From 7a372ed81256ce5d6aa608be9bebe173ab4e042e Mon Sep 17 00:00:00 2001 From: sefidel Date: Tue, 18 Jan 2022 17:38:31 +0900 Subject: project: rewrite --- nixos/.sops.yaml | 9 ++ nixos/alpha/configuration.nix | 148 ++++++++++++++++++++++++++++++++ nixos/alpha/hardware-configuration.nix | 49 +++++++++++ nixos/alpha/secrets/secrets.yaml | 52 +++++++++++ nixos/configurations/alpha.nix | 143 ------------------------------ nixos/configurations/default.nix | 5 -- nixos/configurations/hardware/alpha.nix | 49 ----------- nixos/default.nix | 14 +++ nixos/secrets/keys/hosts/alpha.asc | 28 ++++++ nixos/secrets/keys/users/boopy.asc | 51 +++++++++++ 10 files changed, 351 insertions(+), 197 deletions(-) create mode 100644 nixos/.sops.yaml create mode 100644 nixos/alpha/configuration.nix create mode 100644 nixos/alpha/hardware-configuration.nix create mode 100644 nixos/alpha/secrets/secrets.yaml delete mode 100644 nixos/configurations/alpha.nix delete mode 100644 nixos/configurations/default.nix delete mode 100644 nixos/configurations/hardware/alpha.nix create mode 100644 nixos/default.nix create mode 100644 nixos/secrets/keys/hosts/alpha.asc create mode 100644 nixos/secrets/keys/users/boopy.asc (limited to 'nixos') diff --git a/nixos/.sops.yaml b/nixos/.sops.yaml new file mode 100644 index 0000000..0f34ef1 --- /dev/null +++ b/nixos/.sops.yaml @@ -0,0 +1,9 @@ +keys: + - &user_boopy EE731799CAE9F76B048BDF71F05C1C600B728A18 + - &host_alpha e1965a67a09b4b20fcea3b57432b5757b7eb1fa4 +creation_rules: + - path_regex: alpha/secrets/[^/]+\.yaml$ + key_groups: + - pgp: + - *host_alpha + - *user_boopy diff --git a/nixos/alpha/configuration.nix b/nixos/alpha/configuration.nix new file mode 100644 index 0000000..54ec24f --- /dev/null +++ b/nixos/alpha/configuration.nix @@ -0,0 +1,148 @@ +{ config, pkgs, lib, ... }: + +{ + imports = [ ]; + + security = { + protectKernelImage = true; + rtkit.enable = true; + sudo.wheelNeedsPassword = false; + }; + + boot.kernelPackages = pkgs.linuxPackages_xanmod; + boot.kernelParams = [ + "nmi_watchdog=0" + "systemd.watchdog-device/dev/watchdog" + ]; + + # GRUB bootloader + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.grub = { + enable = true; + version = 2; + + efiSupport = true; + configurationLimit = 10; + devices = [ "nodev" ]; + useOSProber = true; + # device = "/dev/disk/by-uuid/7905-2E41"; + extraEntries = '' + menuentry "Reboot" { + reboot + } + menuentry "Shutdown" { + halt + } + ''; + }; + + networking.hostName = "alpha"; + networking.networkmanager.enable = true; + networking.useDHCP = false; + networking.firewall.enable = true; + + i18n.defaultLocale = "en_US.UTF-8"; + + console.font = "Lat2-Terminus16"; + console.keyMap = "us"; + + time.timeZone = "Asia/Seoul"; + + environment.systemPackages = with pkgs; [ gcc ]; + + services.openssh.enable = true; + services.openssh.passwordAuthentication = false; + + sound.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + hardware.bluetooth.enable = true; + + services.greetd = { + enable = true; + + settings.default_session.command = "${pkgs.greetd.tuigreet}/bin/tuigreet -t -c sway"; + }; + + # https://github.com/apognu/tuigreet/issues/17 + systemd.services.greetd.unitConfig.After = lib.mkOverride 0 [ "multi-user.target" ]; + + services.journald.extraConfig = lib.mkForce ""; + + # HACK: fix treesitter + systemd.tmpfiles.rules = [ + "L+ /lib/libstdc++.so.6 - - - - ${pkgs.stdenv.cc.cc.lib}/lib/libstdc++.so.6" + ]; + + systemd.extraConfig = "RebootWatchdogSec=5"; + + programs = { + sway = { + enable = true; + wrapperFeatures.gtk = true; + + extraPackages = with pkgs; [ + autotiling + alacritty + swaylock + swayidle + swaybg + wayland-utils + wl-clipboard + grim + slurp + sway-contrib.grimshot + waybar + bemenu + qt5.qtwayland + xdg_utils + ]; + }; + + zsh.enable = true; + zsh.enableCompletion = false; + }; + + hardware.opengl.enable = true; + hardware.opengl.driSupport32Bit = true; + hardware.opengl.extraPackages = with pkgs; [ vaapiVdpau libvdpau-va-gl ]; + + xdg.portal = { + enable = true; + gtkUsePortal = true; + extraPortals = with pkgs; [ + xdg-desktop-portal-gtk + xdg-desktop-portal-wlr + ]; + }; + + virtualisation.libvirtd.enable = true; + + sops.defaultSopsFile = ./secrets/secrets.yaml; + sops.secrets.spotify-password.owner = "boopy"; + + users.users = { + boopy = { + isNormalUser = true; + shell = pkgs.zsh; + + extraGroups = [ + "wheel" + "audio" + "networkmanager" + "libvirtd" + ]; + }; + }; + + # This value determines the NixOS release with which your system is to be + # compatible, in order to avoid breaking some software such as database + # servers. You should change this only after NixOS release notes say you + # should. + system.stateVersion = "22.05"; # Did you read the comment? +} diff --git a/nixos/alpha/hardware-configuration.nix b/nixos/alpha/hardware-configuration.nix new file mode 100644 index 0000000..3e99ea9 --- /dev/null +++ b/nixos/alpha/hardware-configuration.nix @@ -0,0 +1,49 @@ +{ config, lib, pkgs, ... }: + +let + espDev = "/dev/disk/by-uuid/7905-2E41"; + btrfsDev = "/dev/disk/by-uuid/dc47a0a6-3c73-45c1-951c-40032e762180"; + swapDev = "/dev/disk/by-uuid/4a74b247-99e9-42c7-9a86-75aea964bb85"; + dataDev = "/dev/disk/by-uuid/fe7a00a8-0a3c-48de-9d7a-ed7cf172f501"; + + subvolume = name: { + device = btrfsDev; + fsType = "btrfs"; + options = [ "subvol=${name}" "compress=zstd" "noatime" ]; + }; +in +{ + boot.initrd.availableKernelModules = [ "xhci-pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" "tcp_bbr" ]; + boot.extraModulePackages = [ ]; + + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.enableRedistributableFirmware = true; + + fileSystems."/" = subvolume "root"; + fileSystems."/home" = subvolume "home"; + fileSystems."/nix" = subvolume "nix"; + fileSystems."/persist" = subvolume "persist"; + fileSystems."/var/log" = { + device = btrfsDev; + fsType = "btrfs"; + options = [ "subvol=log" "compress=zstd" "noatime" ]; + neededForBoot = true; + }; + + fileSystems."/boot" = { + device = espDev; + fsType = "vfat"; + }; + + fileSystems."/data" = { + device = dataDev; + fsType = "ext4"; + }; + + swapDevices = [{ device = swapDev; }]; + + nix.maxJobs = lib.mkDefault 4; + powerManagement.cpuFreqGovernor = lib.mkDefault "schedutil"; +} diff --git a/nixos/alpha/secrets/secrets.yaml b/nixos/alpha/secrets/secrets.yaml new file mode 100644 index 0000000..f1abf24 --- /dev/null +++ b/nixos/alpha/secrets/secrets.yaml @@ -0,0 +1,52 @@ +spotify-password: ENC[AES256_GCM,data:tmzSh7Cf9fmL4PIdrV1dMz0=,iv:tLnKsQ2qEEZbGmuavMqiAXczlsZh21JU4tWWhhZP3OY=,tag:egoGT/V8AxIfcaVV0/ddtg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2022-01-15T16:15:09Z" + mac: ENC[AES256_GCM,data:1uhM/dHYwkdWoF90gbqdX+y1LgCkY0xFrC/tGQtm6tk0/X9Q9yq7se646IUVwhyZDP4+PRA1DhmjJTOwFxRWpXLPtRbPgcAGjNoMjP/n8HhDiDr5dUJWLsuHg4vB9MGA8UnEewUdYjZiR+7+x6iULcnRojR06Uzy1D47f6tQqZ8=,iv:yTY9blxNtbvYjOVidtLeTzuDfWpN+AgLtkAC/D+VV+Q=,tag:fIR+NVF9YkghhMJTOpGrPw==,type:str] + pgp: + - created_at: "2022-01-15T16:14:51Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMA0MrV1e36x+kAQ/+N5pvwngEyucZTGlNZV1yachrUEkylK84bfJPwCn5JMWY + mBhdhgBZ5DEmseA2pny6mDyid6EQjKB/akIDnW2ZTaBposdDlJUw4S7wqO+vtuLM + 9L1jFg+y9xn9H2HzIyaglBN0cLQIPqZtu72yriV3bAu7wPLd3J+5fq/ohPV4GrsL + CVs0h8t/n/BkJ6q0s7gTBe2+tvB78fsLZwSpSwc5fzXdaZTRBCopEqT+3DO/shX3 + qOsP3zvbUIKvdIXsfGhwtfpuPD3qg42HoyI+CmedjoG1DkPX0jLiu44K+EJJr9n1 + jQ9Ms/jc4But5DW+EyWm9rkMGinMY+cEENKcJ/8LVuUzud/KFsJhJnEAi23U705+ + om7Gte+UOLE+Z5LDaLNKNJ51mHcl/JS+ze74mafkcyrbQsCXgicyS47VxPltVtnX + P6u/NQmrvWlnWGw1QLHVjOzN5FEedAWvUaS4kQABG/LFobMx6M9dPucKUBAkOhXy + ZvcJDUN4XbIIxnfM8bQ9ijYAC5+axhonY95UX9OCwiErXC7rawa1J8mJTdGmxFIK + MVV2yfBoqGyhQduq/j7ScPfGkY/pC7NtFtphwjocQkVDO6SO/o1zYEAzgqpOKYzP + 1piFC7Z0MUnOYu0omhXXt2UGIxmxl4DbPSq3hZVfTzjjVlPp3wr6EmI6eUO2o6nS + WAG60D7zdhWEJF7LrNqg0abwbsqUUMGOzdSUA89AfoQIK3mZ0hDl4fzklPMxpqio + K5gNpvazqLGDLQXXjByoPXg8sFZXm3Isoq1WbrdkRonmjYJCIhGzdt4= + =ntAB + -----END PGP MESSAGE----- + fp: e1965a67a09b4b20fcea3b57432b5757b7eb1fa4 + - created_at: "2022-01-15T16:14:51Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQIMAzBHloZFtyD7AQ//YazK3vEkUC9A8gtjn7mst91PL57bBEFOsgp0MXYR4U9m + +Ro9qA98vF6PIcBLA9yfixpbiT+JVUTJPHrS8j0aegocVgUTNlrh7qPMU0w220oF + e+6P9XmEh4w1rSy03F5Ch7AVZ/o9aUEFKSMud7Zl5oPk2v7JqgqtHy7SHdlDa6JL + PQftiu9rozzOM+7UmRWA1pzi2JX03Md6qLGaPpMyM0AhdZuf/bLV8zpcKRIBWmkF + n5LE0blIYv/9yvowXgZQaDj2eejWzKWm0Zpd9Cw3MsuJHG1TLOgyjhpdV9raMg+k + BE8kBN+EwUy4CTKzeBeyGenY5mn7ll+x/vGo3aa2Shywalkr6mSmnH5B8FuO2c2U + S1hwrpoTJjsTiQzCnxVEm+Jv1uRAfoOQwJMt2Br0MM3iVCrm+/mGNv5K4GC96MqN + FPfGt1tsUViZ0xbbVbJ2ULAZUpBHzK7XTFcobnuHMRSjQ16QO8mIAN0ROEzTl/ng + 7gVRxV2X9f+9aChQ14bmoovjPqVbxl09B3cYPrvXvd0x7V0FGUTHWexXZBOg9OOc + zG9VTDBiEy26G9a7XOMGNAIwNPxULCa7uKRql2UvtrDZf4CZx3H7dnJKAKXmTbx2 + WjxQ2N0au8oVEkMK6TFUdOBuPGJq/skNXOU0S9kCBhcrA81pwF3Q6I42gml2GiHS + XgEgxy2EntotByYJ88UmB6y6WSROfTVGJGykJ0QnU6bAJErss3BmE45yYo6ymI9X + kRLyz6YManX2UMUfDrlumeqRFFYkdx+7kdqvgc8vLcGjrCIGsPoEpMltj0A2+M4= + =dGjP + -----END PGP MESSAGE----- + fp: EE731799CAE9F76B048BDF71F05C1C600B728A18 + unencrypted_suffix: _unencrypted + version: 3.7.1 diff --git a/nixos/configurations/alpha.nix b/nixos/configurations/alpha.nix deleted file mode 100644 index d7fe368..0000000 --- a/nixos/configurations/alpha.nix +++ /dev/null @@ -1,143 +0,0 @@ -{ config, pkgs, lib, ... }: - -{ - imports = [ ]; - - security = { - protectKernelImage = true; - rtkit.enable = true; - sudo.wheelNeedsPassword = false; - }; - - boot.kernelPackages = pkgs.linuxPackages_xanmod; - boot.kernelParams = [ - "nmi_watchdog=0" - "systemd.watchdog-device/dev/watchdog" - ]; - - # GRUB bootloader - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.grub = { - enable = true; - version = 2; - - efiSupport = true; - configurationLimit = 10; - device = "nodev"; - useOSProber = true; - # device = "/dev/disk/by-uuid/7905-2E41"; - extraEntries = '' - menuentry "Reboot" { - reboot - } - menuentry "Shutdown" { - halt - } - ''; - }; - - networking.networkmanager.enable = true; - networking.useDHCP = false; - networking.firewall.enable = true; - - i18n.defaultLocale = "en_US.UTF-8"; - - console.font = "Lat2-Terminus16"; - console.keyMap = "us"; - - time.timeZone = "Asia/Seoul"; - - environment.systemPackages = with pkgs; [ gcc ]; - - services.openssh.enable = true; - - sound.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - - hardware.bluetooth.enable = true; - - services.greetd = { - enable = true; - - settings.default_session.command = "${pkgs.greetd.tuigreet}/bin/tuigreet -t -c sway"; - }; - - # https://github.com/apognu/tuigreet/issues/17 - systemd.services.greetd.unitConfig.After = lib.mkOverride 0 [ "multi-user.target" ]; - - services.journald.extraConfig = lib.mkForce ""; - - # HACK: fix treesitter - systemd.tmpfiles.rules = [ - "L+ /lib/libstdc++.so.6 - - - - ${pkgs.stdenv.cc.cc.lib}/lib/libstdc++.so.6" - ]; - - systemd.extraConfig = "RebootWatchdogSec=5"; - - programs = { - sway = { - enable = true; - wrapperFeatures.gtk = true; - - extraPackages = with pkgs; [ - autotiling - alacritty - swaylock - swayidle - swaybg - wayland-utils - wl-clipboard - grim - slurp - sway-contrib.grimshot - waybar - bemenu - qt5.qtwayland - xdg_utils - ]; - }; - - zsh.enable = true; - zsh.enableCompletion = false; - }; - - hardware.opengl.enable = true; - hardware.opengl.driSupport32Bit = true; - hardware.opengl.extraPackages = with pkgs; [ vaapiVdpau libvdpau-va-gl ]; - - xdg.portal = { - enable = true; - gtkUsePortal = true; - extraPortals = with pkgs; [ - xdg-desktop-portal-gtk - xdg-desktop-portal-wlr - ]; - }; - - virtualisation.libvirtd.enable = true; - - users.users = { - boopy = { - isNormalUser = true; - shell = pkgs.zsh; - - extraGroups = [ - "wheel" - "audio" - "networkmanager" - "libvirtd" - ]; - }; - }; - - # This value determines the NixOS release with which your system is to be - # compatible, in order to avoid breaking some software such as database - # servers. You should change this only after NixOS release notes say you - # should. - system.stateVersion = "22.05"; # Did you read the comment? -} diff --git a/nixos/configurations/default.nix b/nixos/configurations/default.nix deleted file mode 100644 index 8b84279..0000000 --- a/nixos/configurations/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ self, nixpkgs, ... } @ inputs: - -{ - alpha = self.lib.mkSystem "alpha" nixpkgs; -} diff --git a/nixos/configurations/hardware/alpha.nix b/nixos/configurations/hardware/alpha.nix deleted file mode 100644 index 3e99ea9..0000000 --- a/nixos/configurations/hardware/alpha.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - espDev = "/dev/disk/by-uuid/7905-2E41"; - btrfsDev = "/dev/disk/by-uuid/dc47a0a6-3c73-45c1-951c-40032e762180"; - swapDev = "/dev/disk/by-uuid/4a74b247-99e9-42c7-9a86-75aea964bb85"; - dataDev = "/dev/disk/by-uuid/fe7a00a8-0a3c-48de-9d7a-ed7cf172f501"; - - subvolume = name: { - device = btrfsDev; - fsType = "btrfs"; - options = [ "subvol=${name}" "compress=zstd" "noatime" ]; - }; -in -{ - boot.initrd.availableKernelModules = [ "xhci-pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" "tcp_bbr" ]; - boot.extraModulePackages = [ ]; - - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - hardware.enableRedistributableFirmware = true; - - fileSystems."/" = subvolume "root"; - fileSystems."/home" = subvolume "home"; - fileSystems."/nix" = subvolume "nix"; - fileSystems."/persist" = subvolume "persist"; - fileSystems."/var/log" = { - device = btrfsDev; - fsType = "btrfs"; - options = [ "subvol=log" "compress=zstd" "noatime" ]; - neededForBoot = true; - }; - - fileSystems."/boot" = { - device = espDev; - fsType = "vfat"; - }; - - fileSystems."/data" = { - device = dataDev; - fsType = "ext4"; - }; - - swapDevices = [{ device = swapDev; }]; - - nix.maxJobs = lib.mkDefault 4; - powerManagement.cpuFreqGovernor = lib.mkDefault "schedutil"; -} diff --git a/nixos/default.nix b/nixos/default.nix new file mode 100644 index 0000000..211f3d5 --- /dev/null +++ b/nixos/default.nix @@ -0,0 +1,14 @@ +{ self, nixpkgs, ... } @ inputs: + +{ + alpha = self.lib.mkSystem { + name = "alpha"; + nixpkgs = nixpkgs; + extraModules = [ + inputs.sops-nix.nixosModules.sops + ./modules/security.nix + ./modules/cachix + ./alpha/configuration.nix + ]; + }; +} diff --git a/nixos/secrets/keys/hosts/alpha.asc b/nixos/secrets/keys/hosts/alpha.asc new file mode 100644 index 0000000..41a45b3 --- /dev/null +++ b/nixos/secrets/keys/hosts/alpha.asc @@ -0,0 +1,28 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +xsFNBAAAAAABEADXplBJ88spBzpK908jDYx4PJPpmBi9yXXmH0CZwmsLLO8jBMa2 +0+4Q2NY9+vZ2BFe3TFr3qp8QINxec5cZvIvuaMdEAXcQ7OYZJR+ijnG7u/Gvhwh6 +G764dGFe7SBIV6jxYCU1NTDzKgb2RvJHP03Tp8Zg8YBcF4WbMTe4WQmiPhGvebMt +Mw23ZxYj37nBhwDURi4ji293Aree+6GSIALxdIm7uMJlH5N4WlMm+jWyX70dlOrx +fGa6gus3kCnTKetBPLwDyablIgLbEvPX4r3GGSd37sV8PCyIoDWfjxINQu5P2f8x +H4kL+cqFs7ds8zo7rROsXLCLzsOKSoicCcMfTBeXT2DN0uQfysJI65Rvfolxn0h9 +UGBKEqcMcAl9lluJoF4C3ZUKREFtwiy6FezDZ2tT5Tpp1O5eWqaroHd3HRxgsnIT +GXbSTlpyZVNQOHp9WoC6lzyLYPGARKOYjwJy3aMTJold4r97TgQQ2sWop5EZ9kg9 +k2zBlLbf6+1OPYMUG6OTTjjt4FMne4gbQ9+9LTfRa+zT4RDEGYgLoWadzPuTIhwm +RHtnpv0pe+OBRQnkvnFEl6dR6/rKbsUNQBIaliPXUxsfrrcjThoXMO4ecBfdwzFi +3ql7fyOX0/DXRj/tQ1PxXzfPp3IiZVsh7MKemH94/KHeTFLS9leZmtz6wQARAQAB +zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT +AQgAFgUCAAAAAAkQQytXV7frH6QCGw8CGQEAABpqEAAdM9PfVFV+MJ81eoEAXlJg +2cE8TGcb6chOWW9CJAHv54aQxbPs18055vqOmrVgWWNMTdIs+50TlMKt9/9qLUjH +22HljRZi2W4ct1Itre+ID74yhrDYeAhNoCtN5Exz18r6Ef+HGkANWs60O9g32v/B +FDamVW+cGorp0XhfZiMRHQAwvOKib+ovGvwI6Llkp3mJam381DWW5/rPnm4e04ze +2QvNOm/PhbKxdFS10iSz7tABp3NfEDG2eZykywRm/DSJwJn3JcnrFXqmfRXm1ANE +rvNr/ISHnmPLmiMdzpG2PdT9Lssmz9Oz9ZSkIgGJQwaifh7F6Y1TAXloEjRW/6vw +EST1+um1EAZ1vhucR6RM+S3WeYZ9jr4TMJ6PdhtVTlyPcMBSLKYJ1TlBaDruAmc7 +anplewF5VAKyMc6x0iuEVa3GL/iw+Tphuq5HPqc+2IF2OQvfWbxAKOZjdQpluJ7x +AA8qHgSyImlv/VVkoegt7W0mA0DKJTdnhHA4HXT4gKyB68xyAUXyddJ1qP1YD6ou +wwmArjQuLPQ352rVGs9mc+Djq3BgBXunvmnaG6FDE6J+slelubfrGF+0s9oCxip7 +HR52nhWteSGNT7ZGjYdEkhQGWAUgxJZlawxZqOXR/er2bi+zTcgoErND9cccEbXi +ptZcqbdR0qUMDKPk22Svuw== +=49eP +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/nixos/secrets/keys/users/boopy.asc b/nixos/secrets/keys/users/boopy.asc new file mode 100644 index 0000000..5580dab --- /dev/null +++ b/nixos/secrets/keys/users/boopy.asc @@ -0,0 +1,51 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGGBNKMBEAC/FfuwKRKjb5TNVD7FtSuj9LcP/fzWWAg/xi0Cu4cX2S8lUotr +kJ8Mj5/Mk4LhQ9D1TQE+fcQIc91Ibk2AO0+ddCrZwZxBLzizj3Bvq8XLO8wS6LsF +pRcd4a67fzKRg5w/5ldJuO7GbV1we1a9Nwl2DRIyQn9MmlPOEgjJ85U26m+jeoNz +rt+IsR0nJadbcrzgfiTy2NQ5FuvcOLhDBe7PTOs+pkqrtcM+AJHGEuUQk6r0E3Tr +yXFIzSzST9CYKVGLkR3VvRL3b7X+gBPKdJRi9x8JjQbc2LfDX2Jas35HNHIzsTAS +54fDNvjDp5qJdbMXPZzUZKCxcMD7+GGblcUnZ9U7OO4ZEfE+I2Bx6wagpRbs0ZFX ++poLuoMkgs5oLO/UhVkZI7tOYOVvy0i7zJTQ8fXEa/kT0bc0I8rp+gtReGnjOpTT +mp6VVfH87nVWRcndUf8S3aNF0fRsxGz6kTL/rC89/MQzbC6/yRjGt1fpNkiLPf0K +7SCmEeavScJf3P7EUvSj/itdzt29zmZyrtkWEpFWUKvjFrFSqiUEOFulkJlx4+Ew +NkVk2KoT7EGDIRyyNng1qu6QdM7ikpv61JI59bMkdFpIKhvOD7/bAO7z2D8bdWU9 +UudCNuxXwLE+vqDKfUXu2NcyIJeEEG51Nrrm7/pHuZniSKzKzR+6m7bsFQARAQAB +tBVaYWNrIEEgPGhpQGJvb3B5LmRldj6JAlQEEwEIAD4CGwMFCwkIBwIGFQoJCAsC +BBYCAwECHgECF4AWIQTucxeZyun3awSL33HwXBxgC3KKGAUCYawAbgUJBc5mSwAK +CRDwXBxgC3KKGIQSEACwAob0zFlfJCL4IZyFnx8Gj+RT5FypnNPq+lBtZ8jDWWqy +pM9BR8ugXvpTfNmwSI6h82cAAHALQ71Z+hFV8XeO111gxW22dGMWPS6NsIA7M0go +TMLfU19ZZb9zUG6kDXB9g4JijEBYgbLVUddXy61r2NUKMCEA/8GDLjeQLpbRf4fa +2UAHt5UfOzoWh30SdYvMmeku/Lg0YuSnVbduFstlGbHSUHGjjDj8+o10sGfaRi4c +6Etsk23qYATczd3WFj6vksrp0+vlsnI/Dq7F2FgZKNqmHEGo+lpMyuOHTWNoxkvf +NvD7hZSz/GR7RpomyJdHD/ENnu7cWHD7MNx4JCiE2uXeqvDRx4cIgPA/AjbHV7m2 +cgilMzVRydksHuQM+DFEZtYrkw8pHAR4j0+DXD5tXWx5ziv1eK0jrlNIKf9ZRmCB +au1Z54mMQ7XczOeC2v1XTVfRA5Qn1QkqSRhK6/WDI/MGnZV+rZfr5TgxpJSeuJTW +6BamHfWogaoO3uIME380JroMCk4aQ4lbW/9HtUFz01Ti5UE/GrcrWhd/SS3dr7q7 +ygCIAcMTqI/QRbPG/2but96/P7FJYpyguDFAxZbpTaQ52n0vFWQ624AJshvoenis +wi53DXHGxym7dGpRBPYgAdsh0YqQ9C/u/AzhuJ0DroKZjAbsx0zH2x8ljd0Pv7kC +DQRhgTSjARAAyjp257sZZqW6/hFqkrVCygwSYY2RRQC2CIkO1mhWPwV2OJ/2tG48 +7HNeCkcTGGQMxzgBz+M055pZMyxGoBVdu6MI4p6UvGroBW5W/N+sVKqDOg30v5Tc +4UqpcrOZUp6gQ3uebOrS9w6LXiPA6n36SuouWMViinm4/GNNYOEPOZL9fO18qyfW +rc5tQiyoOmyvB8wu+ftumoLBMsMDsuu3StptETGv2EeY7jBp/fn2Mt/Luot5/8nX +rrxtywcscbItIlV7wlhf/o1gS6EfmVjs1DkVAAJBlgRlsIFis7mo17f4br4pTsY7 +ZoaNKyDiOo6ot/O6ntYLDFiM02MAqvDKt/TvOHyuXI3FzcGlRVfVNBQ0ISg5sr5C +55UkanmeHIt4zR20Hpr0mI6GyFSkm7VYIK1lQxLhCCTxsmtm83MZc3IhpsRQcsqY +oihFIAFOUQ9kbBqo8FDqmQy4zXSP33lkUpJmcLpwvRPHrJlEJjXk3sFHdXobw65s +xOgy9p8QB3tQgwd3kB3tD2jCoJ9+RACcMT3RRfyQsylZalyuiLCPxCmF/aU1fNyI +1Bk3t4iUAa9dvxsif8qfx/4Bh3Gj7RUc+MaTexSBudBxVcO1qxDuQOaW/c2R5CRm +vcd9J23WoKYN1j4dzM5aMxNFCyTtu4VeYaU3bi3VbAc53q60f7s6dusAEQEAAYkC +PAQYAQgAJgIbDBYhBO5zF5nK6fdrBIvfcfBcHGALcooYBQJhrAC/BQkFzmacAAoJ +EPBcHGALcooYAT4P/jayUQMDUGG8zMqIjyMS3GXY8Pg024AGhjvCkAgV6HjW8Q/v +aOPZOWaQvWYTKHEsi/+qhq1ybKjhKqXeI/dS75YCpNzBSPpI9J8TMJybEc6G36Ja +F2QRd+/a+vjvoFpfbzMhr1ECbLsHu48B3QgTvP8H1xy5P8SO02OxRd+/W44bRvs9 ++89mSNbXWQD4qbDeq9bPSleCKBF9haA+xA96vtfMwRnx2+olCWr5I0keCLGG5MV1 +zwmefTHxHiuMyzJjkrBFNAcuPYINEkLrjips5aq8wrgBJDeDQW81FmhPGgtKbfoN +DT4aT4UxVLyy4WaoBe7uZquoEC+EHxxgba7aqxOiBmmqti4aG8F180QTrSIT1Dol +d2GK+CUxiyUpdK1bg5Iyv8Gwlvey+yVXXLKDVUsde3+M6mRRVLJbWlur/ej69oAA +m7A28LZZxvYGzuWCcZvP5ATAzl9umbASO6BuEzzLsrO081Bb0etZWT9hx4wreLyE +90uGYZctokEJWA5Vk0YKLGmyiRymoGehxepYEJ2eiEsQgy2KS1SR9MB7iHJSFpu3 +iEFF9ODikeb0rmroUWL/lqY38AEuEt/tRlgS6w0DnZBnkL29RhXFiDaR5kM0eaf5 +sYx2723BpXQSGG6MptN8rYr70EpIIp9FCC17sQkn3Fx2PCRS8IDxGhe0+xQI +=pcnT +-----END PGP PUBLIC KEY BLOCK----- -- cgit 1.4.1