From b3587531daa2c111ea68d487ff4c9df565546b13 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Tue, 24 Dec 2024 09:05:23 -0600 Subject: [PATCH 01/10] Install shntool. --- hosts/garden/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hosts/garden/default.nix b/hosts/garden/default.nix index 144a69c..b002595 100644 --- a/hosts/garden/default.nix +++ b/hosts/garden/default.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: { imports = [ @@ -48,5 +48,7 @@ group = config.services.lidarr.group; }; + environment.systemPackages = with pkgs; [ shntool ]; + system.stateVersion = "23.11"; } From 5ba548b4b73c9689370fe49bb08f550c48f7d52c Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Tue, 24 Dec 2024 09:11:40 -0600 Subject: [PATCH 02/10] Install flac. --- hosts/garden/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/hosts/garden/default.nix b/hosts/garden/default.nix index b002595..f22a9fb 100644 --- a/hosts/garden/default.nix +++ b/hosts/garden/default.nix @@ -48,7 +48,10 @@ group = config.services.lidarr.group; }; - environment.systemPackages = with pkgs; [ shntool ]; + environment.systemPackages = with pkgs; [ + flac + shntool + ]; system.stateVersion = "23.11"; } From d58da536b1cbe4beb51d4e3d074014bba904ec26 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Sun, 29 Dec 2024 09:34:18 -0600 Subject: [PATCH 03/10] Add Searxng. --- hosts/hub/apps/searxng.nix | 23 +++++++++++++++++++++++ hosts/hub/default.nix | 1 + 2 files changed, 24 insertions(+) create mode 100644 hosts/hub/apps/searxng.nix diff --git a/hosts/hub/apps/searxng.nix b/hosts/hub/apps/searxng.nix new file mode 100644 index 0000000..8044a6c --- /dev/null +++ b/hosts/hub/apps/searxng.nix @@ -0,0 +1,23 @@ +{ config, ... }: + +{ + systemd.tmpfiles.rules = [ + "d /var/lib/searxng 0755 root root" + ]; + + virtualisation.oci-containers.containers.searxng = { + image = "searxng/searxng:latest"; + environment = { + BASE_URL = "https://searxng.tailc50184.ts.net"; + }; + ports = [ + "8080:8080" + ]; + volumes = [ "/var/lib/searxng:/etc/searxng" ]; + }; + + services.caddy.virtualHosts."https://searxng.tailc50184.ts.net".extraConfig = '' + bind tailscale/searxng + reverse_proxy http://localhost:8080 + ''; +} diff --git a/hosts/hub/default.nix b/hosts/hub/default.nix index 59f0a96..c09ac23 100644 --- a/hosts/hub/default.nix +++ b/hosts/hub/default.nix @@ -22,6 +22,7 @@ ../../roles/syncthing.nix ./apps/dev.nix ./apps/nextcloud.nix + ./apps/searxng.nix ]; boot.loader.grub = { From f111879b6e2f3ea74acbc45a6069052a8b087e14 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Mon, 30 Dec 2024 10:10:13 -0600 Subject: [PATCH 04/10] Add more apps. --- hosts/hub/apps/actual.nix | 20 ++++++++++++++++++++ hosts/hub/apps/searxng.nix | 19 +++++-------------- hosts/hub/default.nix | 1 + 3 files changed, 26 insertions(+), 14 deletions(-) create mode 100644 hosts/hub/apps/actual.nix diff --git a/hosts/hub/apps/actual.nix b/hosts/hub/apps/actual.nix new file mode 100644 index 0000000..115d411 --- /dev/null +++ b/hosts/hub/apps/actual.nix @@ -0,0 +1,20 @@ +{ config, ... }: + +{ + systemd.tmpfiles.rules = [ + "d /var/lib/actual 0755 root root" + ]; + + virtualisation.oci-containers.containers.actual = { + image = "actualbudget/actual-server:latest"; + ports = [ + "5006:5006" + ]; + volumes = [ "/var/lib/actual:/data" ]; + }; + + services.caddy.virtualHosts."https://budget.tailc50184.ts.net".extraConfig = '' + bind tailscale/budget + reverse_proxy http://localhost:5006 + ''; +} diff --git a/hosts/hub/apps/searxng.nix b/hosts/hub/apps/searxng.nix index 8044a6c..df20ddb 100644 --- a/hosts/hub/apps/searxng.nix +++ b/hosts/hub/apps/searxng.nix @@ -1,19 +1,10 @@ -{ config, ... }: - { - systemd.tmpfiles.rules = [ - "d /var/lib/searxng 0755 root root" - ]; - - virtualisation.oci-containers.containers.searxng = { - image = "searxng/searxng:latest"; - environment = { - BASE_URL = "https://searxng.tailc50184.ts.net"; + services.searx = { + enable = true; + settings.server = { + port = 8080; + secret_key = "secret_key"; }; - ports = [ - "8080:8080" - ]; - volumes = [ "/var/lib/searxng:/etc/searxng" ]; }; services.caddy.virtualHosts."https://searxng.tailc50184.ts.net".extraConfig = '' diff --git a/hosts/hub/default.nix b/hosts/hub/default.nix index c09ac23..c103f69 100644 --- a/hosts/hub/default.nix +++ b/hosts/hub/default.nix @@ -23,6 +23,7 @@ ./apps/dev.nix ./apps/nextcloud.nix ./apps/searxng.nix + ./apps/actual.nix ]; boot.loader.grub = { From 575dd8a7edd06b0194594fbd7c74ccbda5d29841 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Tue, 31 Dec 2024 13:44:16 -0600 Subject: [PATCH 05/10] Remove defaults. --- hosts/hub/default.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/hosts/hub/default.nix b/hosts/hub/default.nix index c103f69..9b9f836 100644 --- a/hosts/hub/default.nix +++ b/hosts/hub/default.nix @@ -92,13 +92,11 @@ }; certificateScheme = "acme"; enableManageSieve = true; + indexDir = "/var/lib/dovecot/indices"; fullTextSearch = { enable = true; - # index new email as they arrive - autoIndex = true; # this only applies to plain text attachments, binary attachments are never indexed indexAttachments = true; - enforced = "body"; }; }; From 61b20b94d47d953dc2a1eed8199198a94bd10dfa Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Tue, 31 Dec 2024 14:48:47 -0600 Subject: [PATCH 06/10] Add adguardhome. --- hosts/hub/apps/adguard.nix | 28 ++++++++++++++++++++++++++++ hosts/hub/default.nix | 1 + 2 files changed, 29 insertions(+) create mode 100644 hosts/hub/apps/adguard.nix diff --git a/hosts/hub/apps/adguard.nix b/hosts/hub/apps/adguard.nix new file mode 100644 index 0000000..fa0d758 --- /dev/null +++ b/hosts/hub/apps/adguard.nix @@ -0,0 +1,28 @@ +{ + containers.adguardhome = { + autoStart = true; + privateNetwork = true; + hostAddress = "192.168.0.1"; + localAddress = "192.168.0.4"; + config = + { lib, ... }: + { + services = { + adguardhome = { + enable = true; + port = 80; + settings = { + filtering = { + protection_enabled = true; + filtering_enabled = true; + }; + }; + }; + tailscale = { + enable = true; + interfaceName = "userspace-networking"; + }; + }; + }; + }; +} diff --git a/hosts/hub/default.nix b/hosts/hub/default.nix index 9b9f836..ba91d27 100644 --- a/hosts/hub/default.nix +++ b/hosts/hub/default.nix @@ -24,6 +24,7 @@ ./apps/nextcloud.nix ./apps/searxng.nix ./apps/actual.nix + ./apps/adguard.nix ]; boot.loader.grub = { From 84e81d9642ce19b9c1f5051eb9fdfc01fe0cb263 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Wed, 1 Jan 2025 15:30:40 -0600 Subject: [PATCH 07/10] Add audiobookshelf. --- hosts/hub/apps/audiobookshelf.nix | 12 ++++++++++++ hosts/hub/default.nix | 1 + 2 files changed, 13 insertions(+) create mode 100644 hosts/hub/apps/audiobookshelf.nix diff --git a/hosts/hub/apps/audiobookshelf.nix b/hosts/hub/apps/audiobookshelf.nix new file mode 100644 index 0000000..8ed3581 --- /dev/null +++ b/hosts/hub/apps/audiobookshelf.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: + +{ + services = { + audiobookshelf.enable = true; + caddy.virtualHosts."https://audiobookshelf.tailc50184.ts.net".extraConfig = '' + bind tailscale/audiobookshelf + reverse_proxy localhost:8000 + ''; + }; + environment.systemPackages = with pkgs; [ audible-cli ]; +} diff --git a/hosts/hub/default.nix b/hosts/hub/default.nix index ba91d27..e7855eb 100644 --- a/hosts/hub/default.nix +++ b/hosts/hub/default.nix @@ -25,6 +25,7 @@ ./apps/searxng.nix ./apps/actual.nix ./apps/adguard.nix + ./apps/audiobookshelf.nix ]; boot.loader.grub = { From 10dbdcddd09b9637c122afd4edf23ad33e0e213f Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Wed, 1 Jan 2025 15:32:41 -0600 Subject: [PATCH 08/10] Update flake. --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 949ef74..e4bcc74 100644 --- a/flake.lock +++ b/flake.lock @@ -56,11 +56,11 @@ }, "caddy_2": { "locked": { - "lastModified": 1732948222, - "narHash": "sha256-kUWyjeqkU+RHTHVXT61QF19eW2vnWgah5OcPrUlU8oU=", + "lastModified": 1735284852, + "narHash": "sha256-mQu3IwEO294DuB7XAXOvOLriElDgRTf6rTLoDh3tMFQ=", "owner": "vincentbernat", "repo": "caddy-nix", - "rev": "9d13eb684b4ba1b2eb92e76f7ea1f517eccc4fe1", + "rev": "b421380ded7c000f432092df0f1a7afd9e187173", "type": "github" }, "original": { @@ -153,11 +153,11 @@ ] }, "locked": { - "lastModified": 1734366194, - "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", + "lastModified": 1735344290, + "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", "owner": "nix-community", "repo": "home-manager", - "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", + "rev": "613691f285dad87694c2ba1c9e6298d04736292d", "type": "github" }, "original": { @@ -169,11 +169,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1734954597, - "narHash": "sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl+fk=", + "lastModified": 1735388221, + "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "def1d472c832d77885f174089b0d34854b007198", + "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", "type": "github" }, "original": { @@ -216,11 +216,11 @@ }, "nixpkgsUnstable": { "locked": { - "lastModified": 1734649271, - "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", + "lastModified": 1735471104, + "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", + "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4", "type": "github" }, "original": { @@ -244,11 +244,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1734875076, - "narHash": "sha256-Pzyb+YNG5u3zP79zoi8HXYMs15Q5dfjDgwCdUI5B0nY=", + "lastModified": 1735669367, + "narHash": "sha256-tfYRbFhMOnYaM4ippqqid3BaLOXoFNdImrfBfCp4zn0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1807c2b91223227ad5599d7067a61665c52d1295", + "rev": "edf04b75c13c2ac0e54df5ec5c543e300f76f1c9", "type": "github" }, "original": { From da0e3e9d56ab9f8b3fdd266861f4c28eb9529960 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Wed, 29 Jan 2025 14:29:16 -0600 Subject: [PATCH 09/10] Bump dependencies. --- flake.lock | 36 +++++++++---------- hosts/hub/apps/ollama.nix | 7 ++++ pkgs/caddy/flake.lock | 73 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 98 insertions(+), 18 deletions(-) create mode 100644 hosts/hub/apps/ollama.nix create mode 100644 pkgs/caddy/flake.lock diff --git a/flake.lock b/flake.lock index e4bcc74..467a6b2 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1723293904, - "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=", + "lastModified": 1736955230, + "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", "owner": "ryantm", "repo": "agenix", - "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41", + "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", "type": "github" }, "original": { @@ -45,7 +45,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-Q1NbA/o8Q+JSR6wfK7cd9ylc3QWuURATo7c2Q1JCbX4=", + "narHash": "sha256-SIKBfviJFGqzP5JJVCW7JRhSqxYKYChMFefASSt9YNU=", "path": "pkgs/caddy", "type": "path" }, @@ -153,11 +153,11 @@ ] }, "locked": { - "lastModified": 1735344290, - "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", + "lastModified": 1736373539, + "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=", "owner": "nix-community", "repo": "home-manager", - "rev": "613691f285dad87694c2ba1c9e6298d04736292d", + "rev": "bd65bc3cde04c16755955630b344bc9e35272c56", "type": "github" }, "original": { @@ -169,11 +169,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1735388221, - "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", + "lastModified": 1737751639, + "narHash": "sha256-ZEbOJ9iT72iwqXsiEMbEa8wWjyFvRA9Ugx8utmYbpz4=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", + "rev": "dfad538f751a5aa5d4436d9781ab27a6128ec9d4", "type": "github" }, "original": { @@ -216,11 +216,11 @@ }, "nixpkgsUnstable": { "locked": { - "lastModified": 1735471104, - "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=", + "lastModified": 1737885589, + "narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4", + "rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8", "type": "github" }, "original": { @@ -233,8 +233,8 @@ "nixpkgs_2": { "locked": { "lastModified": 0, - "narHash": "sha256-Pzyb+YNG5u3zP79zoi8HXYMs15Q5dfjDgwCdUI5B0nY=", - "path": "/nix/store/4hpdrd3qvj7nks3rrimqm2jdmcga8isc-source", + "narHash": "sha256-GFzPxJzTd1rPIVD4IW+GwJlyGwBDV1Tj5FLYwDQQ9sM=", + "path": "/nix/store/50yickar04m51aqnc43gxf45g2i0n3k9-source", "type": "path" }, "original": { @@ -244,11 +244,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1735669367, - "narHash": "sha256-tfYRbFhMOnYaM4ippqqid3BaLOXoFNdImrfBfCp4zn0=", + "lastModified": 1738023785, + "narHash": "sha256-BPHmb3fUwdHkonHyHi1+x89eXB3kA1jffIpwPVJIVys=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "edf04b75c13c2ac0e54df5ec5c543e300f76f1c9", + "rev": "2b4230bf03deb33103947e2528cac2ed516c5c89", "type": "github" }, "original": { diff --git a/hosts/hub/apps/ollama.nix b/hosts/hub/apps/ollama.nix new file mode 100644 index 0000000..e4fc202 --- /dev/null +++ b/hosts/hub/apps/ollama.nix @@ -0,0 +1,7 @@ +{ + services.ollama.enable = true; + services.caddy.virtualHosts."https://ollama.tailc50184.ts.net".extraConfig = '' + bind tailscale/ollama + reverse_proxy http://localhost:11434 + ''; +} \ No newline at end of file diff --git a/pkgs/caddy/flake.lock b/pkgs/caddy/flake.lock new file mode 100644 index 0000000..c377a1e --- /dev/null +++ b/pkgs/caddy/flake.lock @@ -0,0 +1,73 @@ +{ + "nodes": { + "caddy": { + "locked": { + "lastModified": 1735284852, + "narHash": "sha256-mQu3IwEO294DuB7XAXOvOLriElDgRTf6rTLoDh3tMFQ=", + "owner": "vincentbernat", + "repo": "caddy-nix", + "rev": "b421380ded7c000f432092df0f1a7afd9e187173", + "type": "github" + }, + "original": { + "owner": "vincentbernat", + "repo": "caddy-nix", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 0, + "narHash": "sha256-GFzPxJzTd1rPIVD4IW+GwJlyGwBDV1Tj5FLYwDQQ9sM=", + "path": "/nix/store/50yickar04m51aqnc43gxf45g2i0n3k9-source", + "type": "path" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "root": { + "inputs": { + "caddy": "caddy", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} From 838941b56b13512f25c08fccd9e5546834105d2d Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Wed, 29 Jan 2025 16:28:17 -0600 Subject: [PATCH 10/10] Update password and add new host key. --- secrets/authelia_session.age | 9 +++++---- secrets/authelia_storage.age | Bin 249 -> 249 bytes secrets/cloudflare_api.age | 9 ++++----- secrets/jwt.age | 8 ++++---- secrets/ldap.age | 10 ++++++---- secrets/nolan.age | 15 +++++++++++---- secrets/secrets.nix | 8 +++----- 7 files changed, 33 insertions(+), 26 deletions(-) diff --git a/secrets/authelia_session.age b/secrets/authelia_session.age index a7f7db0..a3525c4 100644 --- a/secrets/authelia_session.age +++ b/secrets/authelia_session.age @@ -1,5 +1,6 @@ age-encryption.org/v1 --> ssh-ed25519 5X7MKw YuRoNT0MBRWhTnjsFZUaft45PhSRkghxREoLSLnH3Ac -iFZLc/n7K4ZLs5O6m13H64On27735eJBV1UYtVjiq0c ---- alcDYeP+DzOX1IkyZ18cjsfIKirUPmHsqKXyL5LGHiQ -1Ye\-/&p:5tWG嶈C;hĿKJrf-]|?P|: \ No newline at end of file +-> ssh-ed25519 5X7MKw xrpuavAym+fGSiRin+j/3L0nkx1HbQ8KlXeDIeVgJV4 +Kp/4ez62E9tXEwKWywTFpAB5sIyWj8d46g/2P26nMoo +--- Jnp4aP2bYua2WgPK5yXjdmIVsTBtV0SsgijC6OeVB94 +#wŧ*MCݿl +8Wd΄٬k)MM^_%0K |w \ No newline at end of file diff --git a/secrets/authelia_storage.age b/secrets/authelia_storage.age index 4782c978dea468569c13fd1efe6c202f384bebf0..c1c38461c0bfc12343fa49879b9035afa766f92c 100644 GIT binary patch delta 213 zcmey#_>*yhPQ7=&X=HM;Z$wdwWu%9rS%kisPilsFpi8=`V@Q>&TZExcR7zpCdvHaB z0arytVM%F0X`W+nihojSaIT?KhDkw1iE)T`MXF19VR3|~zjuI>fk#?KD3`9Tu7a_X zqj5o6o>Q24PO3$On@dn`Mwo$qSV>4uflr!KVwq!zub*pHenCcrk0%$Gereg+AQj<) z;IB+69@^i|T72?9=Emyxfy4SjxK2pl-5#kgEeB>*6v(wy&0RUA+VIHk>670)nRZtC P5bM-~tleB%77Vii(Na$@ delta 213 zcmey#_>*yhPJKj ssh-ed25519 5X7MKw ym72T52g1+mR47oSMb2e0wnBz6L15p+AFcn91r1Ge1w -f13gDhaIrpUS/HYpRFZkIq5YLf4IDckXHkcNg3FOfIM ---- GKtoiEoq2vhv/dh6/zRXSsbETxloRfcC9PLFn0Y+B7o -1v%[KV5fIS邍DpԸ>/+nRcKټVQ2w ݵ&v3ʃ{.74 -HS\k-RFvHjih  \ No newline at end of file +-> ssh-ed25519 5X7MKw OkAHr+YJ9t0JBsWcw0EYVGye17zGJoYzAMSiqyggwyU +U9tiuehf/rG9yQjZsBqXkY42CHE98mTBOw/7SkQhOwk +--- +focODoDCNdQbm8SS0q0USCQ5LUZx+NnKvc0tK5GR5g +w~\O^l/Eplζb 3x:)(VDAV0l3īRM߄BH҉ ʒ!Yâ&wJ|˔5vr:\ \ No newline at end of file diff --git a/secrets/jwt.age b/secrets/jwt.age index 17fe60b..2e3622f 100644 --- a/secrets/jwt.age +++ b/secrets/jwt.age @@ -1,5 +1,5 @@ age-encryption.org/v1 --> ssh-ed25519 5X7MKw LxFmTWxgYrEE1RsQsdygOOKz9BQLAJevlowuf4+mFXc -1ZeeOA3Ihyeg4huXqzNf6WaOpA/EbU1G36Rwo6ANMvo ---- hUkp8RDLowKXNhY3WJe2O4SjrXyt6fGHs1gk95T3RNs -<uHsN5c㿳 ssh-ed25519 5X7MKw q8mFirtavSJK5ovKFl3l0/Hs/ooHwVy2UmuMwVENrDc +PwdMCbPZkr5jF0No+D2p51Y41Df5THYD3u2+lD5lLYE +--- 11Ll3UGRQQmtLz82aU1WegRlfSowlxakbzcTq/lL4/w +4jċ9UH? |dO(թUPq/]R_Z];H؂[441Z \ No newline at end of file diff --git a/secrets/ldap.age b/secrets/ldap.age index 19c2f7e..dc576a1 100644 --- a/secrets/ldap.age +++ b/secrets/ldap.age @@ -1,5 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 5X7MKw wZTFdwnfdu6FNEtTN9k4pNvMxWjANQOeGMcfhEFVuEQ -J3ACr5ChFqZAmnoTvfgkN+/3lxLzcU0i08CRWtpQqqc ---- 8Iex/gX3YgiuC4hQDfaf2C8EyQawOn7ccghWg9wr/OY -˥JH 6HwKiVeOt']iK/YCIyٮ}vtSʆsŰJ \ No newline at end of file +-> ssh-ed25519 5X7MKw YFex6K7JkRIA0nRPYtd9kySRTulpG/ks6abtaBZJICk +sZ/EMZTWNvj6Q1Fx9XoBy/whnAB4syYXXTW8iMGXbok +--- 49i8zwxAXuJQ4aca4VsLpxij7yjttJoTYZd0po3pDvo +%ǹ3} +KL83ݚon,d!1|f +K>;=`e> $zc \ No newline at end of file diff --git a/secrets/nolan.age b/secrets/nolan.age index 3c9d623..0416bc9 100644 --- a/secrets/nolan.age +++ b/secrets/nolan.age @@ -1,5 +1,12 @@ age-encryption.org/v1 --> ssh-ed25519 WXu6hQ xPIs0RMmg8qzbe5u0fkmd52vwUWtPFbp8OT+PWKfBmk -AlgW3FNZMZZKQP2WBxBtkz/fkn7D36jH6RQqQqPTFLQ ---- Fbjl6JMOoyxErJQ2vxx/JiZyjMK7aoWFqIH3WMZxbrk ->2[\R!VlC/v5iFbNɇo}t\|0F;2{qp2Ћ*B.JAC7? [ y%xڠ \ No newline at end of file +-> ssh-rsa exbmLg +owZ2BSARW2S2gsT4JCuCYPqPy0rHTU5WlKbGdiFF1HzYHFmzjYlpvdVXNnoIbAz3 +mg7y2HaOpa/DaVHkoj6yYL0AOEXka4SdYAIBqnXIAZefGTbGHuzUl518zlgq41tx +ODwgChYaSR6EOFO7zCjyfdeYMfjU65zKNttgDngS8BfeiMKAc2ok6H/4/w/gIs57 +FYDk1kXigJg+55omrTpex2aDg/D9kc6njbHcHijB7gFYtnN5Yc73JfY6QeoAf9Re +U8/gnA4CTRDMkuYjXPKZKEvU6VDoiKsdQuuHAwlXHjO9JE2JHz3IXd4ODwP/A47f +yDusR5yWk1ZvYjPZNjS8pQ +-> ssh-ed25519 revz+g zQStUkTc1AhVSg+u87WdvWaG5YcZUop7q6Ld6rCXKhM +WokTf8Ap9QZqJv1Qf8ich+9OjCRzFwdXjkW0owdMISk +--- 8NYNJtWhxmiFoR0GAafRsoGQKfPXM+3sP6zZSbCzpGo +@i?3rQSAlئRi+W*C̦ \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 282f810..e873b7f 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -1,13 +1,11 @@ let - nolan = "ssh-rsa - AAAAB3NzaC1yc2EAAAADAQABAAABAQDPk6C4eOYzTZ8XOuUA2tErGnSTLS/l9kRDl9+5Ql+m7VtaH/KRFbu6x+C0QAIKOrRcQOjpGYUjL1aIn0HCcoEW2PSihDmOHC+W8cy8ucScy4fPI5KpFFqTZU336Fje+NS4n587gcoaa5LjKcr2KZy/ljgzl4eNSRIqy85khfH4puxsj7LwTIqsZoqDhtD/jSqaKP1C2wuYSsijLF85UnRcT9jErnL757yUv/4xb4Is+gB0zan9GiBXRca4lzb0mY8rmMXmKhc2lm/mu8ogZRdYX5R2JP1AukzYGSdOFs4iUauihgvakuou9AugD2CC+ygYIEbWkUjwKfT9nRN93Qi9 - id_rsa"; - nixbox = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPChjQ4PCvOkknZitrMS89GVjyxIbb/TPfczOWZ+rY6C"; + nolan = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPk6C4eOYzTZ8XOuUA2tErGnSTLS/l9kRDl9+5Ql+m7VtaH/KRFbu6x+C0QAIKOrRcQOjpGYUjL1aIn0HCcoEW2PSihDmOHC+W8cy8ucScy4fPI5KpFFqTZU336Fje+NS4n587gcoaa5LjKcr2KZy/ljgzl4eNSRIqy85khfH4puxsj7LwTIqsZoqDhtD/jSqaKP1C2wuYSsijLF85UnRcT9jErnL757yUv/4xb4Is+gB0zan9GiBXRca4lzb0mY8rmMXmKhc2lm/mu8ogZRdYX5R2JP1AukzYGSdOFs4iUauihgvakuou9AugD2CC+ygYIEbWkUjwKfT9nRN93Qi9 id_rsa"; hub = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHygBPmz5T8IH/D60CiA5mOlKFTtYnk8JaK6cB+RJ4rk"; garden = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3GEJ8fp2P10tKXGz7Oh4wg/CN1IvfS7s06hWLuA573"; + flynode = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOhYhgpzyqIbSX779o6TI9yZA1qvha+SUfrdHwndj69I"; in { - "nolan.age".publicKeys = [ nixbox ]; + "nolan.age".publicKeys = [ nolan flynode ]; "ldap.age".publicKeys = [ hub ]; "jwt.age".publicKeys = [ hub ]; "authelia_session.age".publicKeys = [ hub ];