQ9iM5br5keKL/HuuLO31giHa40m5YhoNkeN8 --> piv-p256 ZFgiIw AgNxOYUDaV1QTaV+IyMF09gouj/UtJA+y8H9h/MrgVM1 -luS8js59wJ3cfsEloakGvoMmMWNkkq3Rc/AAvbxCA0I --> piv-p256 XTQkUA A97+iI4FmLSEqnBpW7MJDFocMQBnv1yl5sNPLsZzapzP -CEmzOhcv6V6OGC3fpP8pUomlIRZxj05TQyYdDEtVwbI --> piv-p256 ZFgiIw Az7qLW7ASn9x4PQt5yswl6BWULosp8j9D1sIlYe+E+XW -g80n2hOdx1m8pw8jeCFPHOH34bOApNVxapgiQj13USc --> piv-p256 5vmPtQ Aj9Px4PctikcatMGBt7PTghHWLGtUXu0dbWUBROppbnX -5uYv5eEaZ6nfaId6JUaQSjbwTwZ+uyv7wSppAFZFnAM --> )K-#NG;f-grease w] Do -Jlm3URc6Elpr7TIlK8e5K6Xu1Xy1f/mpG6XgdWgPRbNNOf0dXddDRuFT3g6lf6tK -FVmTXrLndZmPq33DD0WP6MwtBWmDCeh59/3DpjmvSxppM6Q ---- Pj8J65gm8i3w3GErpi1PXNdeQs/8cGkG2vetkgOifis -mBF GpRbe:8iG8Uyl +V`014+B& \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/keys/patricknix.pub b/secrets/wireguard/elisabeth/keys/patricknix.pub deleted file mode 100644 index 89065f3..0000000 --- a/secrets/wireguard/elisabeth/keys/patricknix.pub +++ /dev/null @@ -1 +0,0 @@ -2l6LxDMuuo+vr3aAraMbaVrCMHbWNNIujpwjDD/UPWA= diff --git a/secrets/wireguard/elisabeth/keys/testienix.age b/secrets/wireguard/elisabeth/keys/testienix.age deleted file mode 100644 index 9f26b63..0000000 Binary files a/secrets/wireguard/elisabeth/keys/testienix.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/keys/testienix.pub b/secrets/wireguard/elisabeth/keys/testienix.pub deleted file mode 100644 index 849a828..0000000 --- a/secrets/wireguard/elisabeth/keys/testienix.pub +++ /dev/null @@ -1 +0,0 @@ -YFUko5BLbPFUxgMBOdRmuaP3W8MyKqcbKfGs+kJsaHQ= diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-actual.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-actual.age deleted file mode 100644 index f33733c..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-actual.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 EYthUGeAWjYiRRcvPvVuWppnAnVEKvbBgkegeGFGzGQ -STGglgLwWiYP0Plr69RVxlIGVh0ZohPCaUy0Tl2rnbw --> piv-p256 XTQkUA A1Tk7Xmx3KAxWakrxXyjLHzuAvwc0Y7p582tV/i45s/0 -nhkvRnz7+lr0df84MMoHQJbpUoj+0UrdTw/XISq8taU --> piv-p256 ZFgiIw A4rpsK3V2kcIQ2DRRL3Vj9nZUgANguzqvtHuLAVsCVlP -3V0M6j9CU/LWRkYaDI+3qvynu3s8UU91pjCaMEG8sTc --> piv-p256 5vmPtQ AsD/VOJLQcHSoOVtJ8zdHxSnOv2JX/MsAGP0fB3SPvBq -yy4YY33Tzflj3rQg9xVAfJe47NNeX3GLBn4iZa0+aVM --> piv-p256 ZFgiIw ApTVTCfJLHfVGA1Qbi44CisjSX4j/tJINa8xRDnEGYAN -4Z9/mK57H6JH7fsAlQTcEX/JjdzDiA+XgsA8tvcqM7U --> Vffv6Z%t-grease Kc1"0ol xYS0 -SOTywmAk8Z0fVaBEgVlPJMVWYNrN ---- GsqSM5RXgbGD3xulF6piH/NxH7AcVRVJT6rHQUqV/sY -xA,AfYUR!$9QUcNjn%HnuVAtbJ ^ \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-adguardhome.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-adguardhome.age deleted file mode 100644 index 63e1d06..0000000 Binary files a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-adguardhome.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-blog.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-blog.age deleted file mode 100644 index 432c0eb..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-blog.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 8xUsd8+0vzcdMZ+9/Q7c4uHrINfL/YnGb2oi5TPPUwk -GrQDEqwQpunmU/Fwa0o2YV1VEMwb7F3uuUqPC2b9kNg --> piv-p256 ZFgiIw AtzJHfEspGUDVtaXot1EE/u3Z5cTVL+PeBN2f5ZWbL6M -fOV0Hp6+cZB3NbypVXQtPULDonweA/62/G5gnunWVG4 --> piv-p256 XTQkUA AmPo/XlWsLPW+JYoTGCLTxWccJuh4EcKafN+D+URuGoF -3rHV1yeANXzWRpWb/0EA1IjCOitoTsLGN4dU1raTr0k --> piv-p256 ZFgiIw AuduWmro6APJsPTCZrtRpkwECkOfsDL109rvrE9UxkkV -cnJb8UKLM1Oy9nZr+HQp3p6OhT/+9Htc3GoAqADa2nI --> piv-p256 5vmPtQ A3ge8G2tligkbgdXvrngnObz6/kk3R5HN1Gl31Diz5hc -1d0ebykK0ccq7R4UegjAL+dl0EX6dves6Qsg4n7I0sA --> :/-grease 4$+ P= _VV%:"P| -4Ny9m7mh1lEg ---- CsASon+mZ54A0BLZmBl9NaSa9n6M9mYbpY6igzdGF+U -]lS"qvP2b] n7ϥC@dD-y+=ǐY D` v p~ \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-firefly.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-firefly.age deleted file mode 100644 index b5eda2e..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-firefly.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 xJo5HhKHIrFP7wbV//wpaFoboByUMZOXreZt5Xdd5BU -Ru6CBmrq1v/rbPhoPXYhCHq0yMGCCUiTgs6ZM5kVNKU --> piv-p256 XTQkUA AivD+Matq7mjlIusMtx6+lHk5ryKZcg56EEwhGN71x2M -6qgJoPZWiuylup3zgJjYm1zLoG9YYL+as8UtGFhpnCg --> piv-p256 ZFgiIw AqW0keuSK7y8oSO3JYe3/l+pAh+Wxqbu0XFNJ+qBH1Xc -vfCxAefSzfOo/1+ihhRS8Ilh7nsKwwyEf1LLRPfaKiQ --> piv-p256 5vmPtQ Aqz7EelM5PCayYWA4IBPOjcPQp+qRU0TcTQIJM6cOBu9 -t1bkON97ATB7CCcCFCOZVAr3PvZ0dFR9rnURWLD7dkk --> piv-p256 ZFgiIw AvVb0aN4gHr586PdYixoAPBpF061efDQBshijna2MwQH -7TJos5wgP7QfSDLmjKvWEQCt1svv8/psA9os7FcG7Aw --> mIBupI-grease jy yXj i/P I -M9tNIG4pdjXCQm9gWUWNr7bE0YBOzA ---- kKw6CxBObbcfeukkS/spDO+s4zcMkriNfDrfXoD04uw -#sϮ&Jwm~S&X-ƥu[WntB[ecHr)hg').MЫ Uk \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-forgejo.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-forgejo.age deleted file mode 100644 index 6d65a04..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-forgejo.age +++ /dev/null @@ -1,17 +0,0 @@ -age-encryption.org/v1 --> X25519 qsgCpy8yqEIlPRdfE+Lxs5gOIYX9zIcllgXtOT0bQV8 -GN/imU+Sf+2hT5zzOmYI9TgbLX4QgncJ1SHBjKaYlSA --> piv-p256 XTQkUA AoLpzcqYmEDQTqFx+W3IBRGp03iJjaRrDRI8wfGbq/1X -QO08SCWFfwpSTUaQCnIKaGGWIgXh0i7w/p62X56ZMEc --> piv-p256 ZFgiIw AlBi1aYyOCfnmlfVAdDVfvbN6NzEr/ypLeoH90cEwa5G -HZJ9bubfkFIEJbygeuvRm7UeTLppXG4knQFkKL678mM --> piv-p256 5vmPtQ A3JtC4PRXJTHIuJzHoygX/5X4ok7cIfFF4wIQ2oghhpm -g4dV5vVrjbDt3ysLfBs74sy7yu1ol9PGPYF6uWnIu6k --> piv-p256 ZFgiIw AuxXXZDLX6G9CTNow/ppXhTJ0GrNBO3RB7p9VC3BeY+0 -QyfdagRgpUghg5U+mTYxxhVKrIIDEcAAzqwSSjwEbrk --> 4-grease }E2 -0IdsRluyK0F88hpuyJ8yVMFkcBJ6L9z5JBs8lovL26wWtxUg6knJD2vVopGiKCiD -Vol1dGBhU9085pt0C68av0GXXvPzxrsO+SDTz8c ---- m8uTaLg5F3GK5noq8WaqyfWN4bwotHUgnWvOMgzzAII -cF% -LD9Qv W;!˵aƅa ȍE}Z/s87D㧏D!7 \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-homebox.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-homebox.age deleted file mode 100644 index ca80602..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-homebox.age +++ /dev/null @@ -1,17 +0,0 @@ -age-encryption.org/v1 --> X25519 h2wNST4+qSw4uCVCUqSoprjByli3t11plBHp9y7dRGA -DCCsXoA+stUFmu0aNcNJSClOFTF9pNjgN6hsZjHkOrA --> piv-p256 XTQkUA AvmTYpnMbBf4FiesxT0+RahR55nXJbmCsPh9jSXCk28K -AUOUpit2AsUMCh3KRqwMMSLJlSUlGBeoJZWyey3S41Q --> piv-p256 ZFgiIw Ax8nhmzow+Pshj2paySHEdKc+V+BBP55FpwNa/HOumWu -1vnybx4PiWiep4LKISh9+DQzDcv46iTf0BytjwsVPqo --> piv-p256 5vmPtQ A5l+gaNbTzurlEnGVdjdYBrXjF5R+xdxBANv3V9W74Tq -AmWUmtqPpGCG2G9xEswFwnCLNWS0iP9wdaS7UhMIA68 --> piv-p256 ZFgiIw Aq2tikCz8rv/r8PcY/3PKws74HTRdKC5WP1Ht/0ifeC+ -kSiDUso530lPlYN2P0JIVG1LgEbL2TkRK9v8YQpUQ7A --> =3mcTXky-grease |'ZI-R @E>y{ m){w =.h -yyiAGQon2cSKl+YqqZzrHRtsAnSVkg88UlO9Oj6nAdMc7/X+kNmoV0roz471Qcst -5WRDl9zm+ZUTS5bCqDdLThdKlxe2BFc4vp5WWd/QBVrlGuKPza8 ---- JfX5HKp3fQCfBufji0c+DBERd4JPBp1v/HG5vXkRUzY -+{|\X,50t+Kc(àpN[d -W:MȰJ㔭*n˙a9x-] \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-immich.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-immich.age deleted file mode 100644 index 42a7752..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-immich.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 DgYfF0fRhZ8YZ/OhLAkh2yTKJ8wJGn3NIWlZKPSouT8 -t0ru+RkJaYwu1182O+7mXUPY//1MfMpWfAZHt8EB0Qg --> piv-p256 XTQkUA AhsO8VrcSN3C0OvXnQZgknZmPQXkJ/AZLgoEJi8SEb02 -45FaY0/8fSFDe7ICj26UaZU2b7FJ6LwYjA8PAG0te7k --> piv-p256 ZFgiIw AyajmWcvtlbiql9fmKjAqOFrGXwxE+dKlO450qEzY6gj -ybg/Vq7X6iqFEvNAUeSwBL9MYEZk4PB1rj7m980JQZI --> piv-p256 5vmPtQ ArpWoKRL+CQf70RgopH6D3atHb8F29h7wjuJcsTSgyQn -JuvfAbnXSwP3Jl1nX1y2pxsoIMuoh3vPr09vO42GgRs --> piv-p256 ZFgiIw AwrP0evFqosflrXzbYJNx4fdJS9dF1107gPf3NEAoDJl -4TRZzpprOcjoXKMpWCXsgwMiKQHlKPmcFGxEQfq0fTM --> HYEBa=-grease 5a{m+}I -vCELeWobKeGEIHMdXjqKDVyjrsgrKdp74Z8adOYuFF+01bSwou0bx5NE4PypoY8 ---- Jp0EMbTh9Fm57m+RQGZZ1TQx2si06y00JrDP8a2quCo -%Pq~K!w`/IMR$ZzvNWD禶4`p1S Mj*x`規"%*k: \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-invidious.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-invidious.age deleted file mode 100644 index 14d0a91..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-invidious.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 rqjulMMqQvFeDApkCZo4KQvgVbmZ/TLOpy3fe9CQCTc -j3JoyoBWSZtVDka4qqquips0HmZakBuToEjNe+ZEccQ --> piv-p256 ZFgiIw A4e5w+3n+gkOMBeSI5VklW1kJ3846byVint8b7HGer4Z -jY/O+b0JwsNxpSvEtrWB1IaeVACDagAaqfLmoy9VGrw --> piv-p256 XTQkUA A8WfkKXTvoJ4M4gX/t3xaK8wy2pZbLO9dBHrlUqKJHjr -I6WsWbqg+DIrOR7cJCk5cHz4gz0d44RhcNSqUU/9VSA --> piv-p256 ZFgiIw Axn28eRfih6xjAKMw9ZFXHN4jKs013d2IhmLTAwl1Ixq -RldIXTSGdfjC5o4xzOttzyX89zAsuJGitSeoyts62mo --> piv-p256 5vmPtQ A7sqh4eBJsdzALHPVdbk2WJ5YH0M8iSBX/wP8DtI7Mpm -tq6yVRXYXKwQD3qbvvBdF4AuFehgvgS7lq2DkI5hI6Y --> s?-grease 38 Pego6HDg _|QaxRe -rexAgfgN8bC3JvURMFuCxfHxnIQ88B2hvka0BmvM7XJSWA8gAGLxjhOr0sw6iygG -6R+lshVeDfexCFxX4KWENEVzb9f4JWCqcGA ---- NtjNfHsaetHNRBHHwX0ncFGEb5hewYNhg8/WmJCLg80 -OJZu#|4|/kd n^@߅3{85Gt0m.!׹X!Q \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-kanidm.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-kanidm.age deleted file mode 100644 index 4a0ddb7..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-kanidm.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 OOfIE0asKIsd83l3FlOAUzVTZ2nyzgVVZ+3eFmVQTSM -Xp86tkjnZahB3SOb+/5/Q74MsCRwj0E5cWe3XyNnJlE --> piv-p256 XTQkUA A+LfTwtC6M9B5IuzZx9zcSZ6/hblgphmAIwA6CRxk6AW -mYyS2Ot8h2eJbrJ/afIcfOX59aQCThE26KTibA71MQE --> piv-p256 ZFgiIw A5I8g7TKBSDLsM0FpV6U/JVpabKuuCHHR9HdPqkuZqqa -CkvfGh6xS9GvSKhh/FNW4nKJgQMTUGbuqZtMbJvVyPg --> piv-p256 5vmPtQ AlNBDeN5ihouDbb7mjNn7f4GDTRR0hf2M67LhCwMRR+x -vffnqgDMvm3OVlBKUvLR+aG5t9vBBJ8ygKTyk314G/Y --> piv-p256 ZFgiIw ArEwrMQWaBWaOOYzUfB1zTCRQu/AjNiyN58UBSGaNhq/ -ZwryYVzJR3RYGYMZPWmvWkvD5dyGwF1FIsDPSvCTmOg --> .-grease -OozUcy+eh4uVbpuy/agtDWTCaZeccGlqym5s6L7KE+LqYmNhy61RwRC5NZqBPbsT -7H6EepsguVZzijQBhvPhJOK/a82g ---- 14GCAxnHT3eXYAvqtbaW6qHO2IAANgmVPl6Wlfox6wM -|^bee*PJBֻ|NJJqga=ߏ\˙CMCduMȧj&Ufي?D` \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-netbird.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-netbird.age deleted file mode 100644 index d7e79b7..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-netbird.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 bq+eQrKzKWG2cvp+7cKzpkN7KEbxf4H8aSOBxOBNeVE -uiZloroeAw+q0T9CTGbAg6cdHShGaa5YOVk0iE5FLMM --> piv-p256 XTQkUA A5CqoI0rxRrOyHv6LksBqtzWPapfCLi6IdK3KAUATzJF -d3VMdZpw0TjU8kZ6WNLcbvenDD4WWxJp2rEogNnW43o --> piv-p256 ZFgiIw Ah/2IZobkAFu0r0rSHvB9RyQhXh+wk1R9Vlky8J44xib -5GXXZuXybVXcrpU8G8bWYwMOjnzdw7X+YjQaQlA1F4E --> piv-p256 5vmPtQ AjmJ3ZgFxcbSbGefvufWZNzo0nOc8vl+4jA7kb5kwSbI -2ks2FzxZ/YloeAVCRT/0NEo4hRWzUbknj+pnwtGuEZM --> piv-p256 ZFgiIw ApvFPxETdpXGYLa9srv+pKFHNOGfa7ie8oyOInKDbOqC -8rIukUZzrkWdH11pnTYfPd259ql/UGg5/Z6SuNvslUA --> X=N9-grease CPXXj9j! Mf6?oC AuDyAWo z5x1TGOh -CYoYan7n ---- 9xwTgosTBqh7i3YCpHUhvkYV6bormJ3hYP4WHTwwQk4 -Iy0[۞$ތ- :k@ }9  -2l'*ԭ[Sr$*WjB,-wR1B&!.@ \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-nextcloud.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-nextcloud.age deleted file mode 100644 index 11a29c5..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-nextcloud.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 Ad4PXco+5B9c2AD1Or8CnplkpciVxGock7+WrxYCxmM -UZ6Qjrju7OKu81xAdYLv7lpmtl6L3rvnVqCSAXX0ZGU --> piv-p256 XTQkUA A5k19RTBbIY8lVRKXWlLLtoVCYWZ7adSpt3RtIK8xzVM -pM2y4h9LXP32/iOQaNuT8kPgndteg5g/9Du8XvQwL/s --> piv-p256 ZFgiIw AzL2s+0s8VyhLDcNVgrHmRAEOHbd5QpNoRwffzo2V4ji -1hbucvL4Brpbya4Ap0cr6YvNuFPMZA8qVbmOaGPX7rs --> piv-p256 5vmPtQ AtRh1kFv9fbB/oPHlTA1W/jTKrjcbiOUheXgu+iffxln -qVYlRQC1gqALtZ5S2zh07rlo7pjrQ4/9Nh7NwOX7ZG0 --> piv-p256 ZFgiIw A/kR3csWEfvCoRuLv7y3f05zb5cUIhsQPSxFBTN2KLBt -qhmQrvTue6AXqb8afNLsFeo/WfrRhyfdK51P0M8MzOs --> BCPe-grease )aY'd` 'NV =%exsTxg -3N8zy3WUb6utyQNJRC4rdYQaJNglA/gxRyy4OyO7UYw ---- Y0VIvltNSGuknvacNAYJWBZJHoJyFQSoB7V9IzXYKJc -Oӭpq@g(bEmJmflZĕKyKŽ -2)whW@ҹ k \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-oauth2-proxy.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-oauth2-proxy.age deleted file mode 100644 index afa6628..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-oauth2-proxy.age +++ /dev/null @@ -1,17 +0,0 @@ -age-encryption.org/v1 --> X25519 ajsHkFAv6DGIBXK+TXNexcF46v9OSL56zJU++ESh2Ec -rlt3Qc5FpGQ4Uy7djHxXinaRj+vGzRD15ePectg3V5o --> piv-p256 XTQkUA A5b2vQKPUK7CMtZtkqk7Sljxs3t+7T0xyok+W7NQIQhV -ouEoWuNAgUWZs/CmDwwO33S8sBF+vx09HwVi+k5xduM --> piv-p256 ZFgiIw Agm3uergfR/G0r1jgJa6SQvL4s08DGLiIQytODbhtWpN -mk0MjBvUwoxHzTidlJY3wm9jimJiTi05rqFk6pWiz+s --> piv-p256 5vmPtQ AgEl043vCMOGb7VMLrXZzFqJXqzpEts1dQ2BxKGWRQ0I -gqIxevnt+BQajswMvOnbhOCPoNeGjs6z+9Q2brXHXnw --> piv-p256 ZFgiIw AjQwtNB6n1WgESAuFpUN8gfbDe13iTJiKwvn74gSTipx -KVmS8Q/hNZ454y9/CRS8s54yvIZtVc3IPMtBgDM/vLg --> I[Qt/-grease Rux=WTOi _asi.\- YgMq{ -BIULAuvdBWYTVL2OKUZSry4BEUaJaPxhuj6szwhGillSGRJEETf1AdTuhq2UyU4W -KRwUpEwJG6X/98y90H+ZxbEAcT4nzpq9mvc ---- cz5LsXdzqSnzi5YSj7mnRRIWjIouvBithyGjWSy2nCw -1I~(YNkq7Fiщ3c -huh7.t ѩ({DQj!hOi \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-ollama.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-ollama.age deleted file mode 100644 index 8c7e563..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-ollama.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 809OJmSe9sRVNlpr7tsymq+N/N3RLwBggFHdew4p5lU -ef/ZzFm1aqytRapx0iZilQyT9O/xuA97plZbz5LL5O4 --> piv-p256 ZFgiIw Aowpy6rEm9eHFxEmwJ35I10linQONgIS13H/Nm0fi+j9 -rRiW2Y2V5kpmdqGjN72EyKe9nf5fQS4UrUqZAtshkx8 --> piv-p256 XTQkUA AtkeDTc+jaagxDYjzJrSsHZTCF3KxpSTMU2ZMxuoawDG -YDRFtbrl8QH5YHlTcBLBdxHzx+pqMXLtSSvd/FokSE4 --> piv-p256 ZFgiIw ArgQyaNwkuKD1GVVGKmwcHq11pzcgGK9uJpvWFkQ1Zqy -Jvue35/d/2CKV6qcVZIW2Q+LUp67CpcMUapfJQGqh84 --> piv-p256 5vmPtQ AjMLgWeCMKLwl3205anSTdwYfQ5HG2pmZH5UOU8fnhi5 -BL+6ZYMBuakv2PZCzcb/W8+UCgGryY/uA3Z0NdMxcc8 --> :`n-grease Iq:z[/t( c6Ca. j FSx5@D? -uH1pwc6u0ytrAqS9cTXoD64rJBuosYo ---- 5BCa7IK4dbXfsXiqMnBHBmLR/qAXbbyqaVRiWun5KJ4 -eFsfBh`%8C;Qnَz$߅̻R$5sKlT \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-paperless.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-paperless.age deleted file mode 100644 index 7ff8769..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-paperless.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 ovQyB1pE7B4dWOfW4mXs2cYE0e/5iUgWfpql2YtSuik -tYSFFtkR0Lj48k6eZr6acFtcSvshLWBKCxx+EpucnrI --> piv-p256 XTQkUA AqJvZdB0KAIr13bAQmUQSC6pjUHt9ZQO3RCRyMCz0MNR -cqWBp2e2Bi5ipk1pEuoIXhK8xkLrhH/JoH+IfV7Zczw --> piv-p256 ZFgiIw A/PY+B2QmEeUh2y+YYx7k8NBBfpNxbnPSlXyNvwKrgBt -bWgDU8b/qEVtzbxqWogWn6ZuyEqNsNEeNoa9CBjpheM --> piv-p256 5vmPtQ Ah/wPcA6G5yP+z/hOV5vgYVLO+F7P23jE9dYSjd8obcA -2hs5l8ODrWvuMA3VXINAZPk707QZFT8ZjFEUXxlRgyA --> piv-p256 ZFgiIw A2ZBRuRIP+cLtT88EMZaxOu1LZtxfn8eGo7U1hoR+kdN -oGMgn5IdL4l9CMOv3y0xCeVdFVns8uuw5zjTIUABUGM --> "-grease N)?O+s >Su< @nePY /f* -/hXO+aPBuQVXoz8 ---- GvrIh66NUBSdx3JUZqRykyr7KMVeTMvetKyLUKMmL1g -\=hro):7t:+j X}r̞Ӿ΁Qqwfi#)]:z \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-pr-tracker.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-pr-tracker.age deleted file mode 100644 index 7be413a..0000000 Binary files a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-pr-tracker.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-ttrss.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-ttrss.age deleted file mode 100644 index 4574afa..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-ttrss.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 RkCaqch0lqy7arlIQbV2cXRRlNuxZjXXogBflg6RuSQ -R4PmDtkphByfYPe71szV3qzMVw4+oFsHRxtj260hRqo --> piv-p256 XTQkUA Ar/9nnl57J3AS+jUN7vy5Xv2PjyX2WlR8SDXk3FB2NCD -Bg/XJ/LQwzZIXe2dCnymKIoo6S1LYLFmvEbsQHxoFWc --> piv-p256 ZFgiIw Akpu6vABO4u5e/o0zJd6iE2WUcMOMC8O1gc2wV5Ua+Ha -CyFyzLu9xZUptclh1EGpL1EJDMOatp9iJg5Iz2OHYFI --> piv-p256 5vmPtQ A6DfB1Lh2ephQSKgJVWAufKmCXPrEuJNgGyNSFA5e/CC -+O4VzxY532k9vJfGupfj3rAcx4maBkVZmpWZNWu7oiU --> piv-p256 ZFgiIw Ay4efNI9Did76VQu4N+UAQ70B+C5AEQJe0qo10MI7CM1 -DHccwQadZLZdYQO+FqlCaC97WCCTe8Q/jLhseb9traw --> +U-grease -OzpFIwnSjsHShHvAuMuT2s8dQyN8DXWNPun5trVepaIs3c1e2K8xXZ2AjdTFW9Q ---- hOcwOL8B8bmh+CX1JxYK9zFcbfuI+j42o5GME7qLGkg -XY/n}c9("2Э4(4<\t"J M!g/]qmmxjz'mǗ>E'XO \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-vaultwarden.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-vaultwarden.age deleted file mode 100644 index 5ff7a70..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-vaultwarden.age +++ /dev/null @@ -1,17 +0,0 @@ -age-encryption.org/v1 --> X25519 Ii4S+FNipCa/HB0J3Y1u6k3VKKlWX5IKz3uguLuWeUc -SSmQIkLmksjZSGhY6ncAmtgX5yJSk3FjKmiiqmn4nDU --> piv-p256 XTQkUA AmmDqtToqzMfbpjLm9qg2Na97Mb5BPmDRHaDQuCGQw4K -KzREWE1O3TODAeOxvue5M+lMzPPOEFmPQRRTL5xaAhE --> piv-p256 ZFgiIw A6WkjATHzKjvd4Pn1534Ce889ezEMze3e7AVDWYnaPP3 -LbuuGl4nG6yOpmIAPCh4GTGIsrD1RVq3q0RZUpU3dpw --> piv-p256 5vmPtQ Asu8eb7ok6vncPDby5WMpUJCUoyjVszEoh1GevEMhC69 -QlRdrg9KnrZtNQLpr8rzaBJ7u6AKEgyYepym95DjAHE --> piv-p256 ZFgiIw A/5MIAnVpa4OwiyRCyKmn+xbW0KMfmViLlMNF3rUWfwk -D+KrTU9vIXtl3bJgm7Yq2BrRO9I+H88HapDtYRTRJ6s --> ,;x7y_-grease VVPu- -iFtLoiXhVFydr3IucJfmwmeLxoiq76rCSSktYpYhFErBRwBnx6XPNKWfnj7fbcIt -VGKIuU01vjFfY8MHaSxkQyWN ---- 3XacKJICruaC6avttLYos8NPsjmH5K6StH1wnuNs9jQ -%i-3wuq1_i*OKOPK>q4 /I#hC^{j=ji -uUle{*|_E \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-yourspotify.age b/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-yourspotify.age deleted file mode 100644 index a399451..0000000 Binary files a/secrets/wireguard/elisabeth/psks/elisabeth+elisabeth-yourspotify.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+nucnix-adguardhome.age b/secrets/wireguard/elisabeth/psks/elisabeth+nucnix-adguardhome.age deleted file mode 100644 index f3e2bda..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+nucnix-adguardhome.age +++ /dev/null @@ -1,16 +0,0 @@ -age-encryption.org/v1 --> X25519 SaIhuXPtLjcLt1Bmbbmx8WaluLUtJRGS6Ehu641msW0 -3Jyo1+XU0WVEsndNWFadBOcbE2TD7akuyyocxnzXcsU --> piv-p256 ZFgiIw At2NriI63IhtpOKPqROmstH/t/kIMbXwWD/pKijLGdsd -yTUXG+ZeR9451nnGg5Nevhf6ES2tL6GpsTgNriNpg0Q --> piv-p256 XTQkUA A9BJKAQ8L6ZjMm8W087HhkLNticb/Ddr7eiv/cI0guis -qPgkfSrq1RtZYCjXgujchhm1M9cW9boWrxCLhwoN/1c --> piv-p256 ZFgiIw AzR6JgDfdmALfrIMrk43Fskz3ANKkSHz9bKlW2OF5T/P -k/vh/K8fmyCGQkoMvNf02b9KB0CZqMLu5RZc9yj1wRE --> piv-p256 5vmPtQ AxioglXD0p1v6ZepKafFLW49RG3CUyl4lxjagpkUuI0H -3/XzPXIV1S7kuTICI0fD+Y2lCjSwcSPwrH9YfkPIyDI --> #8D3.~O-grease [Gk GcS -wuRoJDrp0TmHzMmIEyPkSe4N9ITWjxfMbqQJSxn4rWH4wE+YAbXmJE+Ujtecupnf -xmymVCCVP5Cvmnx/KrXVVsyxKaLtiYcAnqHvTsmQgQR1LbuV9FB/tw ---- v0LwqJa53xUGcC7NIzI1UwACS8kGzRaMOsf0HIF6X2A -Ékv?V"0nd" ;QHS򂫿T^I*(>ӅbWmBL-, \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+octoprint.age b/secrets/wireguard/elisabeth/psks/elisabeth+octoprint.age deleted file mode 100644 index 829947a..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+octoprint.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 LHMw7uAZNnxG7jj5XxSQX1rXpE6K8umKuO4teduKwBA -7K/2tt6RgkbkquSy8oxLIeMkhCSRFGojUdrJcE7Jgn0 --> piv-p256 ZFgiIw A6mFDXKTy3k1hjJCAcoCSYAVu8qFSnsnhdsoRs2y6EGG -WyIUhPA99Wn9dMWTx5dIHPqeJgcM9FjMQdG0GVmOAmk --> piv-p256 XTQkUA AwCrp3H70gkHpOZOgviAgwZyESnKJRbebXRgIMlbHKQ+ -zdhbhHRedkfRWFmeKeL8E+7peUFEwvw31W88qZg0Cl0 --> piv-p256 ZFgiIw AuHsVWNjUqNCqRVmVSs209G9xdjt+xuOlaKrdvgXP1yp -X3jZJRJju/MoU33m7Xkzph8skN6KGnv2Dm7Oij3fmJw --> piv-p256 5vmPtQ AkgsFDihJBZlsJsupaxJK/gThLaKY+50w6QfKQlF4a8n -I8eqZzDxr5Vvsjc6Kd3lBA09NriQMro2OQizix49m+U --> n EQ`+g%xS }uX -I7fOzBFLdnAquybVNl1PL24+eOamYBZVi98wIqh8s0PnYmDLv0E/cqWfhQXM ---- RDGXtDT+IfBc58+hX5Ohy83AF2FRIDEs/wUGWaRCyc4 -0Q0+.^P=#jjP<8B3 ldƛGhpVEAX˜ir \ No newline at end of file diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+patricknix.age b/secrets/wireguard/elisabeth/psks/elisabeth+patricknix.age deleted file mode 100644 index e6569df..0000000 Binary files a/secrets/wireguard/elisabeth/psks/elisabeth+patricknix.age and /dev/null differ diff --git a/secrets/wireguard/elisabeth/psks/elisabeth+testienix.age b/secrets/wireguard/elisabeth/psks/elisabeth+testienix.age deleted file mode 100644 index 92ddab4..0000000 --- a/secrets/wireguard/elisabeth/psks/elisabeth+testienix.age +++ /dev/null @@ -1,15 +0,0 @@ -age-encryption.org/v1 --> X25519 GQbCMDf/v7ZWCbkWrxPHb3eRRhBu3OgoUVM5Wcd2YWg -Ktg5wWDrv9xGlz2RxkbaLM1JnzncvFiDKNU7Q/ALkPg --> piv-p256 ZFgiIw A6/M1WnmlEwOkaL4Gof2DJQ1ED88c14rHjoKFMBZ+nXM -XI9XhL0lE01DBbR8bNCaTEqDEAYzaswFucfY97HsWEA --> piv-p256 XTQkUA A+dXpvz/ARcQj/RrRjgm7L4K1Jg1P/mnlL4M0nYWrTid -XoxIGKavpr13hvz7RimZlj5Ah9jqAKIph1Gh2RGMha0 --> piv-p256 ZFgiIw AipDvQ/vmWF820Swf/UYPGcQdI5SOHDmrBRRQuPysnJ0 -AoQ/EEvxmtDptmqQP2AZ4i5ExLsWzrXXvvVcIKZlP50 --> piv-p256 5vmPtQ AvMIvmMcOwkzIiWvGLVs1x3zU+CDntwP88lxqNhNGgAR -3S9QPobzy1KFKLk3GaCxDdNIChph3lG45DdLG1d4KZ4 --> MO-grease A~ wj@o(6 -JpQ ---- wg4II0uOKrdUdzbRGlhxu6nQ9W2Cdj29nmBVc0nNRvI -6A6ʏS ht^WSMEE`䠨$=72:!c|PIKRhDA$ \ No newline at end of file diff --git a/secrets/wireguard/nucnix/keys/elisabeth-invidious.age b/secrets/wireguard/nucnix/keys/elisabeth-invidious.age new file mode 100644 index 0000000..feadf4c Binary files /dev/null and b/secrets/wireguard/nucnix/keys/elisabeth-invidious.age differ diff --git a/secrets/wireguard/nucnix/keys/elisabeth-invidious.pub b/secrets/wireguard/nucnix/keys/elisabeth-invidious.pub new file mode 100644 index 0000000..dd0dd6b --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-invidious.pub @@ -0,0 +1 @@ +zBt3ktXtBuyFRLeeL7ykAtyqJ/dHz2LFLzZhaEWovBg= diff --git a/secrets/wireguard/nucnix/keys/elisabeth-ollama.age b/secrets/wireguard/nucnix/keys/elisabeth-ollama.age new file mode 100644 index 0000000..5d76801 --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-ollama.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 2oBjN5KD3UFHo5rTRN9TaDUUYddUtPhGQDk7p/iJk1s +oYYcY4VRQT0KADYTCvyLewSzadBk/6bYFCSfe4Ei1CE +-> piv-p256 ZFgiIw AzMAHsipfm2/zaNroFuQ6I95OvgIzaGWFHyHeuS3DGWT +ZOHjLOtlvCNGZGLOJ5r//duyYY3IumrBMvLiTAjQB4s +-> piv-p256 XTQkUA Au3OgmbZmEdU1z3c4UXaJd6VDz5d7EC/DDYTObUtK1tr +Og/3+GinZYBhbb9+d/K3I/phgBAUmAc1NKcwZJKTtZQ +-> piv-p256 ZFgiIw AwEn5EM9+VVhE8o3P9QVPwDvFuW/2egOj1JjdhgWygWQ +coDkL5XVTF83TMr5SGrYqEIbhH1tgyog00U+xq72J68 +-> piv-p256 5vmPtQ Aij4i/um38NVHRmJjA5Md4CHwhosa2dzhyt4RISrxBtC +l5duH9gNbmQQgu8AhU2Ha2MOdRDw8zZVEi4gLjrlCtw +-> =L*-grease +wFgyXcCJ +--- cor8Tka9cO0CnivCBpooepXXS5Gpz7v0pFEz1VgodtA +R0ASI8"J8@QsALXdє(NIB/i_;;8}jǢ$ \ No newline at end of file diff --git a/secrets/wireguard/nucnix/keys/elisabeth-ollama.pub b/secrets/wireguard/nucnix/keys/elisabeth-ollama.pub new file mode 100644 index 0000000..b4df5b8 --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-ollama.pub @@ -0,0 +1 @@ +yIOWwa7xDRl0KwJXVtIJFhepbKDmZer495PpKn5XjCU= diff --git a/secrets/wireguard/nucnix/keys/elisabeth-paperless.age b/secrets/wireguard/nucnix/keys/elisabeth-paperless.age new file mode 100644 index 0000000..b2cb1d2 --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-paperless.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 kQI/mMILqRhkfbgXr0/iRdYC75LMadX8YXxle+jVJWo +eV2DQxwOCkfa3cV8cbp20qS3KO4PICkaJ6lamaZSI64 +-> piv-p256 ZFgiIw AszWOTcLrWF/+udzx5fAm27PyEeHY9jXr2GFWwJr7K0R +Op8BJAB7uLhhSqZWDmqp5lmJn2iHQd1b+8shiSEWO9Y +-> piv-p256 XTQkUA AyoErKG8hEkeMDz6GT3bUaQWhW8sCgj/iZ5eDECf+kQj +EIus3QKL5X/MZ3Ufdq3SryUhu7Q5q7AkxNSEOffK3LY +-> piv-p256 ZFgiIw A5EvcbwFrtIGG4nt80XcajFWqoat3XLgnwebNnOR1E0N +kUWMScVsVqtr6ovrmI0zU51BEuobYGWkeElqLKPBFwE +-> piv-p256 5vmPtQ A6MH+wqcdb024h+SIx4nLJ9gMWdgDQtrkrO3NCLjiatK +AX0M0A7NMh7+vI2N4/tj0/pmROVgUUdz6UIV2Xc7HdM +-> +!~jcHv-grease i/iY * +kRyCHyWmHBHnnYAsQfKICV1QFwJhCfWZ9tJcrzeg7YZ6jDjz7mSl7KNaAGw/yQ/J +HvqZ9B/Pz/sTU8gFRud6QzIzvQ +--- R7pX5cHPZOsvFa4jzRJmn4nQDzExHeXhXO0VnisiHMc +5G>jى+%|QEqmo{ʰgVxE(c˖3˭n9 S/ \ No newline at end of file diff --git a/secrets/wireguard/nucnix/keys/elisabeth-paperless.pub b/secrets/wireguard/nucnix/keys/elisabeth-paperless.pub new file mode 100644 index 0000000..2431cd7 --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-paperless.pub @@ -0,0 +1 @@ +l+eLeH3H+DZvP7cE5a8DBF276sL5FOBgZ/Pdw6vAlXA= diff --git a/secrets/wireguard/nucnix/keys/elisabeth-ttrss.age b/secrets/wireguard/nucnix/keys/elisabeth-ttrss.age new file mode 100644 index 0000000..d460083 --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-ttrss.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 Q5EsPg+1p0LDrvilh8QPouNHJ65ULE8JBfefhi+fWDw +CjuvDR5YLGKpnPowy3yAxUHN+l9jjYdqDCLKzYIhSQ0 +-> piv-p256 ZFgiIw Ay+hYHlGvssFbis2ZvuwBNGV12lmEyKuC+jP7DxUFQxq +20AvivvFkkymZuMgbK+A+E6AQlr7u1mUeverU/Uh1nk +-> piv-p256 XTQkUA AmHtHOSKqupuzxbBQ/sM9Ux32ulLGeltMtjO+DhW4wlU +BrtuC00RjUHMhw4qGvlyYWWeDwqWCNJzvcR8R0rUryM +-> piv-p256 ZFgiIw AhbrSMIH1zIYBI4CK1fuWPhucEOQ1qZ4nx7Rqyxvaftl +aJeiUVhzK3cVcdyInI7awx6g+IIXnhEG+/OitQO3qUA +-> piv-p256 5vmPtQ AmfxUqrTj6DktHVgBm3dRmluEQF8SDXmvkRy/LPjQacc +lGcHwd5xNlXAsl8PnT/tnqPGfCtH/6ZnFOlozH80TwY +-> 'Ofp-grease +T7ME7pbl5k6CvamO5QrXeqNMTnX1+tPB9zjN8N5wkVIv3SXT6dXR0VPUuZTrPHxy +TWtpHerlBXst5OHK +--- zIme67bGjtw6uwGmsuzHD7DfRw6Xq+zE560WNhgBVDc +&?EsWr)mk*䏈G#fU6+/܁D-Sx#a}50C]]ii \ No newline at end of file diff --git a/secrets/wireguard/nucnix/keys/elisabeth-ttrss.pub b/secrets/wireguard/nucnix/keys/elisabeth-ttrss.pub new file mode 100644 index 0000000..eb2eaf6 --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-ttrss.pub @@ -0,0 +1 @@ +XwvSFKKS/CP/yoB9uwOcBqGcauxurSrNevFxxunjMF4= diff --git a/secrets/wireguard/nucnix/keys/elisabeth-vaultwarden.age b/secrets/wireguard/nucnix/keys/elisabeth-vaultwarden.age new file mode 100644 index 0000000..a6bdf83 --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-vaultwarden.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 v7BwuAj3sXjpu0i6u6FOIxtJ9F3jLXDcsilHIFxN/CA +02SV3BqvL8VYpyDRTDOW4DFj1vfD6Ji1Cbo8Y35hG3M +-> piv-p256 ZFgiIw AzRgjY+wHXnP1YYL0Rw/e6KdnJ4TC6KWceu5YTybm47H +bWj/MU2GMAt0oL5ij3tXq4pOrByAAKszyU8HlcWVhcw +-> piv-p256 XTQkUA AkQFB+V44Azg2vJIhsSEOeGcmoN4LcvKJRl6TZbxbrav +YSNvviIwL0F8/Be0Xkah7/Fi/Gp9G2UZVtAaF5QghRo +-> piv-p256 ZFgiIw AnsVrXenTgOlrLPEA28MVGd3jKHpS8k5cKVQWrE1uubj +vhr/JdInUuwqgBwW25XWRlJfIlgTEdMihv83ErobjA8 +-> piv-p256 5vmPtQ AmAT4myXfVic3RZX+S1aCt8FTV4ZGpE0CCh0xkwBqIYH +HHkaUnAkV7bA52nA9f0yQEz+PZ0G4PtVudy+/gaaMTU +-> O#Pgf8fB-grease +AmIVvmLsPoyZJUMZpTlnYvNfZa0IasPEj54OZar+Prf857vYhajjqBsi7ccAo1Xm +pak9ldMp2qWB1PI +--- K/DUj2zLL5gdDEmek1PdX0hES7w4PR4vgbSqycsPbMc +89^"`[40!WUs\ЏJJHqJU08E  #jo+`BD \ No newline at end of file diff --git a/secrets/wireguard/nucnix/keys/elisabeth-vaultwarden.pub b/secrets/wireguard/nucnix/keys/elisabeth-vaultwarden.pub new file mode 100644 index 0000000..aab9aac --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-vaultwarden.pub @@ -0,0 +1 @@ +XVkHfPcPuTZ1r9uS9bFgWJqvMz63y1WGieL7GQAea0s= diff --git a/secrets/wireguard/nucnix/keys/elisabeth-yourspotify.age b/secrets/wireguard/nucnix/keys/elisabeth-yourspotify.age new file mode 100644 index 0000000..6ce40fb Binary files /dev/null and b/secrets/wireguard/nucnix/keys/elisabeth-yourspotify.age differ diff --git a/secrets/wireguard/nucnix/keys/elisabeth-yourspotify.pub b/secrets/wireguard/nucnix/keys/elisabeth-yourspotify.pub new file mode 100644 index 0000000..404cc0b --- /dev/null +++ b/secrets/wireguard/nucnix/keys/elisabeth-yourspotify.pub @@ -0,0 +1 @@ +YgXbQ81/WLo6owV9mW53KWVi3m4lFjEnXDWe+1Jc9XU= diff --git a/secrets/wireguard/nucnix/psks/elisabeth-invidious+nucnix.age b/secrets/wireguard/nucnix/psks/elisabeth-invidious+nucnix.age new file mode 100644 index 0000000..8e79dba --- /dev/null +++ b/secrets/wireguard/nucnix/psks/elisabeth-invidious+nucnix.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 2pj1DlPmRsorRmitEEsKS5UVC3NfSqSdxxHLPWga6gI +UfSmdrpradg0iqcZKbo4Jfy+Ng4DqWzvIVqZLIO4L4g +-> piv-p256 ZFgiIw A4vUo/BghmXoX5H9FYqKekU5J7aNKWZAuwjulmIC29FK +h/W1LKQQaK81FnQHug9h3FxHuxnwkmQvWeRpcZ4ohxc +-> piv-p256 XTQkUA A1n50SSdqPE3NDcb+VO9gwdoxraxPI7jn28qEMwCgbIT +CSf/otgexa1hsC5G4Uk6S5IuJa9G7GPQWF+8AxMRcqg +-> piv-p256 ZFgiIw Azkh1Hb+h1aEIt9jHxwjv2kfx8R7s5aBViGoXQaAuFG0 +De2ezoQy6UCwh3XJiho7tnJIlN/8JvYszb9J8HMTbqY +-> piv-p256 5vmPtQ A+IgUzVEtDr9ZkdEjlNhaNOWx983B7TwX5VSI+c56T2D +iRpYUquVhvCfL9QfJom1+xkXcCLjGcOZTZxb68ar9L0 +-> F!Z-grease pm(BQnm' 2:^ O%5}}E +!gppfV +CC4WbK1jMlsKEA1QBZR7PcFxQ2THIHfy7Hg5LfPZ+Ed/EJxwcdfOtnJ04DrOWD8j +XyOtoRN5ht5cbuv3R6oSKoBLGZUTNJnBz4+RX35bDbeHZbWl2yEQoAL7 +--- +Xf7hdgrtsR9ZC6CP2dx1EjxbIACbDNaeVc6wGvF0B8 +DRZ /Cr>x'k|ܞgjF^#Ipչayׅ^݄S'5 \ No newline at end of file diff --git a/secrets/wireguard/nucnix/psks/elisabeth-ollama+nucnix.age b/secrets/wireguard/nucnix/psks/elisabeth-ollama+nucnix.age new file mode 100644 index 0000000..19358d0 --- /dev/null +++ b/secrets/wireguard/nucnix/psks/elisabeth-ollama+nucnix.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 R3Fp2/uBKVQRD5VYQ6rlzWcIKbuiDMrATylYRKylERY +VqtoHp5vAnnk2Y4u6CrGZYbWwYkz44Xra8zRraXsrsg +-> piv-p256 ZFgiIw AptLYlMo2zWsvOd/YpSYUhQqxTMBOUGuAcb5IC5k0bjy +7qpoFp7k9iA9yhtqCLd9HUzsMA0oDZMlQ2d4Zcl1bn4 +-> piv-p256 XTQkUA AiGC8L8l8c2CXPvIMDeIbNaFGO/ZzkvwhwvYDuDQrmfQ +XC7b5QO8uVsTMjrVVVqLBTuDlJbU/UbO9ixQf5ph3Ts +-> piv-p256 ZFgiIw Aoj/NVBUkzfOr+orlPLupjwYxDO5lIRH/SANfUDXp8dz +VaLn1HvE/wUNtqD/V986xA+kLxR/R+kjQRw2+bjM+G4 +-> piv-p256 5vmPtQ Awns/4HhlBikyUMqn+oTEFPi5ywHlGp8NRd+uxh3w53/ +aN9tTVgWHLq/0ycThckLa+W2yRYSHwr/FH2XGvbIZA0 +-> &9t_-grease +J+Y1OQ +--- PgePVxrUnk39aY1EJAFq1dYNVAhPR/kV70eGybNX/mI +a7)bK]ѹ[ֹ*ظk xQ@- jU{p5|,HԸ "8=[LV \ No newline at end of file diff --git a/secrets/wireguard/nucnix/psks/elisabeth-paperless+nucnix.age b/secrets/wireguard/nucnix/psks/elisabeth-paperless+nucnix.age new file mode 100644 index 0000000..f32748c --- /dev/null +++ b/secrets/wireguard/nucnix/psks/elisabeth-paperless+nucnix.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 apzL+fmJ51pTjj+ng0+KTf474Uu7kEfEaXbPeom8mTA +P0Xs6XNcopXv34HhfLDhIhZbpM9+gEiUrdfdw2jmShw +-> piv-p256 ZFgiIw A2Lt0WazwhJIqouYpCH59qJIRWv2tJ3EqYR2T6Oz7+Vi +/9ceWmxDYMtU74PnROD+5ohYfqcAyy8sQskyO51n3PM +-> piv-p256 XTQkUA A09xSlTCeTFW/29RoSXN9D3JQp/6xPthBcTCtsAu2PaO +6+ndY+7/bxyzCUDkzky9bhUaPwPSmv5P43R4lZQpiro +-> piv-p256 ZFgiIw AjZ5CkrLgrK7FWVuE3f6LA6n9dqNXg0+8tosu55aQlRs +srKK43TtwNzuAgwaUjUt/lYJWiYG/QPDqJDQGsAcKUU +-> piv-p256 5vmPtQ Azksi/tIfNEhwDrcePCWbVLS+42wYTyUV87Jz5dWmCml +Yqt1C14cTEKBsrx05926S1YpmKdFXajWIeroii5izLQ +-> TCNCh-grease Cn +4NrJM5viurOhmnIUk1blFTZYos1dtHSh8lRuHrEzoAt/cQ +--- AUppTaBZZJy7uCj5V5yAo3QkheJJBenG+n3wW8Ec1Ng +('jۊ&2hkwr%'SՂY.5^&3 ++4fݎ;.uئJ \ No newline at end of file diff --git a/secrets/wireguard/nucnix/psks/elisabeth-ttrss+nucnix.age b/secrets/wireguard/nucnix/psks/elisabeth-ttrss+nucnix.age new file mode 100644 index 0000000..f6572e6 --- /dev/null +++ b/secrets/wireguard/nucnix/psks/elisabeth-ttrss+nucnix.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 vR1DkoVez7C2Drm9cbl27nnJu0QdL5epwvTbuChq2hA +1hgr/ANOa/ZjiluWfGJ+wxIWNv8TbFiVkL6YZL69W4g +-> piv-p256 ZFgiIw AgU9j3c0cCwMAudfAXrlzHkNd00ufr2v0MEC118pZs+n +wyn+kDgYse9t7TQuIqZ//j2JT29nxONuQbPS4qtoVOQ +-> piv-p256 XTQkUA Av4FV9rXZyF8//nLecl6djq9/lmYn5/d9zLa6TVIVpSX +11Huh9ft/W8JlBhR0bLc4Y1IcxrqErVVmw3VYxiYXuk +-> piv-p256 ZFgiIw AypMeFu32EKg5jh9/wBtVROysSX4Xk1Q+hwWlCXCLzsW +pqWZy/+fyIB20FXvrtaxc1adJA0a3lp62T4Rr5ylpCs +-> piv-p256 5vmPtQ AghwZGHHyQnh8Gt3Qe9kHZE4b+ltQycXcAl/OMaaPsh4 +nepOZVNKtyIzsGbCdg1simvDIcfPk4qmPZFAp5IzZ8c +-> @g-grease +dUXlYXn9lJ7dQjb+IOqD51jZ6Gci6FfdZzRbAvtUh3J+C03GwWS4gai3QfwakJ/e +YJWVPvwK1+b0rUznIxgUUmQzsNHHZphho0kDZ46j41Tj/Q +--- nJQ6Xza+S9Rd29d4cm9va+TuxzaTliED6K1ZjMtQyxw +|yN(0_qwVĚB(`-9I2M >M\tuIạ̌q \ No newline at end of file diff --git a/secrets/wireguard/nucnix/psks/elisabeth-vaultwarden+nucnix.age b/secrets/wireguard/nucnix/psks/elisabeth-vaultwarden+nucnix.age new file mode 100644 index 0000000..d26c353 --- /dev/null +++ b/secrets/wireguard/nucnix/psks/elisabeth-vaultwarden+nucnix.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 Ihff/elepcn2LdyX22XzldP1KE2hMAdaQoTT5yAPbTA +wbKLlyOG86QAjzSXjheARbj5k2C0NbQw9Wya6uBEU8g +-> piv-p256 ZFgiIw Av/AsNM2HguBK+vv+6qKZu3i9YdHlQdVQSQ5pjZov4OU +P5YwsWKTx8fCCBPTYbeTA3FM0Ns1OZyVrJGTCyCwb1o +-> piv-p256 XTQkUA Az1epPa3EoDcRCeKXqC0IDfIa9KjplkDKBwOhPvAaQg8 +rx3JRrJypNBu6DjXWbjKztN11adBjdngWNkeMjceu+o +-> piv-p256 ZFgiIw AgKtLZ2uUl1ABGyr8epELy/3ItSSASlMg9K4UluJmKB1 +vY5tipxkf9scEJiWl49LrWfPf5i0Nl7K0WZPSHM8+cI +-> piv-p256 5vmPtQ AsaUk89lGzTbfjUAe3R1OoKM+93ZQRVmjetm3exqxc2V +fIeqEn2Yt225g1fd5psK2/jogj90EaLHvHfwhiGjdUA +-> 9>O3GE-grease ( vdV ,pR +8us6a0YPM1qp8LM +--- xRs8ia6WKL9PBPd4Do5wPEsWZZj7kZIE4YnsONFzE6M +fzNyOO•GB`|ψ.L=TY;1X#EL uI^vEYqG4̅7Qt \ No newline at end of file diff --git a/secrets/wireguard/nucnix/psks/elisabeth-yourspotify+nucnix.age b/secrets/wireguard/nucnix/psks/elisabeth-yourspotify+nucnix.age new file mode 100644 index 0000000..bea2a92 --- /dev/null +++ b/secrets/wireguard/nucnix/psks/elisabeth-yourspotify+nucnix.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 +tXIB+1cwJ7W95QAYwgKU5Yr++2jxZmyN1o73zBPeT8 +3xrg/vZPpyfBf1Re1zvnw8ISpN+4ENEjA6x14nR9Z0Y +-> piv-p256 ZFgiIw A1cBz5v9dli1K4/rOCF33YPAPQbNXPm88LaITRZ+Tm4E +r8Pa/A9j4RBS4MPx9iUwrvDljXPxG29qfmj6RwSWz/8 +-> piv-p256 XTQkUA AzXStpJIhsd/LSivYB1XICzwIeAFwCclKiDwHlaztaW0 +9rs9X46uc4UCHaUqwaSWh1FF7QsD/PpYmTnz6L+Uigc +-> piv-p256 ZFgiIw AvU7zMvGnhT/7l56vF5aK/Y0F3nWdwc9mqXxxiCfLPNd +jqKdn66SqUZet0bFPo1cPb+2y0B9wf6rPb5K+tUmbWU +-> piv-p256 5vmPtQ AssjpOMZ5t6AhA0Vm0dmaV/ZVZ5aeeol5znxOIg75gco +AjxXwjPZ6HdpqdNyxYtc6FHoswcd691V0VBhGMNN24s +-> y0{-grease >' ]z+ PP) X25519 jSOPR4LRd0tfr2ygMnIBz+NL2f63QvjDPHwhE7+ezEA -pIFPGdJy11+xZ6lh5tYouOoUqz8n9w5SUhdeHxP0yjU --> piv-p256 XTQkUA AjmrbTNVLJ9YWq/BLnn8t9nnuKMs13QASclnSJbKGLgL -xsJwc9qPCrHKFODIfLlQwjFFdBQ7OWaPxcDFCQOcTbo --> piv-p256 ZFgiIw A7sPNQpa+8ok9V1AFczo+YZJ/S9xyU1lctkVXCgJgzFS -9L4Ff6o75Ir31atvH/OGKJN/XBofrQtWsCOZh09GmDA --> piv-p256 5vmPtQ A2FD9DnhSA9DMl2krxLHQGOaULNzQsN6CCbxFJc+x4z8 -TOxi0USIzxF61IbP7wd/sNZbWu+llnfz1W3fZQ/HSOs --> piv-p256 ZFgiIw AyCJNFSiZ7EoCbAjB6QUwsXLeqr3GUtL3vugCuCL4KFP -0ZRhdIES7WQ6Kv8jciPGa/5HjFpGNK5TIZUIBB+A+lE --> KQfRA-grease gq} | kD -G+FJybvwLHnk06k ---- M8jZW4khQpHjC8OvQouNonLilK9dnant0IUzqYbYHCk - X25519 t6oAnWOe58WatE7xAZutNkbfMJALCfOblGzwF4SXuhg -ARg4y/JHxyujLAQeZokxcjVlIz20vPbI614wwUzxLSw --> piv-p256 XTQkUA Akz23XTjEEXje1/maOahUvHngVn5ArcL4pLfwg3mOc3F -SqH9c1CyeIl3ujKYOZ/mfpfHBEBjfzJEOzFhYXuB5B8 --> piv-p256 ZFgiIw A+6EYdHMjm8qRIpXCdr5c/sfJDH678LKM0ZWDrUrxAZP -6WE0/kNs5RERwjR2sMHKpAFRaeX18eoVWPheZjzPqZQ --> piv-p256 5vmPtQ AsLoUNVHvNydMli9OfXGzoYanobiI0bWZYLsPfu1SdF1 -20dL9iybblGRE06YV/bPnTJ9rGffIQJu/VQ1WYNMPU8 --> piv-p256 ZFgiIw AxqCgK+ogTBYaJ0HQF9m8ZBUtufpCsD6wKoIavCl+Cdb -2Vi+AvG3D/U/kV7VtNd1P3Z5VW5Lzz4Ll/DeTqFHQnk --> l*B1BIs-grease eIX .o<9F39h fI8 -s0/BUCj4reWqfTxkvA ---- L1ENSVVcxVSROI+zYhmFHASbsfIOkjn0nXNc4nfFdQY -RPUf_EqTytywfc@MAp ɡ}'C*GU}ޅ \ No newline at end of file diff --git a/secrets/wireguard/samba-patrick/psks/elisabeth-samba+patricknix.age b/secrets/wireguard/samba-patrick/psks/elisabeth-samba+patricknix.age deleted file mode 100644 index f5f3b00..0000000 --- a/secrets/wireguard/samba-patrick/psks/elisabeth-samba+patricknix.age +++ /dev/null @@ -1,18 +0,0 @@ -age-encryption.org/v1 --> X25519 eFLhzD4YvPXNBOZC2Ud6cB0FPRWo6+x1qTH8YEKy+Cg -rPUgaR4mLNbPz/zfCOnN7BQ/prNzoYGW5rPrRMOEgvk --> piv-p256 XTQkUA A1eUqEvO/tkHgPlr7DFqQBdddMMvKJvvZ6bFgl6SqTUE -+J2gi8D9Bg6dEr5OLOmnhy8/kfGQDXQpTCnYTWLp0IM --> piv-p256 ZFgiIw AoHGWuCfTy0aIy1ZIp+H64wXzuoR9Yd2rsDxJL6Rjr9Y -W+u/mTIo5TwYdZc1nnC6rPa6WU15eXSg86RFdLCTFkg --> piv-p256 5vmPtQ A6BO2wkSQ8rZnJg1ykx6WhyZpQMMiLYovm2AHa567VdO -XB9NpGBZJU48rSddjmfk3uEMCugR2vktv0NajTpPF4M --> piv-p256 ZFgiIw AthYefErdON2SVYJaysT8twtGxfM0xrdUf1Qu74MtG/C -nZb7ozfvgf4JipSWKWjdztdxubdwokv1aBtLfn4HxNo --> PsVq=WN-grease -kFWRaojwHfs1RYduR3IrPISIUXHrwjiJEZtciWI8A+1BFv9H8B/7r+Ews3i2JfhE -LwCsAaK40IdWZbe47+67K8wNo60do+NKW0W6qemkYgziVlP0 ---- o/fKSKsuClle7KXgbq2gXn7t78C2iCvOM2uuU/9Mt8g -S=q* ɾ8UI/#4U - -/b649Gj?!^twVwL \ No newline at end of file diff --git a/secrets/wireguard/services/keys/elisabeth-adguardhome.age b/secrets/wireguard/services/keys/elisabeth-adguardhome.age new file mode 100644 index 0000000..098fcc5 --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-adguardhome.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 AyRphXWQzLSXVRPLrGcafkLO9ZE+iMYs8jotMpd2FSg +euOG0lJ8GdpH261j9fK4NTIem6Cmcm4XNPCcJB0+7IY +-> piv-p256 ZFgiIw AyPO8DEFGgcAC1i6PIOrJRFjdFGPtmB7JsW02QGsEaO8 +ELMC7dPGb4zMOYA+ytk51NrEnInEjD7zKxg+E0bRCP0 +-> piv-p256 XTQkUA Ax5fBg5bJab5CFzPPO8+ol87lt03b8ZZE8egy73ZaqAe +Q5+AYl0mPCxh24z8WsvgKkzeawPGu2/5Ijk1510pre4 +-> piv-p256 ZFgiIw AyU2to4+Qx12bW29BHgbnq8BpDg8soJzj/XWKzqIpw98 ++Q+sQpyIr5OMwCR6ss1qAeD2mRoFCT5ppJFgxWjHGi0 +-> piv-p256 5vmPtQ AuBSvFOla2Q1X7wKYqGaKrcgK+E29KgFvgQQ+73M5fMo +JjA0Xt4jiRHlJIx1XmXpOdj93YylPHHfA9IA9z9Gldc +-> G+sE-:W-grease ^lP N rQ4YCcL E:"6Y +Beo0HQER19Q+tc1D87i8olKKdWcXvWwv9Ilwu1X/BryZAvVBZ2+HKTK6a3I6EuVV +/t6VvtkMflHAdlySOq8xtTTpPA +--- VM06ne0dFfnnGIbJYP7UIBhTZYxX4m3q/qQweZuULiQ +4?_:Qo5ut'w}8ɵW~`B%ƀLL8^+<+F/ȅpō \ No newline at end of file diff --git a/secrets/wireguard/services/keys/elisabeth-adguardhome.pub b/secrets/wireguard/services/keys/elisabeth-adguardhome.pub new file mode 100644 index 0000000..25d25b1 --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-adguardhome.pub @@ -0,0 +1 @@ +JBC6WX63d3ozD6GbP/FBiqocaiDVDd5bS/x91pK3bA8= diff --git a/secrets/wireguard/services/keys/elisabeth-blog.age b/secrets/wireguard/services/keys/elisabeth-blog.age new file mode 100644 index 0000000..3634281 --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-blog.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 Bk8c0xOAh8iQdiwOsBqk+96HIgIzU1rdwuo8u3pP410 +kXLUn6+uvw4mor8Pdc2zx4lySUW7DG2fy7I2T2C/7+k +-> piv-p256 ZFgiIw AmPIChxwRMEGJJboHUS5P2yrV6tgp5yePILw9zGbtoA9 +lA89COUfpu+czhZLaU9Hzgpf/sEbJM3qPtJWf8cY25U +-> piv-p256 XTQkUA Au2x1ydQh1X1LCbBc/bwl78UdV27GUbMoIaYe2CeKFA6 +mP9EGUfe0SXAM0YfNPtZb76jkTncoX9Nhmdo+r19jXE +-> piv-p256 ZFgiIw AjdHIwK06SUJMVtxWH4SWC5+nw9Tj/SM1Wgqv4enk7ru +U0XuZY1mz4Pi7ttZdSEgjpL4FyubIigQqGZG9PG54Jo +-> piv-p256 5vmPtQ AvCFRTCftrgbM92LEAT+eh+6DCavXtHNY5A3dYyzATet +ns1rBKUZBneY4oJqUcvCFDeD+HU2b2g5laJCiRXWb2U +-> phovq X25519 aw+t9eEyLmsfDP+Dk9uRFEublg+D5WwjsjVsTVqronE +RH77+pyRutCBXsscV/z1n1T/BtBCyOMRmTUgeoK7CUw +-> piv-p256 ZFgiIw AjH+01Ejv/xAeKCQwWpPAFZCqfJOK/2O17eMAmkxw4c5 +62FI6BEXwl9H7yxXnbT4Fj34rskcCWSJOB4sqmU6kg4 +-> piv-p256 XTQkUA AhgGGWcnDSdM4nBcPN1CLyf2Kv9fPx7hLvNjMplATzVV +hKJkf/kKbZnj7oQwmYtesGh8GxHdAH/zWdVHNp/Pn+Q +-> piv-p256 ZFgiIw A8LTSuxOcI7avPen9Yr+PAVyhKCbGFmVfzreutgvmFi8 ++C/uyAMuY1azx+Qdd8B26o/3pz6YTUfcgB2RZYtfjRI +-> piv-p256 5vmPtQ AhdGtB1vaqmV1Tv0TH0dU26KYpGYYWv9fU/HzEDCs3Ti +c8EObUwdxfKqpiKtDFfju068qMZQ0RoXMNwN+glYRYk +-> S-grease z;!17S"( w =7 +/pr7W8FasVljDCCPKIIczTWE6mcw/wTo4YrotPei14UONuJOA1lzx2PATF4uxQVv +tgPjJ6vtq4/PHuDPZfmNVClIcPcpyrdAuX6vxjpniqQGVtLEkPlUOajROP4nTlLT + +--- 3vtGcY2vlDZbMWzT0YnGh3EZEdvBcgcdM2dKeO/6LL8 +3Sţo/ X25519 luLtWeBv6RHzJggMkPn8TLin8Iti1sNu3ydPRP+ieQ4 +mNmcOWogckgjSLQwd2/h/xWeTyvcKFc0Jdlm275Mdgc +-> piv-p256 ZFgiIw AvHjvL+Khj0HxgfUp5st7ywTWIzvam+/7o8wgbeRf+wm +MmS5QJbXuljPiTgj3ZlwOWInXQ7/5/DyHhBc9y8iJEE +-> piv-p256 XTQkUA AiJs8tBQlJd7mJUVnZThe+Sut6nZ0NmNqWX6ruZ8/q3W +GYMn5evWRJL65hnZh0AebJHzi6qLdbyAEFqAgp9N0qg +-> piv-p256 ZFgiIw AxN0Rldpulafv8s7GhiFfJmJezQs5Jsu7QK9DC0ySUN8 +tXakwuT2nFy3RHpp2bRFwgnsOvGD4J09eysCCPHFcyM +-> piv-p256 5vmPtQ A5GP8R8Z9OX9K+ZJ8WB/Pt0MSLxwf5lNeMpOnYCZLIda ++XNnmwev6N8ms+6rfzZYm0HTho3oxsFu6mwvSTK0hHw +-> fT>6q-grease [3:)E "kbI6z TIxII +B5yRBN+R3y79M4yf2pLLRqkwHs+BUfdAiALWaPZQHnOK6+Wu +--- XAdm3g5UtHN0Lfn/ZNSvUNRkQlu/WRJZM8zzhELW5uw +?aHH +KCPƂ*\mEQV/مDsr RS)缲yD \ No newline at end of file diff --git a/secrets/wireguard/services/keys/elisabeth-kanidm.pub b/secrets/wireguard/services/keys/elisabeth-kanidm.pub new file mode 100644 index 0000000..f05b725 --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-kanidm.pub @@ -0,0 +1 @@ +yw8YcjcSnVMnOXHuduWnUyscHQUotMNNLphs3lF4Dlc= diff --git a/secrets/wireguard/services/keys/elisabeth-netbird.age b/secrets/wireguard/services/keys/elisabeth-netbird.age new file mode 100644 index 0000000..ca4d891 --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-netbird.age @@ -0,0 +1,18 @@ +age-encryption.org/v1 +-> X25519 0rinvmZPAOWkT5KyqenFfeCZ/I4pvgzvtkFC4gUPLkU +AQ/lMAq5+KhkGkWrvipBuOlzOXjjI/4yhlZDbnuZQzk +-> piv-p256 ZFgiIw A7a30uFipG4r16euJRm9apel81+vicsy2M+sjjNvZMn2 +scYj5kzAG4nzVZSAwdj3gps/o1ke9uEbqjMHxfWzJBc +-> piv-p256 XTQkUA AvVCUsXskkbeuiuKmho3QI8xrYBIBJB8E4ppKrZOKLA4 +AdgpDcUXLWfk1gyKaKUcSMetCwVQ+wI/C0s8wb+VQzw +-> piv-p256 ZFgiIw ApveIFCs8g7N1L8q2tzKUydZVPsbD2MSafGQGTaAQcHV +qec6601MsIw5HxZyxLBg+9mL4gRGV4DO3wTlYD+t7Lc +-> piv-p256 5vmPtQ A5+Sz9ZcqstjQ72Yzb6Ss9d301YKVPMakHu6cqdwd2xq +Tz8L1rX4XOq+lDZypt3qqiC35dgAPUkqahI51ruG5pQ +-> ?p-grease /o{>/wxA +BU02koFDyAcSSHM2qpiSyxsClD+iRZe90RgMnToUjDT+lj8syRRVd8qEDeSz1v/2 +IiqkDFTWtNeFbuQ +--- rc/d2dojoAr/ccm3XgEKCrDzCi8TsI3Dhjk7ZpgPDzw +hQ?GIbW3LTM +]]P +ni-4 Ҫ>/}hJ%3$j# \ No newline at end of file diff --git a/secrets/wireguard/services/keys/elisabeth-netbird.pub b/secrets/wireguard/services/keys/elisabeth-netbird.pub new file mode 100644 index 0000000..479efad --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-netbird.pub @@ -0,0 +1 @@ +RPZPjAhzlNQK2ZzlDYuV7Z91hZtPKrTVuQ0uP9+ApEU= diff --git a/secrets/wireguard/services/keys/elisabeth-nextcloud.age b/secrets/wireguard/services/keys/elisabeth-nextcloud.age new file mode 100644 index 0000000..95f5b37 --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-nextcloud.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 bImr5X1Egod5z1dJgAvTPVQmHqhBBMki3XemlQFUKSU +vSyCgyRw45jwUXhr8TWXhv+GdOd5FVNss1vZOB+SdeI +-> piv-p256 ZFgiIw A8rfFI6S3JAl8KD7sYLYLUqc0XzPxEHmcjIsmJ+QVHg1 +p3bFDfgTKX7FPKRFGCqxjS9UIa8axhqhkDZIZ+JKDiM +-> piv-p256 XTQkUA A28LO/o8Nv3EXlFgmuKSU6YSO602AqLTHPQ/SvJAxiTW +mecoRbOVtPTzWpdkvLbaN/oR8IJJOFXsow0za/gXiXk +-> piv-p256 ZFgiIw A3n5YgVZkh9Qm98j0kjEWUHjqwQMvOmzvmZN+qz7+Zol +qnRVMBdyCy8OBf4dLV2h8QSj84F6HNrMRV023XN0fp8 +-> piv-p256 5vmPtQ Ai/vpupDhvswudGQXoSbResq/ccf9lL9sCggn47wlRRL +6pbVest0yiMk/ptsrnn/C0x4/NXmARgNO0i0nPszX3U +-> #-grease YXQ +LhlauIYLi1sowW14ssXsXJLa+Sde8X/b2jOLCQsXrLGE33rwnNvU+CQF7g25hjle +EnsvYouxHPpuCtpqhiU3xZvWxfioC48BlEo4l2Qu6uZM +--- ofr9ySyhTWn67gns+6DHtBgHuAxsrxAXlkLwsd9GDDM +x"Y=tVվE#EKu ygqyo~D-:ŁBp9HnVd9Uo4.&&W \ No newline at end of file diff --git a/secrets/wireguard/services/keys/elisabeth-nextcloud.pub b/secrets/wireguard/services/keys/elisabeth-nextcloud.pub new file mode 100644 index 0000000..cdb4e4d --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-nextcloud.pub @@ -0,0 +1 @@ +jzIpEhJbgL8GJBeoZFZMZZTxQHVIICqy/Q9/F59sgh0= diff --git a/secrets/wireguard/services/keys/elisabeth-oauth2-proxy.age b/secrets/wireguard/services/keys/elisabeth-oauth2-proxy.age new file mode 100644 index 0000000..f6312ee Binary files /dev/null and b/secrets/wireguard/services/keys/elisabeth-oauth2-proxy.age differ diff --git a/secrets/wireguard/services/keys/elisabeth-oauth2-proxy.pub b/secrets/wireguard/services/keys/elisabeth-oauth2-proxy.pub new file mode 100644 index 0000000..c02c220 --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-oauth2-proxy.pub @@ -0,0 +1 @@ +RhtpH+CjQ2+P3gGS9X0X0wC4h5MzxuBP/MpvqEnlPUI= diff --git a/secrets/wireguard/services/keys/elisabeth-ollama.age b/secrets/wireguard/services/keys/elisabeth-ollama.age new file mode 100644 index 0000000..9f3ee88 Binary files /dev/null and b/secrets/wireguard/services/keys/elisabeth-ollama.age differ diff --git a/secrets/wireguard/services/keys/elisabeth-ollama.pub b/secrets/wireguard/services/keys/elisabeth-ollama.pub new file mode 100644 index 0000000..70d9855 --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-ollama.pub @@ -0,0 +1 @@ +W9UcZ1j7uMYCvqIyPN9E8Z9pwPMDar/zeu3Jo6QywEM= diff --git a/secrets/wireguard/services/keys/elisabeth-paperless.age b/secrets/wireguard/services/keys/elisabeth-paperless.age new file mode 100644 index 0000000..c4f9580 --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-paperless.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 xnLCi7i/0kASVbg1x+ZUlMPKNsc+xlal5loFnUxCzSQ +IXP2BSnNn1w4Iof3u/+5Y5G1EUjuZNbfYylpQLaFpow +-> piv-p256 ZFgiIw AvHfVU7CPbHXEuvE+NWlkY5G0ZRJofSKSed0DFZNyNZE +0dZjBjbhPU63GQkAgkanQV0X8jpj0tpzpUtKCEgCp9k +-> piv-p256 XTQkUA AxUzOPEU5dldLeysEBPfLq8kxS9aIOZgi+76Ght5BMbL +X56hXZox9imUb/rAXyhLlt6PvODWn+3PdTrz5oyA5PY +-> piv-p256 ZFgiIw A2MT9tL99h6LJeAh347sHhoJX9Fufwbe3xJodAtHXpFo +iSBvG9dSTCu2c7CJM4uJD0k0Lebhtw/3d1t5O8i/Bs4 +-> piv-p256 5vmPtQ AjM+cyK1Ckjzco7BVjsWlA/tCA5KEnVoP+42/owo2+3l +12nNajrkzdFp2ZlO+nf83qe9qzpqKBqrdyIx9233j/w +-> kmXi7@9-grease w{p^Ga I7 7rq &Gi. +i4BxuM0wd9OwCHAjsVINDWcnAcPm3KFgPyRYOycqMqz//5oBQ521cfmOfII/+aIi +5Uvfzr1y+dklrirM1/XTcWd1qu8MAWsKY1Et +--- NeRoiL8CaXaf6xSrQnra0amxHgUvQF9TGVzaIGVD5Yw +2l' bVI0QF+~A]c X25519 mvCl+nwsq6f8gcMEob4FEqZfy8BoVQZopG+5S3Noly8 +lBtGkTrH5YqRVEyipHJQpuvZq0RRyxGNSVWZOC9r/t0 +-> piv-p256 ZFgiIw A9Y4Oz56POo8EDtPM95teh/bafd985mm85Lat3AUimbd +6MSLGadOOAHMMgcnTqubgLot2c3KZJIexg1vdrk8CJc +-> piv-p256 XTQkUA AjCN2q19pRRlR9GOrWLswKtHlyF1uciZHyAEe7Aedpmy +tQVqTdDskneI9aXswr4W/8WW36GqamJT2mWfMS1E0FY +-> piv-p256 ZFgiIw ApfNyI7uDb1vjl2IaSlLQCo3u1PNEm371MmsbDg4MqMn +pONKvPJJukzpOvB+dR1GQN5cwoxiNF2ThwbF+6D/hUY +-> piv-p256 5vmPtQ A+F11/Cz/2KipbZS9YCWDEPPcMKlydmjWD0wYmbNDnl4 +55Guvwwo9h69owVJUC9qtFz4cOGJmqsMTKTNCCUiwKA +-> 3c+[s-grease #&KptE.Y k<]~YQ >fjq |w +btiFhbyk9G+yZTXFZo5KF4qlIhPUFBuMAwgq3AtcLodDxGW81r/8iRLGzOEig544 +9VgSF7YgcvCn4471o9OKOYcec5xzWwEBKmU4xcAt7LITDVAk +--- O95tdN623WEtzhndVzvCs6GHMkeNyl0SlUBHBLafxs8 +dNč_Mܦ8%Q;~Xkc=}#Ò[ HZ@UH67h +V \ No newline at end of file diff --git a/secrets/wireguard/services/keys/elisabeth-vaultwarden.pub b/secrets/wireguard/services/keys/elisabeth-vaultwarden.pub new file mode 100644 index 0000000..c95669f --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-vaultwarden.pub @@ -0,0 +1 @@ +A81QXQUfs4JVL6/LhPCpLDfQDUpjv3uT/ZMKP9bg2AM= diff --git a/secrets/wireguard/services/keys/elisabeth-yourspotify.age b/secrets/wireguard/services/keys/elisabeth-yourspotify.age new file mode 100644 index 0000000..6feb984 Binary files /dev/null and b/secrets/wireguard/services/keys/elisabeth-yourspotify.age differ diff --git a/secrets/wireguard/services/keys/elisabeth-yourspotify.pub b/secrets/wireguard/services/keys/elisabeth-yourspotify.pub new file mode 100644 index 0000000..1bef05c --- /dev/null +++ b/secrets/wireguard/services/keys/elisabeth-yourspotify.pub @@ -0,0 +1 @@ +6H7KpyhkVTqzpbn1OqQh2cD35YGOsFIyyjH3ZunKOlo= diff --git a/secrets/wireguard/services/keys/nucnix-adguardhome.age b/secrets/wireguard/services/keys/nucnix-adguardhome.age new file mode 100644 index 0000000..6224657 --- /dev/null +++ b/secrets/wireguard/services/keys/nucnix-adguardhome.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 FCXqItDpQTrgMDd5/Cgp0jUnxooOam6n7umK9SY/ehk +WEmoCjca6GaxxNM7M9RAsFhL1R/Ph2Jm/U5Ot97zHXg +-> piv-p256 ZFgiIw Awe6W+70iC7LTUDhpAOkdJarearahOo+QEplpGZ9+LpA +veDN5vAiMnx2trD+n4VTbT+ktWMjltJ7yFeIEbxjABE +-> piv-p256 XTQkUA ArTm5IoQODJ0ZOf2dWtu1Pu0ofwGVL/SD560BTCp3jVY +L6458/mqwyLLBNB7Zrm9wI7i5F9uY3w1Xz0teso6FbY +-> piv-p256 ZFgiIw AqbynvCHwhsKGV89+IeEk3q0P2/AxAg2AntzyiZ1u6Xc +MZBM/pxrIkzjYQLxAjtcikDXrSs3VKTUNM5Uq6XF6Uk +-> piv-p256 5vmPtQ A41Tj4YWIDHPAxfDM5EunB1U7h1aw8cehG2+MqHjtg9g +jIdiGDNPiNjrmJQErKX8Fi4fcc3fEmdqunjTcecOXjc +-> EU;nVgq-grease f}.1pFa +8xH/q5hkWZe6B9f7q0v3tlXyuZqUp+5nlybGsiV1L5qPt+okDQq2ZDK381oS7Bhz +oWESimb0h85V5ZObD1CLHvSZo3tvE1k/Xwt/nll5oA2tUUwLCApJwLY +--- aHYB3PHq+ZwJgtBCJscliJrk6ayjJWs9KwbkkGBOAIM +30G;0fz|T *E!дgs0Iv Eِf@ڇA$'gٻuF \ No newline at end of file diff --git a/secrets/wireguard/services/keys/nucnix-adguardhome.pub b/secrets/wireguard/services/keys/nucnix-adguardhome.pub new file mode 100644 index 0000000..d393832 --- /dev/null +++ b/secrets/wireguard/services/keys/nucnix-adguardhome.pub @@ -0,0 +1 @@ +PZgUA6iVtQ2iuaZifFb49KSwdvs6FkKGFVzUgmxT31k= diff --git a/secrets/wireguard/services/keys/nucnix-nginx.age b/secrets/wireguard/services/keys/nucnix-nginx.age new file mode 100644 index 0000000..9b48d03 --- /dev/null +++ b/secrets/wireguard/services/keys/nucnix-nginx.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 lT3NZxaVET+8xoX6SvU3rSv7qz3phrEiY6FN6vN67Gk +JHCY3isAIzjuGCbAlNKsEy3J3Ku3ZaBkflihpIcBpsE +-> piv-p256 ZFgiIw Amm6XAYZZeB84rQ71EmDeh/Dk38TtO/WduPBoUdrEnNw +WX062xqwMUBkYVFMRetPwMJmNmLERk3PG4Hp3tUv3iU +-> piv-p256 XTQkUA A5/KxXWs31Sf/txVT3c9w8R0c4i+n1bS7c8Gc2wR9qry +vULapAYycbzJH3ok0LSKcY+KzNERrntDo8yHvHSj2Ns +-> piv-p256 ZFgiIw A4Nk81SN83VIYiTvfnBw3SuGn1rWq1BP92Rof3MrRed4 +RyyS4UqWXrY9VuI0mEKwsV5dhmAf8X94zmPUZO2CLqQ +-> piv-p256 5vmPtQ AijU93szE6m4vNVnHORPncq48+a4TbhmG98UgpITiYad +DZUp4RiqTp9jFABHveISIRELC9IyApcbDnB3UIgnYtQ +-> B*JM|U{Z-grease GY_d{,W o' XlT* +r7nDEV1lLBdXWCul7f2hdGIfKxA3S4Gk6DD37tptw+LGSNSFXdE9PJBEnnyJimqY +n/2qOPwsm6TcP6AHAGgIqgANzHSTEgFWcU11Iw +--- OLgkZ0DDChQBQyi9r2YtDY0eYY9U88k5YPIQGMgU9Rg +s:u_f??ڞX#ֳuG&3]w Hs^WYJ`>"QxBU\\+ \ No newline at end of file diff --git a/secrets/wireguard/services/keys/nucnix-nginx.pub b/secrets/wireguard/services/keys/nucnix-nginx.pub new file mode 100644 index 0000000..ddb85a5 --- /dev/null +++ b/secrets/wireguard/services/keys/nucnix-nginx.pub @@ -0,0 +1 @@ +XyCqh3ZVY21VLzA1GcMRMvI4OjUtirDUJ3YlpYVIlwk= diff --git a/secrets/wireguard/services/keys/nucnix.age b/secrets/wireguard/services/keys/nucnix.age new file mode 100644 index 0000000..534b296 --- /dev/null +++ b/secrets/wireguard/services/keys/nucnix.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 qq9hX9NCK53eBNNq62RETvDBDk8ro/FjUzUN+mEsFHM +wwCgrGeM9rw1Rht8V9KYNXT3TcOIh6Mrw186/EbZtCU +-> piv-p256 ZFgiIw AxDQPpmO5RwBQ2AuQQt0agFzX29Nv8UCkUZQoNeXKTks +QKB8YzZqBRcCDDLygNZq9KFg96uWJSFso9RyAXcH1ck +-> piv-p256 XTQkUA A9sZxM0VFlrYsGx4ah+hz5jzZg4HPR8BmdmdXHm3c0Nk +/1x24HciHUW8xweCQSi4yd3w+dE9DPkGawzRtzPlCwk +-> piv-p256 ZFgiIw AraeAsBFwzhzdH+aFb/jnoqC3/jtsZNCoI1wLj/UOUm4 +5EiIdNyGI2/MxzxkXfdSfAPc44O+yBxk25PrMU/1gM8 +-> piv-p256 5vmPtQ Awcj0kQ6xC0D26cOnMGYqVDETrvhNECxyYtHVG0yTusF +aDTSnxkl3+rE7CnO8XGggadnCuljS1XeTXIj+MIujfs +-> m`iV-grease u`\zp +1j0Fa9cNYvlhnhw/+vsrBO1t8TMfVsQ4ZZqgGOwjYY22vhwvQED3BDqcNkKfsw +--- E3YOUzvGN88Q9xNcB+RCJaNA8PZGqTIRHYWy2WhQ51I + k|4fIX7J~մ- lTr'0_]R&!28ה{YjN+,jm* \ No newline at end of file diff --git a/secrets/wireguard/services/keys/nucnix.pub b/secrets/wireguard/services/keys/nucnix.pub new file mode 100644 index 0000000..90ea85c --- /dev/null +++ b/secrets/wireguard/services/keys/nucnix.pub @@ -0,0 +1 @@ +IGTFNZI7UV2gNGhjDLuFZG72KHs4x0XbgdD7cql7CR0= diff --git a/secrets/wireguard/services/psks/elisabeth-adguardhome+nucnix.age b/secrets/wireguard/services/psks/elisabeth-adguardhome+nucnix.age new file mode 100644 index 0000000..d51988a --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-adguardhome+nucnix.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 WDcPWyW6ayGP/D1VwvnkyLy3xnIrT36p42ETRzldrxA +4hvRzI3LjYqtLxeJa1NZ7gto+aBWj8vjRvrzj+y5r4I +-> piv-p256 ZFgiIw AlITbN+AjucybQ2jTh7XjlouQsEuFXr2ndNjr8e4uNeb +27WYMNNuYZbqhwCBIGUDTEwVuq/rS6CUCKU+GuGNmPI +-> piv-p256 XTQkUA Av85Ltm5ePnu4dhDk/K3Gxg2iFA51ohbrmv7HnYt8kPb +6NPZJwh3O5vO1hzC+ITxZ6W4g6YQF5yrjnK5D0VU5do +-> piv-p256 ZFgiIw A04ruKSIqVb7gAfoYyF3JpUeX4AHRNt5QASAVSAphkt/ +KGOhLk3VQbkgdHNZjjHie9foM0UYeQRSJAc2InxThTE +-> piv-p256 5vmPtQ Ao8a+CCALn3Skae2e/LUgk97QRVizjmiTRplzjs988/0 +CZjOhLAh5VcLei53Qrhc/EPgh6E4vQbkPgUU/3IIoGI +-> 66h&\-grease Go8(W- oM +kNsjfG2jzm6EBtSD +--- LBqhSGGU7WAyeCicGJAKM7cp6h3onN/AQ662BVnifa4 +mGذ\*<#v>bZ64ఇ1@Ro.1v}@U4{Ax={i \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-blog+nucnix.age b/secrets/wireguard/services/psks/elisabeth-blog+nucnix.age new file mode 100644 index 0000000..1468ee1 Binary files /dev/null and b/secrets/wireguard/services/psks/elisabeth-blog+nucnix.age differ diff --git a/secrets/wireguard/services/psks/elisabeth-firefly+nucnix.age b/secrets/wireguard/services/psks/elisabeth-firefly+nucnix.age new file mode 100644 index 0000000..5c4e79c --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-firefly+nucnix.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 y/kJuruvCizuFHbDOjoA2c2sUd2J3WMcBtV9AiXlK1Y +UBlOmcaEGgvK1C4UGXXWzuh8rLR5RBoXBFcu4o8bhIU +-> piv-p256 ZFgiIw Aza7eFApuRNtL9mN9BkfZOj5C/+Fv1atV4tXiCAdGxBD +IDFCjBA5VdYVt1ZWyqg19jgHel8BGaNfSq6LT2/+MK8 +-> piv-p256 XTQkUA AikzeWKvE09dFYwbnY3gtX7d0gETznoEJ8O8XVGaCRTI +CKcaqGBCKtrBcsrQDv/M2un36VokGmMTu4g/cUwQC8c +-> piv-p256 ZFgiIw AmP38fGBfjlkVFmFitafj4FJ+4U2Un7Q84ZDudMfbmYH +F0r2gVStBNJ4rQ76kHHJ70HUeB/OgVdXGDuyeDXlO04 +-> piv-p256 5vmPtQ AtOE0uxS+DYybzCN/tp7dmM8LHKlZHJh3NnHm8HDMD57 +0scclGGyFkrS4BT3eJ6Rsnk1iG7Mrq9NxEXp7M72tSU +-> c?{+D2`-grease QY(AZ F_dRL= +19S42L353ce0ciAZpgzCV4irhKbjgC/U2qQhLq/tIiPdFLzLfaDbc7GxXGwq6QKo +mctx6KuX2FBvXhpXmevl4FMwkIpKpQWcnQ +--- eLbtFI0vOfl/k0cETZBEuG/xxDI/XZabIKjfd3N60TA +gɺ~@ycZcK]l!C6KK n~ryN~EGݻ!й84tS \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-forgejo+nucnix.age b/secrets/wireguard/services/psks/elisabeth-forgejo+nucnix.age new file mode 100644 index 0000000..8c95840 --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-forgejo+nucnix.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 ntmEiNKnuwc901IYD96SfEfhpWZcwD8jH0AmftqSdDw +RfJIXgERHyLCd4pUPmFyI7sNQr0d4mw8jkHyQNfKMz8 +-> piv-p256 ZFgiIw A2DVj9i3eLBnU39QR/7jCpQ1vhOw2mZHDpVlXWCymekp +RcOqYuDAXErEI7qRdgGetlfx0OeDgwUSLE5tSiPg8CQ +-> piv-p256 XTQkUA A4ijjV18QVRn9ABTqqIQzaV6bdCCpt0HXaud4WEjGUic +BJIOlKR8Ga+9181YUGq8Uc1U51xT0ZgghRHpd/oNtg8 +-> piv-p256 ZFgiIw A79iudQLfzn8Yx4RX4t5ZHs3B/qMyDH1FDtm/wNNfPAz +O/aDMgIi26lZMsmTeza8tbI7C7uXo827qppdBnzNHRE +-> piv-p256 5vmPtQ A7/7UaP9Uk+B+dnd1G+/mX+9KncvNnet+UJSo89QaOCQ +BQmVJyXDTmmm4xYU78qBWme/vE/JKSTVMfILOw3nCPk +-> ES-B-grease 3 Fj +7xk5tX4jTdSpXu/0UhshXuLa7n+qGIUpd/QaBBaopUBRXvB8xHtMhxQQg/9GxF8d +7FJBLu0xmx9F +--- kSybrxIlXPKRHh7mMn9iD7EKh7y9Y3QtEuxmzUtBJ/I +M.afOlI`D nkM*|ݪ˜+^|桽y^NO~tG*]Pf~ȶ \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-homebox+nucnix.age b/secrets/wireguard/services/psks/elisabeth-homebox+nucnix.age new file mode 100644 index 0000000..452e0e0 Binary files /dev/null and b/secrets/wireguard/services/psks/elisabeth-homebox+nucnix.age differ diff --git a/secrets/wireguard/services/psks/elisabeth-immich+nucnix.age b/secrets/wireguard/services/psks/elisabeth-immich+nucnix.age new file mode 100644 index 0000000..96e6e71 --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-immich+nucnix.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 7dIncwtS83XXkEe2VanEL70pk6t+mYPH+6VZtCs4oBQ +ufcnvY2GUWpl8t7vbHj8mn5ncIlKYC7JdQg/m5EXPEo +-> piv-p256 ZFgiIw A9PGE2SK/oMm0jAJHQ2RZfr1Y3db3DyHx+Ss1P1kloNa +UMlSR1qnG5/j2K+OjduJ81F0ALtjQW5Ran8glCK32XU +-> piv-p256 XTQkUA A8l1wSZnjCin3MfPTFUhr7aKtAKHEfgyqwA6kGYzuiKn +/5uZ2tTIhBCydOOQGomZ15EK2TV1nPxnc3Xz+oxHLsM +-> piv-p256 ZFgiIw Al8J4YSa9uyXJvXLxpfEMDZgPJ1meLbWAN7E0tX9niBx +4dz8JOBQlE9zLau57fLhhXK9hT5aXPLU8JwQ24/BDIk +-> piv-p256 5vmPtQ A/Y5kj4gsFSBda9DhvOXuzrqzYHuUVKYCCxExpaRgmwL +Xbtluig5zDJm/L7OU8JGw3aYiDhrAJXbLK/dLq40VIE +-> VN-grease )k#g X25519 Hmme0CoTu8XdGazcxdyPR68dkUFa+ZXMN4kau8qd5jY +CoJvmGRc+6++umi8D/R93anwtv6Ke3OcLNiwuMvJL6Y +-> piv-p256 ZFgiIw AmVYHzo1mhEN2xkkCJpAfgUf3/SObx+/ELDEUHioTuaT +ie8ceO7eEVm57v4EL+zkSyZ2fM7YhL2c2puZuC+UqLI +-> piv-p256 XTQkUA A3QqKMVNHwrfj4F0Db/5C1xUWG0YSfONTiFHbqE6CpSw +88/aA4hxsSqv1cf9AgsbeABKnIxAbfKbFzRWpIQ/Vrk +-> piv-p256 ZFgiIw AgTw/EdOPjr/LdR8M6uoFXW9o34yy7OdtDcTVyzWeo3d +DkjGvcwiqGgg7pkbUSyXjl9jWOPvih+1mhhyseWEMnk +-> piv-p256 5vmPtQ A45i1c3SyXraJTA7laxi9dJ4Kv2uhrwvgTaik9ghISfA ++ZNXTFP9J+e1c5oW5CqAWc151MWMzLaTo8WBNMaQv2Q +-> j!eB-grease +oPx7N12FiPTvmiw6f9qzwCSIFzUUVSmd7YM +--- 166Ur/hqiHy3XxUfeWl39lCl6lOBjFMfMqFI+jNpvwU +QÊv +-TA]?V[{XI7[vT!'ؖ!^F.؟B3YUuD{ P \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-kanidm+nucnix.age b/secrets/wireguard/services/psks/elisabeth-kanidm+nucnix.age new file mode 100644 index 0000000..1bb8daf --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-kanidm+nucnix.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 jGNMcfaw3DYdD4iaBO26/9MYAi4+vPGSBhOa/7Oi/mc +EmEPxsvzp4DLFaN0+MMJS5o+JGaC7eibaFYfLsaOXGQ +-> piv-p256 ZFgiIw A+IhU7C8JKGmCjRfqE0Hb2OC2u9WPbSmM06zJJHM4Zvu +FL0/AM9oI6n9BcDI0f0oc70NQ1XQucwGdrCqXBHQqAA +-> piv-p256 XTQkUA Aq1JPLlpjmRzzf7KxkE4sL+NCePDiuj5bi5eKVavIMw9 +DOvHl0gY7Ewvr+1g1dSvwuQTWnSgg+fCwHqaj68d2QI +-> piv-p256 ZFgiIw A7o0TX2QNlzJ02ILQ1YFePlLWoBqinsZ8yMnUEvyRoZA +5t/2TWG8U1KrJOe/XcBSIFQZKTD0rWfGU8/t1r+P3f8 +-> piv-p256 5vmPtQ AsH3Ncgmz9YAPngbtmHDml+juIYvMKOnFyNdXVy4Q/ml +2/i+tDSZdFhhsD3mAcVf6kcSDUkjg2i7IqvwwtnUHg8 +-> B-grease +yPuSr9+sDN0orQW0Uw/CasnRiQYUee0tjJGp +--- 8pX9H1Uc9Uc/mxeoNw1+E7Kb24Vawn3dpUFagne6PgA +CoO6) ȽZn"9u]_#?XEn,A:掞@5y=]Q/:uH* \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-netbird+nucnix.age b/secrets/wireguard/services/psks/elisabeth-netbird+nucnix.age new file mode 100644 index 0000000..d5eb3e2 --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-netbird+nucnix.age @@ -0,0 +1,17 @@ +age-encryption.org/v1 +-> X25519 3gEA4vkpqlmjFfu5VxVOF6peWEwrZpfotpMQW3BfdD4 +bSQXk1cAe0OAiAqZII8KFOiTvQLhTQXG6sUPYtIwo8I +-> piv-p256 ZFgiIw Aj5//dGP063fSaSPA/5xW8bWa4boKS3AInOdcmdDUfjD +KpwerpmrnntYw+xess0Bv4T//mDI7imFQWAAwhhS51I +-> piv-p256 XTQkUA A8ZsCIqHDsKB+TlPpLiEbSJlhvUYnIZrKUQ9io2XL596 +VYPWPwc8z/Yt39yHWJTYLz1KhVJgeXqsoLXWsxPOLyk +-> piv-p256 ZFgiIw A+Xl2LJDuJ2a/FCN+KE9Vg2whiK1PcW8rV+p+Ni+iixY +W57Q7TdFGAHSUbIg0NbZWJ6q7L/+Eq36aqkpeSkbVfo +-> piv-p256 5vmPtQ ApKk8ffkbRdZ2dUba6cfjV4KkIfgJtangyd54g6zLw/g +feIFuGW8j8x4XFB1Ufcm3gJauxQBCI6IW4dJ4RXhTas +-> FjM-grease rv'>X2* <.( D,&Lf>?- R5u*n6 +KDw54yS1p8R5bNB4tfn8xHgWYy+nGrQqPlpzkvXcZo8lZG2kwQ6ApaVtF813mvNM +Rw +--- AX2wEusmwJg6V+IW4A4GIyMCpcDyN/8sXYK4luQVSi4 +:Rs3Eޥ͏kǷq< +Bc|d^& }z!X y`Љz?q|?ƛ \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-nextcloud+nucnix.age b/secrets/wireguard/services/psks/elisabeth-nextcloud+nucnix.age new file mode 100644 index 0000000..e6f60b1 --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-nextcloud+nucnix.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 LZwIzKZnE84z6xJQhUZbg8Qy9d5Mzv6mithqkAL/NBY +JgtSqL/UtW5i/9082gyURB79iuQA8XHLmyizndtNoA0 +-> piv-p256 ZFgiIw AwReHClPfOhTe7QIjUYL2Mvkq7Z5iqZ5zdLE9HhAdyBq +X1lYY0eeeUO8MMwWqYyYals8dUqXuPAkuactkxLahis +-> piv-p256 XTQkUA Apr0V03jRnslHkSKo8IWcaL5uLlWrKZ7tetq2kn9FmnL +ZWbcEMsPf70u+y8pWrrCs4RWZTpT0iDj2VOgOJJ2QIc +-> piv-p256 ZFgiIw AxaSkSNy2ueNu45/aBQOI+xLlZTa30ssIA2o2kK3m8kI +lkZbxMGXtzG8tSeJOsDCHsA+a8cpOKLfmeZlea33fhI +-> piv-p256 5vmPtQ AwAcj0Gqh/SXlE4X1kY2Icof9ZQ/jMCMCkFHcP32ALv/ +BUPaaKReehSoYaI5lbMWPsj1PZncRlypa17SCLrOA0M +-> |%w-grease +JBH7Ct6fBRBGJSAPk0mYXhtmt9usFhCPUggDGaaz5P+XtMFdUdQ +--- ZzLBQEpZzwkW+InQtTFe0zvpcS0X7BWhSkZLqYpTIv4 +U7o;3P.˪<{cTʰFgzP GQjnhDYS_MzH \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-oauth2-proxy+nucnix.age b/secrets/wireguard/services/psks/elisabeth-oauth2-proxy+nucnix.age new file mode 100644 index 0000000..131de40 --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-oauth2-proxy+nucnix.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 lgY79tw39rdwLkvLugi92CSFuJp1GMpbO+oCT1se1iM +wFXp8kTPPDjSwXYmuEDxS4IZR7YvdVNk9inhjGEMt9k +-> piv-p256 ZFgiIw An5cHJMUUPXb7abH+BSuoBa9dlAVEx3vSShQqiLapJIa +JF9LDhaIUdiji5SuUdArkZTmfj8qwR/VlLT4k3CPe7o +-> piv-p256 XTQkUA A5g0qUtGuGvJrk0ipAzAALS2l71TdAdn3jCnhI2+sChx +3w2KLyU9Dpj4qC+iBcL4G+rdzEcoE+7voDUgD2/RGwE +-> piv-p256 ZFgiIw A4XkhI+6gmT4FUxfJzNGTUi6Mbb3G/LHhCLe7OGhhS8t +8lUrCZP/8vHQdgD4jbWVrYLRJOpgh5BIbAaKBqjfeRw +-> piv-p256 5vmPtQ A1sim7wgf9bGeDmGcRAtGXEeuxQ66KpDm73ppoRE5oWz +bBgQK+4Hv0fKKFLIEBUO1mVc/aFxR//ZROkJcw2Kw+s +-> aZ3X-grease +s5phlv6CCOxuJMovyPgqhS6Y63KnGWcFqAGoA8fCqbAfCeSl +--- jwnl8/9mS12AKEfTjtO31ZdyaCtFU/8vxk8tVNOPfrc +U2&RCi 6Y[6FJ4N{g}=87V頣1%e@j\= \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-ollama+nucnix.age b/secrets/wireguard/services/psks/elisabeth-ollama+nucnix.age new file mode 100644 index 0000000..a9282a3 --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-ollama+nucnix.age @@ -0,0 +1,17 @@ +age-encryption.org/v1 +-> X25519 QM9u5VKIFkw2tyJUkj4ynLhRQijVGhkPLoYBIofimDk +9WgcNHRR1CscbjXwZSp6dZKC625Kz4swTTAXxler+aU +-> piv-p256 ZFgiIw A8uCSxE10QZd8limS6riPgQxUUY5GdhzgVgesJgSykNb +a6YvDJezoPfedKVpb1GSP6qxNJn7S7WeUHGXPvj/qQc +-> piv-p256 XTQkUA AnWRi0I3+9IFj1aXzE5ywJwYC5kVhUhHjlgE2vaVnMxz +BOMq4glpJDJ7yUc+Zp9nPKCzXkN5jFYBykx42+ySS7k +-> piv-p256 ZFgiIw A5SzRe3aHSzGzVTY1fyYcJGeEjxUuCSUEZp9Vtt7vGq8 +v5AUCJWjjEN10V02pGelN8Af8KCWC4jxIA/pYoTmvhU +-> piv-p256 5vmPtQ AqTLEVeLlM9Lsyidg9D3KBWxiHgHOe7NskjGR4sw2sMy ++OL5xyp0fVHFz6kktYE0tisR9EP1mmO2Zn3zRXVykGE +-> T>jV-grease >N3y }_-@D ?e, +B9Q +--- lQTieVmGHzwuVzpPJQodItTV8EvorWVFoFENtMCi7go + yz1_YOjNEy y3=c!$(~Zޞ8c1v1Xs +Qr(L +`'@TX \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-paperless+nucnix.age b/secrets/wireguard/services/psks/elisabeth-paperless+nucnix.age new file mode 100644 index 0000000..7c74996 --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-paperless+nucnix.age @@ -0,0 +1,16 @@ +age-encryption.org/v1 +-> X25519 C0ig8L5gF3X7cNppsiVUGHMfe5oUrPfub3im/4AV/T8 +JS5Ba5nCH2QxPyGkgoWXT7Vny4w63kZqEihWpH5xA84 +-> piv-p256 ZFgiIw A41dgweEgKfINv/vkUTqerrcualWU7/nIEDxYX6xZiso +jK/JH4pQVX4w8aaPRRwqHYnGVbYPuQwqvYqjxbT8rjk +-> piv-p256 XTQkUA A2nl4IVIy4cNOhQLz+fpB5GPWCUQmuHx8kiAtQC0O0bq +blz8FB7e1pp6QHIRJbpYzqG/hKnjShStZ31aiZZDiFA +-> piv-p256 ZFgiIw AnjDJg9IsZ3KW3SpjbGayHQ0cC8Mcujo+khIXxWl3hl0 +JGvfU2Vi/E1TBibbVT+Y0V0rdM6DmtaVMcRn77iBRZI +-> piv-p256 5vmPtQ Aq9dP00crIi0acdo/AM2zmrwOHDr7NS1FqylvOth9BTW +Rw/x/Qb7NWpO1SMUf4pdqme2dFmGGVumGs8zwqgoQ+8 +-> )2n)-grease eTa R l0`) $?'9Ss{ +hqS2jpZVKsjJKfbxVtg1FJEUzoTN66Go6UPr3xclWojP6LThqtvTnWj4gn7gGh5o +7d86q+gAPBtsl0Jo2Sn85TZ+6KM8NiwaRHsnqWChkdVyWIM1ae0u2wvEWQ +--- THSFXW10M5P5r+3+zVP+Bvboie7836eCUdJhy2AUF+k +W8]{nȲ#;+[!=5a`)#Vv >:7܆etb5衟(rC3d \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-ttrss+nucnix.age b/secrets/wireguard/services/psks/elisabeth-ttrss+nucnix.age new file mode 100644 index 0000000..6318a2e --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-ttrss+nucnix.age @@ -0,0 +1,17 @@ +age-encryption.org/v1 +-> X25519 6GzuIB/VFR/SOyo/9zQ8zvBoNXt3hOb4tIhiUu3WNFw +z/WHaqDubaSherbZGzHK652FpcYqg4EkSPnb1wc+Izs +-> piv-p256 ZFgiIw A+jfhWxQs6vZbvjTWa6GXXk47lFi/YOUi8dDwf0viTUR +154Wnppl7nNXEdR/MPgVmoI/ZXtthoLb1U+ObL3GOxQ +-> piv-p256 XTQkUA A1oHBrI6NnAUU7KSk9NNSWftQIqDx5yNIFZxJTVpRxpo +DtH96oBzFRBze9kyuvdfu4TAc+O87rU/e2y1OoX68qw +-> piv-p256 ZFgiIw Aw+M+Bgt1ZH80NWi3au7W0nva9eE2Q4uoZyJopF/usXI +/+dB7sapl/wxCRomcAyxJQliNegYv2hc9n4XWGtu9OA +-> piv-p256 5vmPtQ AnFhwSIgd/8QHHHPbeNdw+iBBvh3YBocbmetEHRiiSeO +08xAPx0v6LRKpO1hdxmiMf1QBD+xOtgi6sRiUv7iktc +-> >l}K~$-grease hs:z8 mSX9K.M} *fyHs16 +qPjL1myZd6w5ib19KyC7Q7MdADkPreKl0wRQoQj61Awd+cy8aorAuwdp58GylAp2 ++miTgi36yNvd0jCNsCoIzVmxASsAkO0QDM4MZo2BS/huUcbR1zluqMKUSxaQjMLs +tvg +--- 1i8K8n2w4m1KQvcMcOJGiyNYHhlrum8V+cfGvzxo4vY +t>B؏qV<34=0kh@<'̕O8ss_˫xwQ)EZE \ No newline at end of file diff --git a/secrets/wireguard/services/psks/elisabeth-vaultwarden+nucnix.age b/secrets/wireguard/services/psks/elisabeth-vaultwarden+nucnix.age new file mode 100644 index 0000000..7ee1980 Binary files /dev/null and b/secrets/wireguard/services/psks/elisabeth-vaultwarden+nucnix.age differ diff --git a/secrets/wireguard/services/psks/elisabeth-yourspotify+nucnix.age b/secrets/wireguard/services/psks/elisabeth-yourspotify+nucnix.age new file mode 100644 index 0000000..a95b75c --- /dev/null +++ b/secrets/wireguard/services/psks/elisabeth-yourspotify+nucnix.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> X25519 NQaN1kR8hYdeRtCFRboTQT8I0XZ11JXfXmeBD00aoFo +8qZr/bhOzeyiHPc2EmwsCnpu87gUgIjEf5U3e8d2BPY +-> piv-p256 ZFgiIw AlzMEQq2IaGHhK7nvBcrUvornX3F2NSEx839jGIFID+a +0Rp4nf7FkLEwd5oQGw9VwqC43LBYc/FQifgayATpB1Q +-> piv-p256 XTQkUA A1m6l+73PZXh0z+k71ibqar4di4ZIdMvlW4VkxlIXuOe +icd+qeZnK+Y96jGAmZKvVEtNDNHXsl/kmMzAPf6FBPA +-> piv-p256 ZFgiIw A5B8y1WZLf1q2OyPBy85MLXfy+o8E0/QfWk+VKPMe3/X +eOGpWHKCMw+z/wMacW7SlKBz08Vahv1kZxTlwzHIt/c +-> piv-p256 5vmPtQ Ahc9suJJFXKRYqxJwU+7wuL/xRm0SsQEdvBzE63H2WIb ++5nm6vjs9Yin1euUnTk8NTlJXu6ekW86qf0VZMd2y50 +-> ekz`w]-grease }~2N&xD c&4lI 8h< +d1wAbql6Fk55Ez4 +--- ZHDzaUtzascw1JvM1ulT+w5ea3BqSuuh6Xmu/TMIoXI +!3$$=Gޘ[:9SNfk0★. |q?ElcQ}4ּkPoZ)`k \ No newline at end of file diff --git a/secrets/wireguard/services/psks/nucnix+nucnix-adguardhome.age b/secrets/wireguard/services/psks/nucnix+nucnix-adguardhome.age new file mode 100644 index 0000000..2848ce5 --- /dev/null +++ b/secrets/wireguard/services/psks/nucnix+nucnix-adguardhome.age @@ -0,0 +1,17 @@ +age-encryption.org/v1 +-> X25519 BJjvxxa3UAEbCYrh2XUfDa2zuYzMyZUZTRv8Td4ve3E +odvrvtk1e/0VXJtqWLqLiJyXEMFZaRCcwf4DZHK+cIk +-> piv-p256 ZFgiIw A8JYlAeMhzJdhRkIM38yNfOhPdVrAjJeqgDKpbY8kH82 +2rS7mpLALQ3THnXW3pFedCB8j78SzjoRnzzmnpVLbTA +-> piv-p256 XTQkUA AjgFzeizql6fDKXN/PLQzViy5Cm+23AhZLfST/Gek8nY +hkufi/sPGZFrU+wbFyI8lGtdK0XQMTPbamaSuWb0kFg +-> piv-p256 ZFgiIw At5UBX4fynLDJMzCz1rhdK7oH6C1+AvBCfmR3nx23Qqw +zvQNJw5eXn/pvofZDKeBTw0whpZM37iYHAUgj5xTYEo +-> piv-p256 5vmPtQ AvK/PSvwJ4ir3Scxv7TKd/rzcsx0Kc65Tk3ss9YM78bG +ikIqHKKjDT/se2Au6JNMkLgEq72xdRDYb7Mibe2AYSE +-> 0W@//)Xr-grease = SIw?rD ح}yi c \ No newline at end of file diff --git a/secrets/wireguard/services/psks/nucnix+nucnix-nginx.age b/secrets/wireguard/services/psks/nucnix+nucnix-nginx.age new file mode 100644 index 0000000..f39e553 Binary files /dev/null and b/secrets/wireguard/services/psks/nucnix+nucnix-nginx.age differ diff --git a/users/patrick/default.nix b/users/patrick/default.nix index 280111d..f056841 100644 --- a/users/patrick/default.nix +++ b/users/patrick/default.nix @@ -1,6 +1,6 @@ { pkgs, - config, + globals, lib, minimal, ... @@ -20,7 +20,7 @@ lib.optionalAttrs (!minimal) { "tss" ]; group = "patrick"; - hashedPassword = config.secrets.secrets.global.users.patrick.passwordHash; + hashedPassword = globals.users.patrick.passwordHash; autoSubUidGidRange = false; subUidRanges = [ { diff --git a/users/root/default.nix b/users/root/default.nix index 9a72218..2fef20e 100644 --- a/users/root/default.nix +++ b/users/root/default.nix @@ -1,6 +1,6 @@ { pkgs, - config, + globals, lib, minimal, ... @@ -13,7 +13,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZixkix0KfKuq7Q19whS5FQQg51/AJGB5BiNF/7h/LM" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxD4GOrwrBTG4/qQhm5hoSB2CP7W9g1LPWP11oLGOjQ" ]; - hashedPassword = config.secrets.secrets.global.users.root.passwordHash; + inherit (globals.users.root) hashedPassword; }; imports = lib.optionals (!minimal) [