From 3a63e8c84df2f5cae625e8c85c9c605f67e2a546 Mon Sep 17 00:00:00 2001 From: sefidel Date: Mon, 5 Feb 2024 15:23:54 +0900 Subject: feat(nixos/kanata): configure openconnect proxy --- nixos/kanata/configuration.nix | 64 ++++++++++++++++++++++++++++++++++++++- nixos/kanata/secrets/secrets.yaml | 7 +++-- 2 files changed, 68 insertions(+), 3 deletions(-) (limited to 'nixos') diff --git a/nixos/kanata/configuration.nix b/nixos/kanata/configuration.nix index ee0c15a..6bfd7b8 100644 --- a/nixos/kanata/configuration.nix +++ b/nixos/kanata/configuration.nix @@ -96,6 +96,9 @@ in sops.secrets.grafana-admin-pass = { owner = "grafana"; }; sops.secrets.cf-kusanari-kanata-credentials = { owner = "cloudflared"; }; sops.secrets.nitter-account-jsonl = { }; + sops.secrets.interlink-password = { }; + sops.secrets.interlink-ovpn = { }; + sops.secrets.interlink-ovpn-creds = { }; # TODO: insecure? sops.secrets.invidious-hmac = { mode = "0444"; }; @@ -129,7 +132,10 @@ in networking.firewall.allowedTCPPorts = [ 80 443 ]; modules = { - persistence.directories = [ "/var/lib/tailscale" ]; + persistence.directories = [ + "/var/lib/tailscale" + "/var/lib/nixos-containers" + ]; persistence = { enable = true; @@ -227,6 +233,62 @@ in }; }; + containers.v-ext-proxy = { + autoStart = true; + enableTun = true; + # Tailscale authkeys expire after 90 days, which means if a system + # restarts, there's a high chance that the key will be invalid. + # Therefore, we use classic authentication with non-ephemeral storage. + ephemeral = false; + privateNetwork = true; + hostAddress = "172.16.1.1"; + localAddress = "172.16.1.2"; + bindMounts."/run/secrets/interlink-password".hostPath = config.sops.secrets.interlink-password.path; + # bindMounts."/run/secrets/interlink-ovpn".hostPath = config.sops.secrets.interlink-ovpn.path; + # bindMounts."/run/secrets/interlink-ovpn-creds".hostPath = config.sops.secrets.interlink-ovpn-creds.path; + config = { config, pkgs, lib, ... }: { + services.tailscale = { + enable = true; + useRoutingFeatures = "both"; + extraUpFlags = [ + "--advertise-exit-node=true" + ]; + }; + + networking.openconnect.interfaces.openconnect0 = { + autoStart = true; + + gateway = "133.242.23.15"; # JP#11 + # gateway = "133.242.17.239"; # JP#1 + protocol = "anyconnect"; + user = "sk146241"; + passwordFile = "/run/secrets/interlink-password"; + + extraOptions = { + servercert = "pin-sha256:42cxGem/A2lRRPLefN3tSlPHFD1mK0BLh7tbUJeXvhE="; # JP#11 + # servercert = "pin-sha256:OvJIFf7gPPbnR7tdG0Uj10GET5eynt+o5pfKBIEA+ws="; # JP#1 + }; + }; + systemd.services.openconnect-openconnect0 = { + serviceConfig = { + # XXX: On initial startup, the service would fail with + # 'No route to host'. + Restart = "on-failure"; + RestartSec = "5s"; + }; + }; + + # services.openvpn.servers.interlink-sekai = { + # autoStart = true; + # config = "config /run/secrets/interlink-ovpn"; + # up = "echo nameserver $nameserver | ${pkgs.openresolv}/sbin/resolvconf -m 0 -a $dev"; + # down = "${pkgs.openresolv}/sbin/resolvconf -d $dev"; + # }; + + system.stateVersion = "24.05"; + }; + }; + # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # diff --git a/nixos/kanata/secrets/secrets.yaml b/nixos/kanata/secrets/secrets.yaml index d6ca875..5b41a20 100644 --- a/nixos/kanata/secrets/secrets.yaml +++ b/nixos/kanata/secrets/secrets.yaml @@ -8,6 +8,9 @@ cf-kusanari-kanata-credentials: ENC[AES256_GCM,data:whwnxMT9JS3iDHbGTk2FoeDBiug2 nitter-account-jsonl: ENC[AES256_GCM,data:a7nSbFcG+E5xXnY4moLAu1ULujjZ8czGGLQNqaLZtFISG5Fc/0mMwRxKdArp9pwdUrteSUWzoKlkeTfsHsoS4TmPMuna/nLKSjBV1bvPdOuBEIi6IP9o6zb9izUvcwTAcMiWPjeRYNyLy5p9tvdIQ0MmRmd5UW9WUILLs7r5dmIK/ssNgYf89jJsdhBRpzOmjOtBbzn2uTA6+3s7ldswSWhAP94654Hrbg1IKxvefAgAqm+/2aNvY1Jxh71bNlWH+/WNBtH7pC24NeNWjiNHKzGhix2UecmcQ5/CEo8DBa6mg4gpe9i+VxzHhl3NJoFrfuicFT2ebTEjv8p7ZXLF3ZRgscXXb9YJ5CjmVILiUh/yYqM2jzSLbGHKIetlNFlmNkAYXN3j+A4w4Jiu4lVA3jwFPVxk92pSHi7hhib5gP3P20Zfbr89zk9tGIBQVDWo4p1LrwumH6aCq+XaIPAHOspFheIteZUJ1q0V2vylrBfkrj+ISDQ94aWgSKC74dynGL4joH4DJ2g6xSh26FMNlvBR7Mwg1PpfmJKx0I3iROoEc3RCPdxaoPiJNL7gpRlHV2a5H+ZCgpuWxcQ=,iv:joZcbUidniBqGu9Lkg6wd+mBdmgU/inbPEOlXewU5U4=,tag:y8Uv4zxuTAsTKB+OB4S6Xw==,type:str] acme-credentials: ENC[AES256_GCM,data:6SIuFH3sRcz/Z855br7VgFKEEA1crztKmhVd3chK7ERJpfG9pTxxX0mAxG3aK5OhXwZpDMp0YkxtEphdkb5m0ZU=,iv:bUMtK0SvtrNwlhuY1k0dNVIOcJgM1OLjmbl+X+Zj01E=,tag:x6kdGrSsImZlpHrPnEAmXA==,type:str] invidious-hmac: ENC[AES256_GCM,data:uIw4aQm6oYd5heSxrJnt6Nvc+fTPLMSEDtDyZ/ayogl6qx/gPg==,iv:8AVzwO9peE0UC70nLxBxHKzTcitrzvBvy120fdQD1+c=,tag:rr7MOqgOFFxXN8W+9MKvLg==,type:str] +interlink-password: ENC[AES256_GCM,data:yAAKVyB0LmA=,iv:iSqCQuYyLA1uMLDf80li+Iqts5r+4sXsjlrIRXlTAOc=,tag:Ard+JQnRMPquRsEe2UTETQ==,type:str] +interlink-ovpn-creds: ENC[AES256_GCM,data:Dy4QLcfPhwqDa4+8YTUZjxaU,iv:oGe91cJVKnw6roEdSut+iA2UCIToxbkOiF9grXDVSkU=,tag:oxnjMZq4GZPwFaFKuVjohw==,type:str] +interlink-ovpn: ENC[AES256_GCM,data:Pswi5M55OydllQ7SK6ponF6J0xYo1zO4AcHFImfDsw5CL+DMJ7j2nVTdKGZOfJgHYB+JZ+X+Xn4LR9nJu/3qcbjY5nzIAbL1/l+b/NzVv9/ut+9KyrrTGGf6lSD318XGSjvVjTA7agGiQJ+VpONkmQFh8HQ2RwbeZnuT6xsUtpkbLozLG/C2bsX4otelmdh6497DqSW1YTbxeR+vG5vYyy6dE3k8ccRv5CicdL4s6dHdkkOJthQRZuWFX9g5NRli3wRxTyW6KBgCL5cQ+BcTcmYh+jKgNqwNbrL4BCLzll4uCzor4ovaUwyctB4tOUawGno5rXcpRc5yGH1KxTwQKoVciUE+Jjg07BYiBzwEBOZwDSd2uuJIvIRPZ4Hta/A+UHE6aD+3UrpKIMpXtc1wdE339EHV/QEF72Dsk2zx7h1gmgQ5aIZidbO3fhi8AkpTxltarn8Q/tpxj98WahTIrImApldo2thjKDltnk6tPjy6jcY8LlgYS9JEgiDl6miSBDLiE7eTRrNn/kQ1/B8kEe37rs3MZtPPGQT4HVE6I3j8gtA+t7uyikxpCqfHVvx2MeNgHIp2zzHKKQEOviabGtdSohh2qqEhW8aprbPU0w/0uzaWed6AO6/KfxfMDmscZaSgevY+uhiXxyBnLJiF8XeKWmm24pmftlw782oirOmqQvuEG+jbYqjxJrnVkoZjC8EqW2KVa397hv17VefnChf4WFWXqzzQl4flMFLCFojeNlr2cKajoDIcAgADicTF2iQGsOjFm9vnr0TkgJ/gSgyreO3Tkt4N7WuG8TQTIfU0j+78ELJ1FUCOJ8x2R8tebhOQxC1vyUz/nPTxwZUcpFHMnTx8PlUsbck0s2nENgqVwa7HfJ9kRt91RhELH7PUcwF1Vhppce8D95IWK86G4nEhe9WuqI5eDaqp73/7RWHCP4c6mYuNmM0K7J0jMe0CiF/KZmtLkcbfGCABGaqDY6PDPMg9W6AqolrTX2Mv1QBRYWwe18muePrEWYl/xrzCS+8RRen5vX7i0EC/cct5ZLMWW7VlbxFk7s1fFL45t5EuYS7py8pK3PE0D7zdzOf7NQk2iE2+/BzgbyhA+IVmiZ70SGN2biYbvtVGwm2/y7IIdjxfxIprQIPiVOpCDmh3pAomStYjN34RTL5HmjyoTVftUa4kRAHNp5bkoa9UnXLfZqV9rwjtrzff2jJWDhfxf4IcY1LN0QfoEHtkVfnCyDT3OqSWlHLNgruUaxahVWTxUG7ehSm37QrIqoiGZsT7C0EMJFfzkIT6agkoKegkc8sOB8mv69E1xWssgZut9sVeyXiprDJKHmT3s8jS6XssiIPqcRbuQXQoO3HiZp4+9FIkOhdJ0QMjghTZ9T6wJM0lf1fuEwCVvLtbepQ4nKipFclAeaPKVnQjWaaEC1VHTpuS6t2jybaX/39nG0tcxYsmdxPkJjiG+8Kg75sgQDMlrUELjPBsqG/AKaMWQtbN8Tp5wspEH0liCkAhcXscsmniO3gTvF3z3fu/5UK1G/1e0nm6EB24yju4ZgqmnzXA/TNz2301D3K+VfwqzDEUZge3sNtq6VdgfQSgxydkqtmnoqLD656XT970Nq3pPjvUC7FhuJ4cGP/5MRzfwUfcu7ig69ZsNMrSZLrcCVqYOx+tALbgsnsnFC1/EeNWHWmpR8pyIYM//Q7fFotgHXMAPzhcl1Fv00bOew4dvywTYrtSG+og/qumf1tmW6RB30XIJNd/K+ACEvxSy4Iz0OnzyNgFEnSxuvWP21kb1hKQ/KS9GuGp+JEf/qau3UeQynqUkNHiBzUNJFpq5Rke4ypoG0eQDBrz6HfxOFKAY3pCLg3yqzD/eVlV6l9v39TgZNC3Ey1ACNicbbpEgf24abvQph+lyi2+VlcZc2CUQrYnRcZW4do/evoPXUsJi/69WI3fGElffVM8XkbMFtvr+RRAJRX2Q2z/w10NH4amdy2rJy7Veva/+SEzIp4Gy/BxfgiM8/n5gROZ9OZarEfnuSfmmOkr038Lh0X3iMIlpMBZWfKYrim+F4uPJ5tuIFJedyzEZ45TlcFHsifnlbWx1Yry8Q6M1z4KQ79YTUHotCTZAPvUPosSjNIqmUQJyDCZd6rEAqtThij+097rlu/h5hVDxcauPKNzd2v9OY66T3Ps3xDXYm1cW+Sdm7WnPFY8zr8F6LZaeLkeQ4RGc/Ceyfz6aF9a0rzX33nGI9OD9SAZmww4nEOJoUDJf6LtTDNYRjqaTQGUvd0r3jwudOEZ3DyzuoDVXsvD8kmqLsYGZKY87yjHgxnba44ie5Fvk/gYL5MWtp9JsHRw7/k7APiFmOaPw2+RV112eU7pXbRDNCbqzNumaPXpFqXkyb89WL0Oh9dwMbsncgwBK43vw2qpLfMJRAb6ST2YrxFV7zAwD2OmPUUnCepIw/nPAAicyCIu7npXkgBeOAvH2Nvqqhi63RiMJ2UDdL7w9yxewGQ7cpnBoBIEiyeRamhYkQFCRcw1fv1JDaf4Ae33OtZBLz1zkngrGFjwttcpyRer1A9re/Q6ewpL+FJ1quLjfmFDYKfquM8IJMEi8poEpL4LRG7cbCP5yr3UEOY1k5gax/dArvK8cfchqkf4uBYpBESMEiygwCoh8oRHG+040hkdrY4LmquBUbc4aeirtPZGWGimHUj738Do0WzzNqlSY+o4xcqlwCEr8Xb9P9FjTfLGJw7Dgj9Utz0qbfaeh5mFM2TA0jexANNM/985Ny9FWLE89daeTm5R8cYKbH5eOeEejiYkrUpFbCRc53kEiPPEPlr+RIW5eoGIViV2lnsgHZMCOS5WbGCijSaAAbI9ZET0MNoL9OlyDDkP+mC8373hb0268LOLcTDze4TfgHk+aGVBCRDFMnlg4PUnei6G1Z6cpJYjqe2rPbpopO7GMm08kzA+7yaBHBpemoGCnjQOUbXvr7TwAaLGZsnHLEOEV/pjEX5mXUhEio/Cr+JeoZpbIOxWK+mwuimVVhf1SU/VACbXzNhtN//ppXSMHDwDYAXlfCxPcVZ7M8TtxHvhHdjRAal8OYGugPIyPMLOC3VzrSnYgi+DR5s7X29yHS5sjHRdfywbJv//t/Pc38TdM0kF2M+3wvlZsXS3t7kzu6r44BTXt5CgqW5owOM9c0bvTIEhFFHC6gV2Uz2CCaaBht9HuKijGONFlJOHUSZ0FaKGCKhv+WRBosxmdDNv1jQ13PvXMfzktjEa1bp6hh6PpngsKkHBXzUiVKmvSvMh0FXyxtnLGzeVoLacAJOkvm0wvP60vzaPfk9px4vnxYHT9dixhpmp9W5rfjZJ5Gyd/OKuUqpYomChjOMkawnuGCx9CnXCvTXnINQyHm2xYQF3B4MEVuRdFFQiphQZwasErXdjODt9vqm9wv0R7erPwOhkmqqJNZ39Yk8y8ApejETmIoz+S1SVF9e/XIGZiwNBHmfj4f3tMQ3Pbwl0D3u2AGpqYDPFHUdG2uHENwz9osQC78fx3fHC+RJOhYzORk8a3qp0PM9jvdGa0OWWIHAGfb5u+iZSb6PO1+sxK/NV/SY65EHoMMAMyQaB7S6rftgUA3P3s9r5h8x3DHj5Snzg91X116aeEbUNAeO9NcMpQ07M4+nwOu8aYvCjVC/yndlqOyKPr5qVtibG0P7zC8+2e4oFV5gh1BLvodVg/8M3mOlDSRMICLVz9bR3k3TPPIrEf5WUzHD/1KC2TeMm1v88kTpCYGt4UW3vqYeX3Dz9PD0xPfGXW9gu4vVwnvvJNT9mRnqfG1pxaIm2SK+XUJ6aTY84PAi+zfL4PUkP28BFZyDsZctzTrwKHhxIOUcc7T8YWwRhcE03wPQaibQ1vF4vFo5xulMgNqon1BjarAY0+t1GtVbylci0q841jbIsqExOs1S+BcKjh6hcBAOPFsnNmhUnVkzG9cfM5TxnZIxnLAEaFgEtesvf3ePonULEsfN8SIjoYcxrGrAWW7Lf4wKhdgEhgsoVnvgKhhWRQCBeLkEDuPGCxAc9WY2ajk1mjZlrnujbjYT5Id6VfDAbO0+2h2Sor9eVq6+sFqFh4qnvZkov6cIx3dHfotVxa2V1kRPS5bwbDbeUwoKHc4yybN2aUlCJXqnEJUCrKvMSXVEdDc7f4LjzkjWCpVuU8WnRaWh7Icrh4n1SbSG1ujZ8bqMDrWcWnz6+ZlUAMB4VP8BKPy8wjp4Sf3GDYKNy8+6XqPX44PcPMdPEPCNAIpCLElK2PymYbZiF2hSIlvul0jA0y0/2PVhVXFF/Gh1BdtM1xMe5EY1EX0OBZidgcPpISFhAlgS5nTIcs+PnLCTrUYn0Mo4cfeH8LsK89F4mi1BhtAAaGxhiSRPxaBPfDuvysTDgV9zjrA4EclXyLiQB+r3sFNOm7Jn7ArYIqAJrpIangu1wqD58OlVFRZlFcji44UOGB5RLwTE3bHDiGDyPN6LG/f0J4t2uZnHwS/Gwbgs6hUcHPcGzVBAA1HEHltiQpazlPL4diHZNT9JW+ESCAO/llq06EtRdyFJ9SVfVddbjoKqFTnoDzl7e8PFuX38ETxgc9Z2SxR51L6YkZ+yml00/hYWGPiAd5rLLMhx4SB2y/XedIm1tBLdohrdlNX6yyC0RyVOFRLUK5+/Pnaz6kqvcQ/TKNJ9c4AOqCqcHDhtqS1NrJwrHNsm2xgKm2t4KdZlX6iKDL9T7s+9nuFw/9sEyFmuALigG2TW74SXvZPXnGEQucmdAsU+99O9xJB/PwEc3HAVzEFEG9Xg2zVpjoD9EuZDDnqFNDVDcyTNy9ik9hh8EdTE7CLoD81EYnxABhZ/fMa9dUwDUd89smtKWf4WEqyqP59/LOsSEAXQvOuCAsTOU9kM+78xb6BzXeD324j/jmTybvuEeUPxuMom+WvUbhAS+EhVyrdY0fqyJS6nCQkBSlXdPXv1cA4/oNxjm8g3XlWNG/+mgBEzBI9AwJyBpBomeyTzzXJSErKx80CuzbD7m5DjIQPOeUh0iBEen2CJIdSSZhaCyYxC9SZNNog5YGtkgd1y86IrZOThJI0X0SmnGeVPRIBr9dvXux6A/peMPFiU6vdkyRYX3qfD5mAggfKpm+YQ6TW9VLz81AQuwVTn3RIleuKu5Fw/lQKD6/v5KO8Pah2TBCB+KmaNc9o17xc0aN+M1h6PithjtW0nCetM5TpekPP6HmJSv8aUV2K4IQVmWec088DH+yr1y3JZeJh7oK1oEZeC1bcb3PsGNCr7l6F+UMTW7S03KD8zgzF9K+BdRoLbwPU3s2O/KW9E/kE92GEG3zP4XBPLwd0G1QarJVskLz7w9gZUodqRABaDeZvghRveEjyWAVY1w3K8sCZ/zJAUCmT9s8lI2sdTALEI28Wcl5jwZEuW/gBC5z2f2xy1lQYPpwt59BWs3qJ7fkrbUUS+oaLo+S5YJHzDgelKBePR8UFuYKAzwbhQu8qqmCwLWb0AWkrM0KEt5org0AVfEcBRXdxJR+tlMZMJKWpk4ZkAlVGc+pyydCEBTDNoMmnp0pvDGWZhPorvQdt3hNkzl2//Fka+c5H4tl5MNmGr+J6YdU3CQjd0O+Hyxmvd3QsUahCgJ7PHtQRqsZJdhj14RMw3hyq74xuzot6CVB1vwopTPRxNYGumenZUOAB95ANOpS8AIPzaGs+cUSds6MvlL4ItN3Z8/9nAMovA4MGKhzfNipXFkHt1JRQfPH9eUAlvTe1/GSPOiR3GrG41cU+eVBkkyvlg8/sr9h/RnR3aW3PPLrsf9//2M7KB5XNEVntGgsSiIsYXJ5D3foz4CDXjOY7+aaJnx+jOQLuM01jKv61A2SSTcIjMDn0w/GyU1pYtg9RjuThQNID2hj1cW2GSdF3KzMIwn96NciNMYq3jHGQDO3289AKUMYEm5B0xp9ajNc/Me/hkI1WEPeGcksyIegvRClFpXgL7D8gTg2Xu2nZUHWQxlbZEgktABg8NFkxKJ5gFOOeTVxfg46Qh5ZsabXR8fJE/AcibkKcJkvesXJ/LcVn24yfGeAJy8obZe+Di3Zhp63EOR8NuYy+cLhEH8PG8JhFLy1eHJgwFPNM80f8SgKlp2Y3qaxIZXDiloHz4NHYDNnBv/iUqjOWl0EoMNQNZN9wnwLvxoUTzCKAyiWHZYLRWYi57eTFbiVT79Ml2v8P+61aj5ZWIQETPDVg2ie9dwYuaedVu9Y09Foo6D4459ah738ZlTC6MrIcm9OLl6EGQjT8VbgFXJs9Q/jFrWzjW3HcQR4/VYj43SMLu4Fqf78ldHi31Kl6ccibCGAqqpF9KyXcA80aVByFPE4/CT6s7kmPKTFodonAFtyRtYnrptlkWKop63jZzu1N1ZyhuT7rAWHbyyZW2hdFzXIHtYe2PU9MOz16yK3L4nd04fETMQhIqAM+fpnLE6R4cq9jGLYjhQONgydhRqsKA5kLmZVtxjIuU976I+EjCkZhiMoZ5NYhsOEe96uatfuPUSUdZYZE68La0Z+PzzZx2lc1w8jTz0ib+zID/Fnr3AKWweReEVzlDn7aBwE/X/rZFgJ1fnTNnDcpnFbALLRTmfWPRAA4H32IsdeCU2GHca9Qdv0VFU+QUHjQ/T+UAgIPy7raWlpAK6JZjXeleceOvPl0Bmc7n1HjW45KWZJRvI2Ln3YEtJAU81q0E1LJPUscPrjyBIqM5s8fey6aVIRI9oD/QMbIkOhu0QFyiRd43XTd6wfJLD31dehOHP0WZlHnDILIB6rXDDBhB+SLXw+/sVXkR4mSeROOHFbB1gG9u1CNrB1ElGfCTq5glYhA5oLzuhuzWweQ1cMtVlW5g7poNE/TMpmMP2FSy915p2wFtl3pzUACH/WZOBduEaj0VzK4pV9GWUdXaskrfKrLTX4dLOkT1DH2qSj3vwuEDZw/xvABCEkwWb1PygmwvBdDWOR7AgKqxnLWBGBvtLNKteWvznP7m34r+hK6B4mcnfWTW30WObaYu0DO80fhnutg/2KD/aDjC3dS7NSzIV4001x8pagM6gRVL3uQxqI0TVIbDUUNIpfDp6sUD0daisUGpOoBLm4sAt/eM/0SnXdbQ6RD4lGygVtBpTvMYbYYBiyEAiin7uXcPiQCDh18SqmqyOVBgbMnPc4opRt6J3gXT//UXgWwgK+1/KObCa1A8cJiAbli/NDokP164/sKzU19ChfURvZdBVwADPGmrNJSnDBK1sJV/TUoFGBIV4gcT68dXrZGHNaKLARKrF7boGgp95zgrwjQwnaMyZkIi07A8cD1/OGYnyHBUobcghOgxYiGatEimjUKh1+qlNbGMiCSBNknCYt8Yx4nmm9s/S+2EE+Nfexuzj6mhp6QvSUMPdazNuZ2TJq1XI26UY+VMMnTX717/M0PRTVBS18R8U6tbClcXw+NOUxIWn7XP4dgouo6OAo/XzIZxfBBAwZ+0+ODMt4qrBtq08TL15uT6hO9hXvYugSFWtxKBUA+DKbjbUzdbes3UrgalKjEgnE2lsN4qk3XzJ9YCiZda18jL39Cgqj9p1lFZWQTz7yQhDOR/vAcrsfA3cgmcfKe9q+L0UFNSWvhdLCvkiRFVPrev/U+5aV8YOnvTEICtQYY3THfogpHVplU3/y8y3ZUKiVOwCbPn9+VSvYY44ob4KhdoUrGZccJuKrIlr3dyudw/yXE4NdthYMYxH+X9bia5Gwz6nb8mDdEqNN0J7y7wGGnlV87O2nQEDKzL3u6gO1BpM17N+6+Z2y0PFC709qAQaXFBu53heldAULxbzkwcew7qWH3MZrSDO3hMrrnNLKFVpFGMTQNaVQLNdh4+K6hOEIbwDjBIQVANOes/qcTtQ2q4csaNqdxJuKBjI+9VnegavW8ax9prTI0wS8M/FAo4mAyngqclV/6I6BrIygQLsNJrZrMU7R8U64kqf/DGwC6GcQQMVDlL/8WgzlCKuCWqmUuDODUcL7DET8Gjynd6X9yr2wIx5ahJYuMKSOHOA2VmKukSAHxhJeMX7HGKXjgMJpqt5hdkkpdAHstjg4PtwM5mdq944DFE9g3qgxzyG3jZBjDBqxloOXTiIOIEAuregnXr6TqctFMqbXjYooaxvHoaMWhydQC91Oe1F1AxButa24iKdnQyl22eKO1MROa5sSKXV+Zg5dPpbdLr04vQITgamiQuEZmibz3Ka+FiZUw8gyHSVtTyQgkS/iCZoVt6RLEaPuMSFqbDYpSMpPC9yNWHH7YyPnbvxG4KZiN371KGwdo0=,iv:0Vyh/uxHoNjoReZEJCzn+1RAN87iOuei+TYOIrKvvzo=,tag:BIhax/+rYNSDTE0XbS6+GQ==,type:str] sops: kms: [] gcp_kms: [] @@ -32,8 +35,8 @@ sops: YkRGS2ZBbm1keWpUQUFOWDRtTWZVa0EKc+lKEP0L/yoFLx6p1zbWfifPWc7Y9Qqh qccODSyHqzwdriHLxXuw9SCnF+SeA721te6+pDVhJj8vqv2UqHiATw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-02-03T10:47:06Z" - mac: ENC[AES256_GCM,data:CjpuqcU0X7SPnnyomY3+RtdlrJn5UTlJHiizUo6FTdcgv0k23FTw7v9dYbIMOeP+3PUDhykTB9cHwNgc2gsMSQQXJVuRaTD47kPqc7Scxb7gcZ3EURNN7Dwt7gwDVlWRqRWtazKGYX9AIfboDHRI4F1No3LIjTayzaYO1tjXADA=,iv:vP/nOuO0vC5q4g0o8qqHXGLd/Q64X0RGCw6cpeTZ6ik=,tag:0BFv8bXa3JbOZyDSBIaPew==,type:str] + lastmodified: "2024-02-04T21:22:52Z" + mac: ENC[AES256_GCM,data:CFvEoz3UWF+K9EaQPOcdmzAYJ+wrZKgYr0UqUCaggeOc2EAy1M75rX8o2YfUxUoE2J2vOBAhGdEfIo+P1d+S/BbP2UGgjQgdRvUusJNzALZnMM2x4RFjPZuR96OLwZuQymHXg4qNdVea1ybZGYhU/b63Qik9TZSb/oySt0FQcL8=,iv:Bs5GAG2d95Z5fEBr7Syh5pUDm9dcwtCgcNcZfu/Le1A=,tag:0xMbOwzEaJa/7+sXi8S+AQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 -- cgit 1.4.1