diff --git a/.forgejo/workflows/update_websites.yaml b/.forgejo/workflows/update_websites.yaml deleted file mode 100644 index c27629e..0000000 --- a/.forgejo/workflows/update_websites.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# The websites can sometimes cause issues when being built and deployed -# This pipeline is to update the inputs from the server - -name: Update_Flake_Websites - -run-name: "[Update Flake Websites]" - -on: - workflow_dispatch: - -jobs: - update: - runs-on: nix - - permissions: - # Give the default GITHUB_TOKEN write permission to commit and push the - # added or changed files to the repository. - contents: write - - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - token: ${{ secrets.PIPELINE_TOKEN }} - - run: nix flake update skynet_website_2003 - shell: bash - - run: nix flake update skynet_website_2006 - shell: bash - - run: nix flake update skynet_website_2016 - shell: bash - - run: nix flake update skynet_website_2021 - shell: bash - - run: nix flake update skynet_website_2023 - shell: bash - - run: nix flake update skynet_website_2024 - shell: bash - - run: nix flake update skynet_website - shell: bash - - uses: https://github.com/stefanzweifel/git-auto-commit-action@v5 - with: - commit_message: "Updated flake for Websites" \ No newline at end of file diff --git a/ITD/Firewall_Rules.csv b/ITD/Firewall_Rules.csv index ebc5333..c955339 100644 --- a/ITD/Firewall_Rules.csv +++ b/ITD/Firewall_Rules.csv @@ -44,6 +44,4 @@ SKYNET_FIREWALL_00032,Remove,i24-06-04_017,Complete,All,-,193.1.99.90,SKYNET0001 SKYNET_FIREWALL_00033,Add,i24-06-04_017,Complete,All,-,193.1.99.91,SKYNET00017,8080,-,Websocket for admin panel on games management server ,Add,i24-07-15_112,Denied,193.1.99.75,-,-,-,22,-,Response from ITD - 'Our IT Security team have advised that port 22 and port 2222 are only to be allowed through the VPN and will not be opened to allow inbound ssh connections directly from the internet' SKYNET_FIREWALL_00034,Add,i25-01-26_075,Complete,All,-,193.1.99.91,SKYNET00017,-,23318-23325,Ports for Minecraft Bedrock on the main games server. -SKYNET_FIREWALL_00035,Add,i25-02-14_114,Complete,193.1.99.75,SKYNET00008,193.1.96.165,SKYNET00012,22,-,Allow our forgejo runner to access and deploy to teh external server -SKYNET_FIREWALL_00036,Add,i25-03-11_125,Complete,All,-,193.1.99.86,SKYNET00027,25,-,Email Filter -SKYNET_FIREWALL_00037,Add,i25-03-30_018,Complete,All,-,193.1.99.91,SKYNET00017,27015/27016/27020,27015/27020,CSGO/TF2 Ports \ No newline at end of file +SKYNET_FIREWALL_00035,Add,i25-02-14_114,Complete,193.1.99.75,SKYNET00008,193.1.96.165,SKYNET00012,22,-,Allow our forgejo runner to access and deploy to teh external server \ No newline at end of file diff --git a/ITD/Server_Inventory.csv b/ITD/Server_Inventory.csv index c7a57f1..d9a63f5 100644 --- a/ITD/Server_Inventory.csv +++ b/ITD/Server_Inventory.csv @@ -24,5 +24,4 @@ SKYNET00022,ultron,Active,193.1.99.084,Proxmox,VM Host SKYNET00023,optimus-test,Retired,193.1.99.085,Nixos,Testing flake for Pelecian SKYNET00024,optimus,Active,193.1.99.090,Nixos,Games server manager (replaced SKYNET00016) SKYNET00025,bumblebee,Active,193.1.99.091,Nixos,Game server - Minecraft (replaced SKYNET00017) -SKYNET00026,vision,Active,193.1.99.085,Raspbian,Proxmox Qurom server -SKYNET00027,mimi,Active,193.1.99.086,Proxmox-Mail-Gateway,Proxmox Mail Gateway \ No newline at end of file +SKYNET00027,vision,Active,193.1.99.085,Raspbian,Proxmox Qurom server \ No newline at end of file diff --git a/applications/_base.nix b/applications/_base.nix index 79a83df..f96d7e4 100644 --- a/applications/_base.nix +++ b/applications/_base.nix @@ -42,16 +42,6 @@ in { type = types.str; default = "${cfg.host.name}.skynet.ie"; }; - interface = mkOption { - type = types.str; - description = "Will most likely be ``eno1`` for physical servers."; - default = "eth0"; - }; - cidr = mkOption { - type = types.int; - description = "Most of our servers are /26, "; - default = 26; - }; }; }; @@ -70,23 +60,6 @@ in { } ]; - # use lix instead of nix - nix.package = pkgs.lixPackageSets.stable.lix; - - # set - networking = { - hostName = cfg.host.name; - defaultGateway.interface = lib.mkForce cfg.host.interface; - - # needs to have an address statically assigned - interfaces."${cfg.host.interface}".ipv4.addresses = [ - { - address = cfg.host.ip; - prefixLength = cfg.host.cidr; - } - ]; - }; - services.nginx = { virtualHosts = { # for every server unless explisitly defined redirect the ip to skynet.ie diff --git a/applications/discord_t-800.nix b/applications/discord_t-800.nix deleted file mode 100644 index cad630a..0000000 --- a/applications/discord_t-800.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - pkgs, - lib, - inputs, - ... -}: -with lib; let - name = "discord_bot_t-800"; - cfg = config.services.skynet."${name}"; -in { - imports = [ - inputs.skynet_discord_bot_t-800.nixosModule."x86_64-linux" - ]; - - options.services.skynet."${name}" = { - enable = mkEnableOption "Logging Bot"; - }; - - config = mkIf cfg.enable { - #backups = [ "/etc/silver_ul_ical/database.db" ]; - - age.secrets.discord_t-800_details.file = ../secrets/discord/t-800.age; - - # this is what was imported - services.skynet_discord_bot_t-800 = { - enable = true; - - env = config.age.secrets.discord_t-800_details.path; - }; - }; -} diff --git a/applications/dns/dns.nix b/applications/dns/dns.nix index 3286a98..da8577f 100644 --- a/applications/dns/dns.nix +++ b/applications/dns/dns.nix @@ -369,7 +369,7 @@ in { # piles of no valid RRSIG resolving 'com/DS/IN' errors extraOptions = '' - dnssec-validation auto; + dnssec-validation yes; ''; # set the upstream dns servers diff --git a/applications/email.nix b/applications/email.nix index d7a6381..519f3e0 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -50,10 +50,6 @@ with lib; let account = "contact"; members = ["committee"]; } - { - account = "committee"; - members = ["committee"]; - } { account = "dbadmin"; members = ["admin"]; @@ -106,27 +102,13 @@ with lib; let require ["fileinto", "reject"]; require "variables"; require "regex"; - require "subaddress"; # this should be close to teh last step if allof ( - address :user ["To", "Cc"] ["${toString create_config_to}"], + address :localpart ["To", "Cc"] ["${toString create_config_to}"], address :domain ["To", "Cc"] "skynet.ie" ){ if address :matches ["To", "Cc"] "*@skynet.ie" { - # handle spam reports specifically for teh service accounts in each users inbox - if address :matches ["From"] "postmaster@mimi.skynet.ie" { - fileinto :create "''${1}.Spam_Report"; - stop; - } - - # user+subdir - if address :matches ["To", "Cc"] "*+*@skynet.ie" { - fileinto :create "''${1}.''${2}"; - stop; - } - - # no detail, proceed normally if header :is "X-Spam" "Yes" { fileinto :create "''${1}.Junk"; stop; @@ -136,13 +118,6 @@ with lib; let } } } - - # handle spam Reports for general users - if address :matches ["From"] "postmaster@mimi.skynet.ie" { - fileinto :create "INBOX.Spam_Report"; - stop; - } - if allof ( address :localpart ["From"] ["${toString create_config_to}"], address :domain ["From"] "skynet.ie" @@ -309,27 +284,13 @@ in { # set up dns record for it services.skynet.dns.records = [ + # core record { - # This is the mail gateway, try to send all mail to it first - # Lower number = higher priority - record = "@"; - r_type = "MX"; - # the number is the priority in teh case of multiple mailservers - value = "5 mimi.${cfg.domain}."; - } - { - # this is the main email server record = "@"; r_type = "MX"; # the number is the priority in teh case of multiple mailservers value = "10 mail.${cfg.domain}."; } - { - record = "@"; - r_type = "MX"; - # the number is the priority in teh case of multiple mailservers - value = "10 lists.${cfg.domain}."; - } # basic one { @@ -337,11 +298,6 @@ in { r_type = "A"; value = config.services.skynet.host.ip; } - { - record = "lists"; - r_type = "A"; - value = config.services.skynet.host.ip; - } #DNS config for K-9 Mail { record = "imap"; @@ -470,12 +426,9 @@ in { mailserver = { enable = true; - stateVersion = 1; - fqdn = "${cfg.sub}.${cfg.domain}"; domains = [ cfg.domain - "lists.skynet.ie" ]; enableManageSieve = true; @@ -490,10 +443,6 @@ in { # 20MB max size messageSizeLimit = 20000000; - # policydSPFExtraConfig = '' - # skip_addresses = 193.1.99.86/32 - # ''; - ldap = { enable = true; uris = cfg.ldap.hosts; @@ -506,13 +455,13 @@ in { searchScope = "sub"; dovecot = { - userFilter = "(skMail=%{user})"; + userFilter = "(skMail=%u)"; # can lock down how much space each user has access to from ldap userAttrs = "quotaEmail=quota_rule=*:bytes=%$,=quota_rule2=Trash:storage=+100M"; # accept emails in, but only allow access to paid up members - passFilter = "(&(|${create_filter cfg.groups})(skMail=%{user}))"; + passFilter = "(&(|${create_filter cfg.groups})(skMail=%u))"; }; postfix = { @@ -565,23 +514,14 @@ in { }; # tune the spam filter - services.rspamd.locals = { - "multimap.conf" = { - text = '' - IP_WHITELIST { - type = "ip"; - prefilter = true; - map = "/etc/rspamd/local.d/ip_whitelist.map"; - action = "accept"; - } - ''; - }; - - "ip_whitelist.map" = { - text = '' - 193.1.99.86 - ''; - }; - }; + /* + services.rspamd.extraConfig = '' + actions { + reject = null; # Disable rejects, default is 15 + add_header = 7; # Add header when reaching this score + greylist = 4; # Apply greylisting when reaching this score + } + ''; + */ }; } diff --git a/applications/git/forgejo.nix b/applications/git/forgejo.nix index cfe0a60..c7b3572 100644 --- a/applications/git/forgejo.nix +++ b/applications/git/forgejo.nix @@ -70,7 +70,6 @@ in { locations."/" = { proxyPass = "http://localhost:${toString cfg.forgejo.port}"; extraConfig = '' - add_header Content-Security-Policy "frame-ancestors 'self' https://silver.users.skynet.ie"; client_max_body_size 1000M; ''; }; @@ -106,15 +105,6 @@ in { DEFAULT_ACTIONS_URL = "github"; }; - indexer = { - # Will consume more disk space, but we have plenty of that - REPO_INDEXER_ENABLED = true; - }; - - database = { - SQLITE_JOURNAL_MODE = "WAL"; - }; - # Allow for signing off merge requests # "repository.signing" = { # SIGNING_KEY = "5B2DED0FE9F8627A"; diff --git a/applications/grafana.nix b/applications/grafana.nix index 953b02e..3bce51b 100644 --- a/applications/grafana.nix +++ b/applications/grafana.nix @@ -49,8 +49,6 @@ in { domain = "${name}.skynet.ie"; port = port; - settings.server.root_url = "https://${name}.skynet.ie"; - settings.security.admin_password = "$__file{${config.age.secrets.grafana_pw.path}}"; provision = { diff --git a/applications/proxmox-lxc.nix b/applications/proxmox-lxc.nix new file mode 100644 index 0000000..9f1c970 --- /dev/null +++ b/applications/proxmox-lxc.nix @@ -0,0 +1,96 @@ +/* +Once https://github.com/NixOS/nixpkgs/pull/267764 is merged this can be removed +*/ +{ + config, + pkgs, + lib, + ... +}: +with lib; { + options.proxmoxLXC = { + enable = mkOption { + default = true; + type = types.bool; + description = lib.mdDoc "Whether to enable the Proxmox VE LXC module."; + }; + privileged = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable privileged mounts + ''; + }; + manageNetwork = mkOption { + type = types.bool; + default = false; + description = '' + Whether to manage network interfaces through nix options + When false, systemd-networkd is enabled to accept network + configuration from proxmox. + ''; + }; + manageHostName = mkOption { + type = types.bool; + default = false; + description = '' + Whether to manage hostname through nix options + When false, the hostname is picked up from /etc/hostname + populated by proxmox. + ''; + }; + }; + + config = let + cfg = config.proxmoxLXC; + in + mkIf cfg.enable { + system.build.tarball = pkgs.callPackage ../../lib/make-system-tarball.nix { + storeContents = [ + { + object = config.system.build.toplevel; + symlink = "none"; + } + ]; + + contents = [ + { + source = config.system.build.toplevel + "/init"; + target = "/sbin/init"; + } + ]; + + extraCommands = "mkdir -p root etc/systemd/network"; + }; + + boot = { + isContainer = true; + loader.initScript.enable = true; + }; + + console.enable = true; + + networking = mkIf (!cfg.manageNetwork) { + useDHCP = false; + useHostResolvConf = false; + useNetworkd = true; + # pick up hostname from /etc/hostname generated by proxmox + hostName = mkIf (!cfg.manageHostName) (mkForce ""); + }; + + services.openssh = { + enable = mkDefault true; + startWhenNeeded = mkDefault true; + }; + + systemd = { + mounts = mkIf (!cfg.privileged) [ + { + enable = false; + where = "/sys/kernel/debug"; + } + ]; + services."getty@".unitConfig.ConditionPathExists = ["" "/dev/%I"]; + }; + }; +} diff --git a/applications/skynet.ie/old_site.nix b/applications/skynet.ie/old_site.nix index 18f80df..1e43255 100644 --- a/applications/skynet.ie/old_site.nix +++ b/applications/skynet.ie/old_site.nix @@ -9,6 +9,10 @@ with lib; { imports = []; config = { + services.skynet.acme.domains = [ + "${year}.skynet.ie" + ]; + services.skynet.dns.records = [ { record = year; @@ -23,28 +27,6 @@ with lib; { forceSSL = true; useACMEHost = "skynet"; root = "${inputs."skynet_website_${year}".defaultPackage."x86_64-linux"}"; - # Handle any of the old php sites - # https://stackoverflow.com/a/21911610 - locations = { - "/" = { - index = "index.html index.htm index.php"; - tryFiles = "$uri $uri.html $uri/ @extensionless-php"; - }; - - "~ \\.php$" = { - extraConfig = '' - fastcgi_pass unix:${config.services.phpfpm.pools.old_sites.socket}; - fastcgi_index index.php; - ''; - tryFiles = "$uri =404"; - }; - - "@extensionless-php" = { - extraConfig = '' - rewrite ^(.*)$ $1.php last; - ''; - }; - }; }; }; }; diff --git a/applications/skynet.ie/skynet.ie.nix b/applications/skynet.ie/skynet.ie.nix index 99cc46d..cb2e778 100644 --- a/applications/skynet.ie/skynet.ie.nix +++ b/applications/skynet.ie/skynet.ie.nix @@ -12,13 +12,9 @@ in { imports = [ # import in past website versions, available at $year.skynet.ie # at teh end of teh year add it here - (import ./old_site.nix {year = "2024";}) (import ./old_site.nix {year = "2023";}) - (import ./old_site.nix {year = "2022";}) - (import ./old_site.nix {year = "2016";}) - (import ./old_site.nix {year = "2006";}) - (import ./old_site.nix {year = "2003";}) - (import ./old_site.nix {year = "1996";}) + (import ./old_site.nix {year = "2017";}) + (import ./old_site.nix {year = "2009";}) ]; options.services.skynet."${name}" = { @@ -27,8 +23,9 @@ in { config = mkIf cfg.enable { services.skynet.acme.domains = [ - "*.skynet.ie" - "*.discord.skynet.ie" + "www.skynet.ie" + "discord.skynet.ie" + "public.skynet.ie" ]; services.skynet.dns.records = [ @@ -48,21 +45,11 @@ in { r_type = "CNAME"; value = config.services.skynet.host.name; } - { - record = "wolves"; - r_type = "CNAME"; - value = config.services.skynet.host.name; - } { record = "public"; r_type = "CNAME"; value = config.services.skynet.host.name; } - { - record = "*.discord"; - r_type = "CNAME"; - value = config.services.skynet.host.name; - } ]; services.nginx = { @@ -85,28 +72,12 @@ in { "www.skynet.ie" = main_site; "skynet.ie" = main_site; - "wolves.skynet.ie" = { - forceSSL = true; - useACMEHost = "skynet"; - locations."/".return = "307 https://ulwolves.ie/society/computer"; - }; - # a custom discord url, because we are too cheap otehrwise "discord.skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; locations."/".return = "307 https://discord.gg/mkuKJkCuyM"; }; - "compsoc.discord.skynet.ie" = { - forceSSL = true; - useACMEHost = "skynet"; - locations."/".return = "307 https://discord.gg/mkuKJkCuyM"; - }; - "committee.discord.skynet.ie" = { - forceSSL = true; - useACMEHost = "skynet"; - locations."/".return = "307 https://discord.gg/D6mbASJKxU"; - }; "public.skynet.ie" = { forceSSL = true; @@ -116,19 +87,5 @@ in { }; }; }; - - # Some old sites need a php pool running - services.phpfpm.pools.old_sites = { - user = "nobody"; - settings = { - "pm" = "dynamic"; - "listen.owner" = config.services.nginx.user; - "pm.max_children" = 5; - "pm.start_servers" = 2; - "pm.min_spare_servers" = 1; - "pm.max_spare_servers" = 3; - "pm.max_requests" = 500; - }; - }; }; } diff --git a/applications/skynet.ie/wiki.nix b/applications/skynet.ie/wiki.nix index 19250b3..6d1aa57 100644 --- a/applications/skynet.ie/wiki.nix +++ b/applications/skynet.ie/wiki.nix @@ -17,6 +17,11 @@ in { }; config = mkIf cfg.enable { + services.skynet.acme.domains = [ + "renew.skynet.ie" + "wiki.skynet.ie" + ]; + services.skynet.dns.records = [ { record = "renew"; diff --git a/applications/skynet_users.nix b/applications/skynet_users.nix index 88347a2..2812bcc 100644 --- a/applications/skynet_users.nix +++ b/applications/skynet_users.nix @@ -9,23 +9,6 @@ with lib; let name = "website_users"; cfg = config.services.skynet."${name}"; php_pool = name; - - custom = domain: user: { - "${domain}" = { - forceSSL = true; - enableACME = true; - locations = { - "/" = { - alias = "/home/${user}/public_html/"; - index = "index.html"; - extraConfig = '' - autoindex on; - ''; - tryFiles = "$uri$args $uri$args/ /index.html"; - }; - }; - }; - }; in { imports = [ ]; @@ -101,46 +84,55 @@ in { phpEnv."PATH" = lib.makeBinPath [pkgs.php]; }; - services.nginx.virtualHosts = lib.mkMerge [ - # main site - { - "*.users.skynet.ie" = { - forceSSL = true; - useACMEHost = "skynet"; - serverName = "~^(?.+)\.users\.skynet\.ie"; - - # username.users.skynet.ie/ - # user goes: - # chmod 711 ~ - # chmod -R 755 ~/public_html - - locations = { - "/" = { - alias = "/home/$user/public_html/"; - index = "index.html"; - extraConfig = '' - autoindex on; - ''; - tryFiles = "$uri$args $uri$args/ /index.html"; - }; - - "~ ^(.+\\.php)(.*)$" = { - root = "/home/$user/public_html/"; - index = "index.php"; - extraConfig = '' - autoindex on; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:${config.services.phpfpm.pools.${php_pool}.socket}; - include ${pkgs.nginx}/conf/fastcgi.conf; - ''; - tryFiles = "$uri$args $uri$args/ /index.php"; - }; + services.nginx.virtualHosts = { + "outinul.ie" = { + forceSSL = true; + enableACME = true; + locations = { + "/" = { + alias = "/home/outinul/public_html/"; + index = "index.html"; + extraConfig = '' + autoindex on; + ''; + tryFiles = "$uri$args $uri$args/ /index.html"; }; }; - } + }; + # main site + "*.users.skynet.ie" = { + forceSSL = true; + useACMEHost = "skynet"; + serverName = "~^(?.+)\.users\.skynet\.ie"; - (custom "outinul.ie" "outinul") - (custom "www.outinul.ie" "outinul") - ]; + # username.users.skynet.ie/ + # user goes: + # chmod 711 ~ + # chmod -R 755 ~/public_html + + locations = { + "/" = { + alias = "/home/$user/public_html/"; + index = "index.html"; + extraConfig = '' + autoindex on; + ''; + tryFiles = "$uri$args $uri$args/ /index.html"; + }; + + "~ ^(.+\\.php)(.*)$" = { + root = "/home/$user/public_html/"; + index = "index.php"; + extraConfig = '' + autoindex on; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:${config.services.phpfpm.pools.${php_pool}.socket}; + include ${pkgs.nginx}/conf/fastcgi.conf; + ''; + tryFiles = "$uri$args $uri$args/ /index.php"; + }; + }; + }; + }; }; } diff --git a/applications/sso.nix b/applications/sso.nix deleted file mode 100644 index 3bae2c2..0000000 --- a/applications/sso.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ - lib, - config, - ... -}: -with lib; let - name = "sso"; - cfg = config.services.skynet."${name}"; -in { - imports = [ - ]; - - options.services.skynet."${name}" = { - enable = mkEnableOption "Keycloak server"; - - datasource = { - name = mkOption { - type = types.str; - }; - - url = mkOption { - type = types.str; - }; - }; - }; - - config = mkIf cfg.enable { - services.skynet.dns.records = [ - { - record = "${name}"; - r_type = "CNAME"; - value = config.services.skynet.host.name; - } - ]; - - services.skynet.acme.domains = [ - "${name}.skynet.ie" - ]; - - age.secrets.keycloak_pw.file = ../secrets/keycloak/pw.age; - - services.nginx.virtualHosts = { - "${name}.skynet.ie" = { - forceSSL = true; - useACMEHost = "skynet"; - locations = { - "/" = { - proxyPass = "http://localhost:${toString config.services.keycloak.settings.http-port}/"; - }; - }; - }; - }; - - services.postgresql.enable = true; - - services.keycloak = { - enable = true; - - initialAdminPassword = "sharky_loves_sso"; - - database = { - type = "postgresql"; - createLocally = true; - - username = "keycloak"; - passwordFile = config.age.secrets.keycloak_pw.path; - }; - - settings = { - hostname = "${name}.skynet.ie"; - http-port = 38080; - proxy-headers = "xforwarded"; - http-enabled = true; - }; - }; - }; -} diff --git a/config/dns.nix b/config/dns.nix index ccb1df3..9cd7484 100644 --- a/config/dns.nix +++ b/config/dns.nix @@ -32,17 +32,6 @@ value = "193.1.99.114"; server = true; } - { - record = "mimi"; - r_type = "A"; - value = "193.1.99.86"; - server = true; - } - { - record = "nuked"; - r_type = "CNAME"; - value = "neuromancer.skynet.ie."; - } ] # non skynet domains ++ [ diff --git a/config/users.nix b/config/users.nix index f7c3f84..51ec6d2 100644 --- a/config/users.nix +++ b/config/users.nix @@ -55,11 +55,12 @@ in { "silver" "eoghanconlon73" "nanda" - "skyapples" - "generically" + "emily1999" + "dgr" ] # Committee - OCM ++ [ + "skyapples" "eliza" "amymucko" "archiedms" @@ -68,7 +69,6 @@ in { # Committee - SISTEM ++ [ "peace" - "milan" ] # Admins are part of Committee as well ++ cfg.admin diff --git a/flake.lock b/flake.lock index a5a5364..aef7599 100644 --- a/flake.lock +++ b/flake.lock @@ -47,7 +47,7 @@ "inputs": { "fenix": "fenix_2", "flakeCompat": "flakeCompat_2", - "nixpkgs": "nixpkgs_24" + "nixpkgs": "nixpkgs_18" }, "locked": { "lastModified": 1719514321, @@ -90,11 +90,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1723500950, - "narHash": "sha256-t1eApFGI+JzLIW2YToLlDV20n+Nevk1q4fZBYU1m93I=", + "lastModified": 1723391194, + "narHash": "sha256-04UThV4LZNRHg/+GbEl7M2ginWbm8FrQ5jBVmYcroNg=", "owner": "silver_rust", "repo": "bfom", - "rev": "7f339f28442758ecc3f1697e3f70d441973664b9", + "rev": "fffd69b6433a2d2fd359b92e3816ae9938b3e99c", "type": "gitlab" }, "original": { @@ -148,11 +148,11 @@ "utils": "utils_2" }, "locked": { - "lastModified": 1757590727, - "narHash": "sha256-ahg2fT8Ez1T0rLthHwcLUV+x3JOdr6pGbqI9dfOWapM=", + "lastModified": 1732723930, + "narHash": "sha256-25w50gGNTIyPgkcQa39XSFFX8gYVVniL01CX+IXfC8w=", "ref": "refs/heads/main", - "rev": "6fd88f9064082ed7a1fe43d925c4995ba58418b8", - "revCount": 120, + "rev": "744777c990434c9a84304ce6fd8c4582e6078a4c", + "revCount": 110, "type": "git", "url": "https://forgejo.skynet.ie/Computer_Society/presentations_compsoc" }, @@ -247,11 +247,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -314,6 +314,24 @@ "type": "github" } }, + "flake-utils_3": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "flakeCompat": { "flake": false, "locked": { @@ -346,51 +364,18 @@ "type": "github" } }, - "git-hooks": { - "inputs": { - "flake-compat": [ - "simple-nixos-mailserver", - "flake-compat" - ], - "gitignore": "gitignore", - "nixpkgs": [ - "simple-nixos-mailserver", - "nixpkgs" - ] - }, + "flakey-profile": { "locked": { - "lastModified": 1749636823, - "narHash": "sha256-WUaIlOlPLyPgz9be7fqWJA5iG6rHcGRtLERSCfUDne4=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "623c56286de5a3193aa38891a6991b28f9bab056", + "lastModified": 1712898590, + "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", + "owner": "lf-", + "repo": "flakey-profile", + "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", "type": "github" }, "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "simple-nixos-mailserver", - "git-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", + "owner": "lf-", + "repo": "flakey-profile", "type": "github" } }, @@ -431,6 +416,41 @@ "type": "github" } }, + "lix": { + "flake": false, + "locked": { + "lastModified": 1737234286, + "narHash": "sha256-CCKIAE84dzkrnlxJCKFyffAxP3yfsOAbdvydUGqq24g=", + "rev": "2837da71ec1588c1187d2e554719b15904a46c8b", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2837da71ec1588c1187d2e554719b15904a46c8b.tar.gz?rev=2837da71ec1588c1187d2e554719b15904a46c8b" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/lix/archive/2.92.0.tar.gz" + } + }, + "lix-module": { + "inputs": { + "flake-utils": "flake-utils_3", + "flakey-profile": "flakey-profile", + "lix": "lix", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1737237494, + "narHash": "sha256-YMLrcBpf0TR5r/eaqm8lxzFPap2TxCor0ZGcK3a7+b8=", + "rev": "b90bf629bbd835e61f1317b99e12f8c831017006", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/b90bf629bbd835e61f1317b99e12f8c831017006.tar.gz?rev=b90bf629bbd835e61f1317b99e12f8c831017006" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz" + } + }, "naersk": { "inputs": { "nixpkgs": "nixpkgs_4" @@ -472,29 +492,11 @@ "nixpkgs": "nixpkgs_10" }, "locked": { - "lastModified": 1745925850, - "narHash": "sha256-cyAAMal0aPrlb1NgzMxZqeN1mAJ2pJseDhm2m6Um8T0=", + "lastModified": 1686572087, + "narHash": "sha256-jXTut7ZSYqLEgm/nTk7TuVL2ExahTip605bLINklAnQ=", "owner": "nix-community", "repo": "naersk", - "rev": "38bc60bbc157ae266d4a0c96671c6c742ee17a5f", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "naersk", - "type": "github" - } - }, - "naersk_4": { - "inputs": { - "nixpkgs": "nixpkgs_12" - }, - "locked": { - "lastModified": 1739824009, - "narHash": "sha256-fcNrCMUWVLMG3gKC5M9CBqVOAnJtyRvGPxptQFl5mVg=", - "owner": "nix-community", - "repo": "naersk", - "rev": "e5130d37369bfa600144c2424270c96f0ef0e11d", + "rev": "8507af04eb40c5520bd35d9ce6f9d2342cea5ad1", "type": "github" }, "original": { @@ -540,131 +542,51 @@ "type": "github" } }, - "nixpkgs-25_05": { + "nixpkgs-24_05": { "locked": { - "lastModified": 1749727998, - "narHash": "sha256-mHv/yeUbmL91/TvV95p+mBVahm9mdQMJoqaTVTALaFw=", + "lastModified": 1717144377, + "narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fd487183437963a59ba763c0cc4f27e3447dd6dd", + "rev": "805a384895c696f802a9bf5bf4720f37385df547", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-mozilla": { - "flake": false, - "locked": { - "lastModified": 1744624473, - "narHash": "sha256-S6zT/w5SyAkJ//dYdjbrXgm+6Vkd/k7qqUl4WgZ6jjk=", - "owner": "mozilla", - "repo": "nixpkgs-mozilla", - "rev": "2292d4b35aa854e312ad2e95c4bb5c293656f21a", - "type": "github" - }, - "original": { - "owner": "mozilla", - "repo": "nixpkgs-mozilla", - "type": "github" - } - }, - "nixpkgs-mozilla_2": { - "flake": false, - "locked": { - "lastModified": 1744624473, - "narHash": "sha256-S6zT/w5SyAkJ//dYdjbrXgm+6Vkd/k7qqUl4WgZ6jjk=", - "owner": "mozilla", - "repo": "nixpkgs-mozilla", - "rev": "2292d4b35aa854e312ad2e95c4bb5c293656f21a", - "type": "github" - }, - "original": { - "owner": "mozilla", - "repo": "nixpkgs-mozilla", - "type": "github" - } - }, - "nixpkgs-mozilla_3": { - "flake": false, - "locked": { - "lastModified": 1740762144, - "narHash": "sha256-I7a6e3IYJAp9u3PwUSW1+oilO1tAfnbeN3/YJQ+ObCo=", - "owner": "mozilla", - "repo": "nixpkgs-mozilla", - "rev": "e35b0e071cae97469d80222be988fdd972b22c3b", - "type": "github" - }, - "original": { - "owner": "mozilla", - "repo": "nixpkgs-mozilla", - "type": "github" + "id": "nixpkgs", + "ref": "nixos-24.05", + "type": "indirect" } }, "nixpkgs_10": { "locked": { - "lastModified": 1750731501, - "narHash": "sha256-Ah4qq+SbwMaGkuXCibyg+Fwn00el4KmI3XFX6htfDuk=", + "lastModified": 1687011986, + "narHash": "sha256-ZNSi/wBw12d7LO8YcZ4aehIlPp4lgSkKbrHaoF80IKI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "69dfebb3d175bde602f612915c5576a41b18486b", + "rev": "2c09e8eb8717e240ef9c5727c1cc9186db9fb309", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" + "id": "nixpkgs", + "type": "indirect" } }, "nixpkgs_11": { "locked": { - "lastModified": 1750506804, - "narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=", + "lastModified": 1686921029, + "narHash": "sha256-J1bX9plPCFhTSh6E3TWn9XSxggBh/zDD4xigyaIQBy8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4206c4cb56751df534751b058295ea61357bbbaa", + "rev": "c7ff1b9b95620ce8728c0d7bd501c458e6da9e04", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable", + "ref": "nixos-23.05", "type": "indirect" } }, "nixpkgs_12": { - "locked": { - "lastModified": 1741462378, - "narHash": "sha256-ZF3YOjq+vTcH51S+qWa1oGA9FgmdJ67nTNPG2OIlXDc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "2d9e4457f8e83120c9fdf6f1707ed0bc603e5ac9", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_13": { - "locked": { - "lastModified": 1741513245, - "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-unstable", - "type": "indirect" - } - }, - "nixpkgs_14": { "locked": { "lastModified": 1687274257, "narHash": "sha256-TutzPriQcZ8FghDhEolnHcYU2oHIG5XWF+/SUBNnAOE=", @@ -678,7 +600,7 @@ "type": "indirect" } }, - "nixpkgs_15": { + "nixpkgs_13": { "locked": { "lastModified": 1724114134, "narHash": "sha256-V/w5MIQy4jTG/L7/V/AL2BF5gSEWCfxHVDQdzLBCV18=", @@ -692,13 +614,41 @@ "type": "indirect" } }, - "nixpkgs_16": { + "nixpkgs_14": { "locked": { - "lastModified": 1741037377, - "narHash": "sha256-SvtvVKHaUX4Owb+PasySwZsoc5VUeTf1px34BByiOxw=", + "lastModified": 1690026219, + "narHash": "sha256-oOduRk/kzQxOBknZXTLSEYd7tk+GoKvr8wV6Ab+t4AU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "02032da4af073d0f6110540c8677f16d4be0117f", + "rev": "f465da166263bc0d4b39dfd4ca28b777c92d4b73", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_15": { + "locked": { + "lastModified": 1689935543, + "narHash": "sha256-6GQ9ib4dA/r1leC5VUpsBo0BmDvNxLjKrX1iyL+h8mc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e43e2448161c0a2c4928abec4e16eae1516571bc", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_16": { + "locked": { + "lastModified": 1689935543, + "narHash": "sha256-6GQ9ib4dA/r1leC5VUpsBo0BmDvNxLjKrX1iyL+h8mc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e43e2448161c0a2c4928abec4e16eae1516571bc", "type": "github" }, "original": { @@ -708,11 +658,11 @@ }, "nixpkgs_17": { "locked": { - "lastModified": 1741037377, - "narHash": "sha256-SvtvVKHaUX4Owb+PasySwZsoc5VUeTf1px34BByiOxw=", + "lastModified": 1695978539, + "narHash": "sha256-lta5HToBZMWZ2hl5CautNSUgIZViR41QxN7JKbMAjgQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "02032da4af073d0f6110540c8677f16d4be0117f", + "rev": "bd9b686c0168041aea600222be0805a0de6e6ab8", "type": "github" }, "original": { @@ -722,25 +672,27 @@ }, "nixpkgs_18": { "locked": { - "lastModified": 1741037377, - "narHash": "sha256-SvtvVKHaUX4Owb+PasySwZsoc5VUeTf1px34BByiOxw=", - "owner": "NixOS", + "lastModified": 1668226844, + "narHash": "sha256-G/S4FBWDAqHeBS/hfXwUCJbnaKnrQFoeeKwzvZEOgxM=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "02032da4af073d0f6110540c8677f16d4be0117f", + "rev": "dd4767bf613bf9553eee6ff37c0996b9c876e7d8", "type": "github" }, "original": { - "id": "nixpkgs", - "type": "indirect" + "owner": "nixos", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" } }, "nixpkgs_19": { "locked": { - "lastModified": 1690026219, - "narHash": "sha256-oOduRk/kzQxOBknZXTLSEYd7tk+GoKvr8wV6Ab+t4AU=", + "lastModified": 1724395761, + "narHash": "sha256-zRkDV/nbrnp3Y8oCADf5ETl1sDrdmAW6/bBVJ8EbIdQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f465da166263bc0d4b39dfd4ca28b777c92d4b73", + "rev": "ae815cee91b417be55d43781eb4b73ae1ecc396c", "type": "github" }, "original": { @@ -764,92 +716,6 @@ "type": "github" } }, - "nixpkgs_20": { - "locked": { - "lastModified": 1724114134, - "narHash": "sha256-V/w5MIQy4jTG/L7/V/AL2BF5gSEWCfxHVDQdzLBCV18=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "f02fa2f654c7bcc45f0e815c29d093da7f1245b4", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_21": { - "locked": { - "lastModified": 1689935543, - "narHash": "sha256-6GQ9ib4dA/r1leC5VUpsBo0BmDvNxLjKrX1iyL+h8mc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "e43e2448161c0a2c4928abec4e16eae1516571bc", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_22": { - "locked": { - "lastModified": 1724114134, - "narHash": "sha256-V/w5MIQy4jTG/L7/V/AL2BF5gSEWCfxHVDQdzLBCV18=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "f02fa2f654c7bcc45f0e815c29d093da7f1245b4", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_23": { - "locked": { - "lastModified": 1695978539, - "narHash": "sha256-lta5HToBZMWZ2hl5CautNSUgIZViR41QxN7JKbMAjgQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "bd9b686c0168041aea600222be0805a0de6e6ab8", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_24": { - "locked": { - "lastModified": 1668226844, - "narHash": "sha256-G/S4FBWDAqHeBS/hfXwUCJbnaKnrQFoeeKwzvZEOgxM=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "dd4767bf613bf9553eee6ff37c0996b9c876e7d8", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_25": { - "locked": { - "lastModified": 1724395761, - "narHash": "sha256-zRkDV/nbrnp3Y8oCADf5ETl1sDrdmAW6/bBVJ8EbIdQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "ae815cee91b417be55d43781eb4b73ae1ecc396c", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, "nixpkgs_3": { "locked": { "lastModified": 1734119587, @@ -896,26 +762,25 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1756787288, - "narHash": "sha256-rw/PHa1cqiePdBxhF66V7R+WAP8WekQ0mCDG4CFqT8Y=", + "lastModified": 1715413075, + "narHash": "sha256-FCi3R1MeS5bVp0M0xTheveP6hhcCYfW/aghSTPebYL4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d0fc30899600b9b3466ddb260fd83deb486c32f1", + "rev": "e4e7a43a9db7e22613accfeb1005cca1b2b1ee0d", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable", "type": "indirect" } }, "nixpkgs_7": { "locked": { - "lastModified": 1751271578, - "narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=", + "lastModified": 1739214665, + "narHash": "sha256-26L8VAu3/1YRxS8MHgBOyOM8xALdo6N0I04PgorE7UM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df", + "rev": "64e75cd44acf21c7933d61d7721e812eac1b5a0a", "type": "github" }, "original": { @@ -961,20 +826,16 @@ "colmena": "colmena", "compsoc_public": "compsoc_public", "flake-utils": "flake-utils_2", + "lix-module": "lix-module", "nixpkgs": "nixpkgs_7", "simple-nixos-mailserver": "simple-nixos-mailserver", "skynet_discord_bot": "skynet_discord_bot", - "skynet_discord_bot_t-800": "skynet_discord_bot_t-800", "skynet_ldap_backend": "skynet_ldap_backend", "skynet_ldap_frontend": "skynet_ldap_frontend", "skynet_website": "skynet_website", - "skynet_website_1996": "skynet_website_1996", - "skynet_website_2003": "skynet_website_2003", - "skynet_website_2006": "skynet_website_2006", - "skynet_website_2016": "skynet_website_2016", - "skynet_website_2022": "skynet_website_2022", + "skynet_website_2009": "skynet_website_2009", + "skynet_website_2017": "skynet_website_2017", "skynet_website_2023": "skynet_website_2023", - "skynet_website_2024": "skynet_website_2024", "skynet_website_games": "skynet_website_games", "skynet_website_wiki": "skynet_website_wiki" } @@ -1017,18 +878,17 @@ "inputs": { "blobs": "blobs", "flake-compat": "flake-compat_2", - "git-hooks": "git-hooks", "nixpkgs": [ "nixpkgs" ], - "nixpkgs-25_05": "nixpkgs-25_05" + "nixpkgs-24_05": "nixpkgs-24_05" }, "locked": { - "lastModified": 1750183846, - "narHash": "sha256-owKJ2rsa/0WVZQAprlbqgVAAGlz3MFuvgNea3+ic4fs=", + "lastModified": 1723233349, + "narHash": "sha256-0NqGJ+wFxmK6DEEvlZ+jGMdDkIaQ+S54kBStwkGUaO8=", "ref": "refs/heads/master", - "rev": "c097bd662c9e1aea8c1fca10d57188e81c5574a0", - "revCount": 743, + "rev": "a98a93cf22cd53a92143703a0a5b6f76438a15ba", + "revCount": 594, "type": "git", "url": "https://forgejo.skynet.ie/Skynet/misc_nixos-mailserver" }, @@ -1041,15 +901,14 @@ "inputs": { "naersk": "naersk_2", "nixpkgs": "nixpkgs_9", - "nixpkgs-mozilla": "nixpkgs-mozilla", "utils": "utils_3" }, "locked": { - "lastModified": 1757592151, - "narHash": "sha256-CumEGWBqR+91Rk7FCCcS9AfLQpJfYwqn8QSGwOAOT7c=", + "lastModified": 1737922006, + "narHash": "sha256-IcD9wXppeoP6SRWIJTV784XiuTKhU7SaKOH2SWscgHM=", "ref": "refs/heads/main", - "rev": "6353d77360c7949a62ada56729b53be106b81a47", - "revCount": 325, + "rev": "5fcc24a867c98be772eec8c6a65eddfbe52ab070", + "revCount": 175, "type": "git", "url": "https://forgejo.skynet.ie/Skynet/discord-bot" }, @@ -1058,40 +917,18 @@ "url": "https://forgejo.skynet.ie/Skynet/discord-bot" } }, - "skynet_discord_bot_t-800": { - "inputs": { - "naersk": "naersk_3", - "nixpkgs": "nixpkgs_11", - "nixpkgs-mozilla": "nixpkgs-mozilla_2", - "utils": "utils_4" - }, - "locked": { - "lastModified": 1752232947, - "narHash": "sha256-WW6gL8JSoJu6p+3Xnea9J8+epWtSOs3O9Sk/+Uz+ZnM=", - "ref": "refs/heads/main", - "rev": "379cc1d431ec8395c368dae773d7c4120bee57d7", - "revCount": 28, - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/discord-bot-t-800" - }, - "original": { - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/discord-bot-t-800" - } - }, "skynet_ldap_backend": { "inputs": { - "naersk": "naersk_4", - "nixpkgs": "nixpkgs_13", - "nixpkgs-mozilla": "nixpkgs-mozilla_3", - "utils": "utils_5" + "naersk": "naersk_3", + "nixpkgs": "nixpkgs_11", + "utils": "utils_4" }, "locked": { - "lastModified": 1757267915, - "narHash": "sha256-cJA/dTc+VCjODKu5WEycBrEZRxd4STzxhpfUK2kIS4g=", + "lastModified": 1731940725, + "narHash": "sha256-W909eUlyTlvS/ty5Ns4p042NuSMppbC0N19zGpVCG0w=", "ref": "refs/heads/main", - "rev": "3d882056bc78707ff57321862522ca8d1fc2a3c1", - "revCount": 252, + "rev": "0b397369d185edee7d890f09786fd3450355d89c", + "revCount": 235, "type": "git", "url": "https://forgejo.skynet.ie/Skynet/ldap_backend" }, @@ -1102,8 +939,8 @@ }, "skynet_ldap_frontend": { "inputs": { - "nixpkgs": "nixpkgs_14", - "utils": "utils_6" + "nixpkgs": "nixpkgs_12", + "utils": "utils_5" }, "locked": { "lastModified": 1727122070, @@ -1121,8 +958,8 @@ }, "skynet_website": { "inputs": { - "nixpkgs": "nixpkgs_15", - "utils": "utils_7" + "nixpkgs": "nixpkgs_13", + "utils": "utils_6" }, "locked": { "lastModified": 1732375016, @@ -1131,156 +968,74 @@ "rev": "8987e33cb709e7f2c30017e77edf9161b87d9885", "revCount": 29, "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2023" + "url": "https://forgejo.skynet.ie/Skynet/website_2017" }, "original": { "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2023" + "url": "https://forgejo.skynet.ie/Skynet/website_2017" } }, - "skynet_website_1996": { + "skynet_website_2009": { "inputs": { - "nixpkgs": "nixpkgs_16", + "nixpkgs": "nixpkgs_14", + "utils": "utils_7" + }, + "locked": { + "lastModified": 1732375097, + "narHash": "sha256-LthEi+y3a+i/VNLBlQZ1v9nkffgJMykMjonFtTt8Yxg=", + "ref": "refs/heads/main", + "rev": "42a1ca5c83a6c21c734d4cc10eec2b06ae25f7ec", + "revCount": 16, + "type": "git", + "url": "https://forgejo.skynet.ie/Skynet/website_2009" + }, + "original": { + "type": "git", + "url": "https://forgejo.skynet.ie/Skynet/website_2009" + } + }, + "skynet_website_2017": { + "inputs": { + "nixpkgs": "nixpkgs_15", "utils": "utils_8" }, "locked": { - "lastModified": 1744118392, - "narHash": "sha256-0W+9obJUFjArArqULQ8pqJuFN5cY5ir0yRZPfhReh8I=", - "ref": "refs/heads/main", - "rev": "19ec9fa4c4dafc68ce8b24653782598834a5405d", - "revCount": 13, + "lastModified": 1689960297, + "narHash": "sha256-+43nNv4RSQMXMRGdN8xVKYs2B13w5FJtefuykYcpywM=", + "rev": "edd922c5b13fa1f520e8e265a3d6e4e189852b99", + "revCount": 6, "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_1996" + "url": "https://forgejo.skynet.ie/Skynet/website_2017" }, "original": { + "rev": "edd922c5b13fa1f520e8e265a3d6e4e189852b99", "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_1996" - } - }, - "skynet_website_2003": { - "inputs": { - "nixpkgs": "nixpkgs_17", - "utils": "utils_9" - }, - "locked": { - "lastModified": 1743721206, - "narHash": "sha256-n9JGscEsckoasfmvpWKJ0kifQp1KPw8MbWPHhmmkLCU=", - "ref": "refs/heads/main", - "rev": "855b4c7139caeb3c520d75c9a02393f74fdb3be1", - "revCount": 14, - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2003" - }, - "original": { - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2003" - } - }, - "skynet_website_2006": { - "inputs": { - "nixpkgs": "nixpkgs_18", - "utils": "utils_10" - }, - "locked": { - "lastModified": 1743715699, - "narHash": "sha256-BgXlk7bT9q+cOE9u74ZfmqxxW0zIHZ/ebLyldO682Zg=", - "ref": "refs/heads/main", - "rev": "616040e0e7636c1e33a06262cc20fb1bf1fb61b6", - "revCount": 15, - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2006" - }, - "original": { - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2006" - } - }, - "skynet_website_2016": { - "inputs": { - "nixpkgs": "nixpkgs_19", - "utils": "utils_11" - }, - "locked": { - "lastModified": 1743722645, - "narHash": "sha256-uelPrPuv/Z3i4NZ01BlbAqmpB4IlA6zaFL4DlaDWHuo=", - "ref": "refs/heads/main", - "rev": "316da6b20fe26a6c4c751e74ee214a23265a8205", - "revCount": 18, - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2016" - }, - "original": { - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2016" - } - }, - "skynet_website_2022": { - "inputs": { - "nixpkgs": "nixpkgs_20", - "utils": "utils_12" - }, - "locked": { - "lastModified": 1743727062, - "narHash": "sha256-myrgO0BU23zCD+mZnLfjmr/txjCWQizqlR72Hjv+E3s=", - "ref": "2022", - "rev": "687a0b1811987cfc27c2e6f5a625c4d59ef577c2", - "revCount": 30, - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2023" - }, - "original": { - "ref": "2022", - "rev": "687a0b1811987cfc27c2e6f5a625c4d59ef577c2", - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2023" + "url": "https://forgejo.skynet.ie/Skynet/website_2017" } }, "skynet_website_2023": { "inputs": { - "nixpkgs": "nixpkgs_21", - "utils": "utils_13" + "nixpkgs": "nixpkgs_16", + "utils": "utils_9" }, "locked": { "lastModified": 1696876711, "narHash": "sha256-WdZQBLTX6WK8iT7FwvD6sNEefGwtAWmzxZzCvvmDxGo=", - "ref": "main", "rev": "c4d61c753292bf73ed41b47b1607cfc92a82a191", "revCount": 12, "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2023" + "url": "https://forgejo.skynet.ie/Skynet/website_2017" }, "original": { - "ref": "main", "rev": "c4d61c753292bf73ed41b47b1607cfc92a82a191", "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2023" - } - }, - "skynet_website_2024": { - "inputs": { - "nixpkgs": "nixpkgs_22", - "utils": "utils_14" - }, - "locked": { - "lastModified": 1732375016, - "narHash": "sha256-Y+bJw85TNOp8N369OV0VrDdm3oDy8CXG+GUuG6pZjbo=", - "ref": "main", - "rev": "8987e33cb709e7f2c30017e77edf9161b87d9885", - "revCount": 29, - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2023" - }, - "original": { - "ref": "main", - "rev": "8987e33cb709e7f2c30017e77edf9161b87d9885", - "type": "git", - "url": "https://forgejo.skynet.ie/Skynet/website_2023" + "url": "https://forgejo.skynet.ie/Skynet/website_2017" } }, "skynet_website_games": { "inputs": { - "nixpkgs": "nixpkgs_23", - "utils": "utils_15" + "nixpkgs": "nixpkgs_17", + "utils": "utils_10" }, "locked": { "lastModified": 1727122069, @@ -1299,15 +1054,15 @@ "skynet_website_wiki": { "inputs": { "alejandra": "alejandra_2", - "nixpkgs": "nixpkgs_25", - "utils": "utils_16" + "nixpkgs": "nixpkgs_19", + "utils": "utils_11" }, "locked": { - "lastModified": 1752925027, - "narHash": "sha256-APuWWdod4L3mgSBXJTukfbB8s37NvzUkju+lELUD7PI=", + "lastModified": 1739580335, + "narHash": "sha256-n9LuI33Ycen3bLS/F5b6df7F61A2wpCRG7Cf1FeVRlc=", "ref": "refs/heads/main", - "rev": "917c316e7606995362b436f5c6248f058c762176", - "revCount": 166, + "rev": "1df4c0bcd32414fee9bd7ef47bed1137d9f4576a", + "revCount": 126, "type": "git", "url": "https://forgejo.skynet.ie/Skynet/wiki" }, @@ -1422,66 +1177,6 @@ "type": "github" } }, - "systems_15": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_16": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_17": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_18": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "systems_2": { "locked": { "lastModified": 1681028828, @@ -1621,99 +1316,9 @@ } }, "utils_10": { - "inputs": { - "systems": "systems_12" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_11": { "inputs": { "systems": "systems_13" }, - "locked": { - "lastModified": 1689068808, - "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_12": { - "inputs": { - "systems": "systems_14" - }, - "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_13": { - "inputs": { - "systems": "systems_15" - }, - "locked": { - "lastModified": 1689068808, - "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_14": { - "inputs": { - "systems": "systems_16" - }, - "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_15": { - "inputs": { - "systems": "systems_17" - }, "locked": { "lastModified": 1694529238, "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", @@ -1728,9 +1333,9 @@ "type": "github" } }, - "utils_16": { + "utils_11": { "inputs": { - "systems": "systems_18" + "systems": "systems_14" }, "locked": { "lastModified": 1710146030, @@ -1766,7 +1371,7 @@ }, "utils_3": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1710146030, @@ -1784,14 +1389,14 @@ }, "utils_4": { "inputs": { - "systems": "systems_6" + "systems": "systems_7" }, "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "lastModified": 1685518550, + "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", "owner": "numtide", "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", "type": "github" }, "original": { @@ -1801,24 +1406,6 @@ } }, "utils_5": { - "inputs": { - "systems": "systems_7" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_6": { "inputs": { "systems": "systems_8" }, @@ -1836,7 +1423,7 @@ "type": "github" } }, - "utils_7": { + "utils_6": { "inputs": { "systems": "systems_9" }, @@ -1854,16 +1441,34 @@ "type": "github" } }, - "utils_8": { + "utils_7": { "inputs": { "systems": "systems_10" }, "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", "owner": "numtide", "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_8": { + "inputs": { + "systems": "systems_11" + }, + "locked": { + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", "type": "github" }, "original": { @@ -1874,14 +1479,14 @@ }, "utils_9": { "inputs": { - "systems": "systems_11" + "systems": "systems_12" }, "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", "owner": "numtide", "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 3053145..2d96432 100644 --- a/flake.nix +++ b/flake.nix @@ -7,6 +7,11 @@ # Return to using unstable once the current master is merged in # nixpkgs.url = "nixpkgs/nixos-unstable"; + lix-module = { + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + # utility stuff flake-utils.url = "github:numtide/flake-utils"; agenix.url = "github:ryantm/agenix"; @@ -27,12 +32,10 @@ ### skynet backend ### ###################### skynet_ldap_backend.url = "git+https://forgejo.skynet.ie/Skynet/ldap_backend"; - # skynet_ldap_backend.url = "git+file:/_college/CompSoc/Skynet/ldap_backend?shallow=1"; skynet_ldap_frontend.url = "git+https://forgejo.skynet.ie/Skynet/ldap_frontend"; skynet_website_wiki.url = "git+https://forgejo.skynet.ie/Skynet/wiki"; skynet_website_games.url = "git+https://forgejo.skynet.ie/Skynet/website_games"; skynet_discord_bot.url = "git+https://forgejo.skynet.ie/Skynet/discord-bot"; - skynet_discord_bot_t-800.url = "git+https://forgejo.skynet.ie/Skynet/discord-bot-t-800"; # for testing a local build # skynet_discord_bot.url = "git+file:/_college/CompSoc/Skynet/discord_bot?shallow=1"; @@ -46,20 +49,19 @@ ################# # this should always point to teh current website - skynet_website.url = "git+https://forgejo.skynet.ie/Skynet/website_2023"; + skynet_website.url = "git+https://forgejo.skynet.ie/Skynet/website_2017"; - # past versions of the current website - skynet_website_2024.url = "git+https://forgejo.skynet.ie/Skynet/website_2023?ref=main&rev=8987e33cb709e7f2c30017e77edf9161b87d9885"; - skynet_website_2023.url = "git+https://forgejo.skynet.ie/Skynet/website_2023?ref=main&rev=c4d61c753292bf73ed41b47b1607cfc92a82a191"; - skynet_website_2022.url = "git+https://forgejo.skynet.ie/Skynet/website_2023?ref=2022&rev=687a0b1811987cfc27c2e6f5a625c4d59ef577c2"; + # these are past versions of teh website + skynet_website_2023.url = "git+https://forgejo.skynet.ie/Skynet/website_2017?rev=c4d61c753292bf73ed41b47b1607cfc92a82a191"; + # this is not 100% right since this is from teh archive from 2022 or so + skynet_website_2017.url = "git+https://forgejo.skynet.ie/Skynet/website_2017?rev=edd922c5b13fa1f520e8e265a3d6e4e189852b99"; - skynet_website_2016.url = "git+https://forgejo.skynet.ie/Skynet/website_2016"; - skynet_website_2006.url = "git+https://forgejo.skynet.ie/Skynet/website_2006"; - skynet_website_2003.url = "git+https://forgejo.skynet.ie/Skynet/website_2003"; - skynet_website_1996.url = "git+https://forgejo.skynet.ie/Skynet/website_1996"; + # this is more of 2012 than 2009 but started in 2009 + skynet_website_2009.url = "git+https://forgejo.skynet.ie/Skynet/website_2009"; }; nixConfig = { + bash-prompt-suffix = "[Skynet Dev] "; extra-substituters = "https://nix-cache.skynet.ie/skynet-cache"; extra-trusted-public-keys = "skynet-cache:zMFLzcRZPhUpjXUy8SF8Cf7KGAZwo98SKrzeXvdWABo="; }; @@ -77,7 +79,7 @@ formatter.x86_64-linux = alejandra.defaultPackage."x86_64-linux"; devShells.x86_64-linux.default = pkgs.mkShell { - name = "Skynet"; + name = "Skynet build env"; nativeBuildInputs = [ pkgs.buildPackages.git colmena.defaultPackage."x86_64-linux" @@ -85,25 +87,14 @@ pkgs.buildPackages.nmap ]; buildInputs = [agenix.packages.x86_64-linux.default]; - shellHook = ''export PROMPT_DIRTRIM=3; export PS1="[Skynet] \w:\$ "''; + shellHook = ''export EDITOR="${pkgs.nano}/bin/nano --nonewlines"; unset LD_LIBRARY_PATH;''; }; colmena = { meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; - overlays = [ - (final: prev: { - inherit - (final.lixPackageSets.stable) - nixpkgs-review - nix-direnv - nix-eval-jobs - nix-fast-build - colmena - ; - }) - ]; + overlays = []; }; specialArgs = { inherit inputs self; diff --git a/machines/_base.nix b/machines/_base.nix index a8f53ff..0fa84e6 100644 --- a/machines/_base.nix +++ b/machines/_base.nix @@ -11,14 +11,18 @@ with lib; let cfg = config.skynet; in { imports = [ - # This is required for LXC to function properly - (modulesPath + "/virtualisation/proxmox-lxc.nix") + # custom lxc mocule until the patch gets merged in + ../applications/proxmox-lxc.nix + # (modulesPath + "/virtualisation/proxmox-lxc.nix") # for the secrets inputs.agenix.nixosModules.default # base application config for all servers ../applications/_base.nix + + # + inputs.lix-module.nixosModules.default ]; options.skynet = { @@ -32,13 +36,7 @@ in { config = { # if its a lxc enable - proxmoxLXC = { - enable = cfg.lxc; - manageNetwork = true; - manageHostName = true; - }; - - age.secrets.root_pw.file = ../secrets/base/root_pass.age; + proxmoxLXC.enable = cfg.lxc; nix = { settings = { @@ -57,10 +55,10 @@ in { # options = "--delete-older-than 30d"; # }; - # to free up to 100GiB whenever there is less than 1GiB left + # to free up to 10GiB whenever there is less than 1GiB left extraOptions = '' - min-free = ${toString (1024 * 1024 * 1024 * 1)} - max-free = ${toString (1024 * 1024 * 1024 * 100)} + min-free = ${toString (1024 * 1024 * 1024)} + max-free = ${toString (1024 * 1024 * 1024 * 10)} ''; }; @@ -71,29 +69,23 @@ in { settings.PermitRootLogin = "prohibit-password"; }; - users = { - mutableUsers = false; + users.users.root = { + initialHashedPassword = ""; - users.root = { - hashedPasswordFile = config.age.secrets.root_pw.path; + openssh.authorizedKeys.keys = [ + # no obligation to have name attached to keys - openssh.authorizedKeys.keys = [ - # no obligation to have name attached to keys + # Root account + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK6DjXTAxesXpQ65l659iAjzEb6VpRaWKSg4AXxifPw9 Skynet Admin" - # Root account - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK6DjXTAxesXpQ65l659iAjzEb6VpRaWKSg4AXxifPw9 Skynet Admin" + # CI/CD key + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDvexq/JjsMqL0G5P38klzoOkHs3IRyXYO1luEJuB5R colmena_key" - # CI/CD key - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDvexq/JjsMqL0G5P38klzoOkHs3IRyXYO1luEJuB5R colmena_key" + # Brendan Golden + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEHNLroAjCVR9Tx382cqdxPZ5KY32r/yoQH1mgsYNqpm Silver_Laptop_WSL_Deb" - # Brendan Golden - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEHNLroAjCVR9Tx382cqdxPZ5KY32r/yoQH1mgsYNqpm Silver_Laptop_WSL_Deb" - - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKjaKI97NY7bki07kxAvo95196NXCaMvI1Dx7dMW05Q1 thenobrainer" - - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDxHpsApRyCvuP2ToGm46G308Og8lO7BYPuz+EqHVU5w esy root" - ]; - }; + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKjaKI97NY7bki07kxAvo95196NXCaMvI1Dx7dMW05Q1 thenobrainer" + ]; }; # skynet-admin-linux will always be added, individual servers can override the groups option @@ -103,8 +95,6 @@ in { # every sever needs to be accessable over ssh for admin use at least firewall.allowedTCPPorts = [22]; - resolvconf.useLocalResolver = false; - resolvconf.extraConfig = "name_servers='193.1.99.120 193.1.99.109'"; # explisitly stating this is good defaultGateway = { address = "193.1.99.65"; @@ -144,7 +134,6 @@ in { traceroute openldap screen - inetutils ]; }; } diff --git a/machines/agentjones.nix b/machines/agentjones.nix index f661104..1fb3c4e 100644 --- a/machines/agentjones.nix +++ b/machines/agentjones.nix @@ -21,7 +21,6 @@ Notes: Used to have Agent Smith as a partner but it died (Ironically) ip = ip_pub; name = name; hostname = hostname; - interface = "eno1"; }; in { imports = [ @@ -45,6 +44,19 @@ in { # keep the wired usb connection alive (front panel) # networking.interfaces.enp0s29u1u5u2.useDHCP = true; + networking.hostName = name; + # this has to be defined for any physical servers + # vms are defined by teh vm host + networking = { + defaultGateway.interface = lib.mkForce "eno1"; + interfaces.eno1.ipv4.addresses = [ + { + address = ip_pub; + prefixLength = 26; + } + ]; + }; + # this server is teh firewall skynet_firewall = { # always good to know oneself diff --git a/machines/ariia.nix b/machines/ariia.nix index 724d115..121dd63 100644 --- a/machines/ariia.nix +++ b/machines/ariia.nix @@ -34,9 +34,7 @@ in { targetPort = 22; targetUser = null; - tags = [ - # "active-core" - ]; + tags = ["active-core"]; }; services.skynet = { diff --git a/machines/glados.nix b/machines/glados.nix index c5be714..5e499d8 100644 --- a/machines/glados.nix +++ b/machines/glados.nix @@ -26,6 +26,7 @@ Notes: Each user has roughly 20gb os storage }; in { imports = [ + ../applications/git/gitlab.nix ../applications/git/forgejo.nix ../applications/git/forgejo_runner.nix ]; @@ -41,6 +42,7 @@ in { services.skynet = { host = host; backup.enable = true; + gitlab.enable = true; forgejo.enable = true; forgejo_runner = { enable = true; diff --git a/machines/kitt.nix b/machines/kitt.nix index 35600c8..71a0fe0 100644 --- a/machines/kitt.nix +++ b/machines/kitt.nix @@ -29,10 +29,8 @@ in { ../applications/ldap/server.nix ../applications/ldap/backend.nix ../applications/discord.nix - ../applications/discord_t-800.nix ../applications/bitwarden/vaultwarden.nix ../applications/bitwarden/bitwarden_sync.nix - ../applications/sso.nix ]; deployment = { @@ -54,12 +52,7 @@ in { # private member services discord_bot.enable = true; - # for logging on our own discord - discord_bot_t-800.enable = true; - # committee/admin services vaultwarden.enable = true; - - sso.enable = true; }; } diff --git a/machines/neuromancer.nix b/machines/neuromancer.nix index ed49d06..6e2cbd9 100644 --- a/machines/neuromancer.nix +++ b/machines/neuromancer.nix @@ -22,13 +22,25 @@ Notes: ip = ip_pub; name = name; hostname = hostname; - interface = "eno1"; }; in { imports = [ ./hardware/RM007.nix ]; + networking.hostName = name; + # this has to be defined for any physical servers + # vms are defined by teh vm host + networking = { + defaultGateway.interface = lib.mkForce "eno1"; + interfaces.eno1.ipv4.addresses = [ + { + address = ip_pub; + prefixLength = 26; + } + ]; + }; + deployment = { targetHost = hostname; targetPort = 22; diff --git a/machines/skynet.nix b/machines/skynet.nix index 546596e..720e9a3 100644 --- a/machines/skynet.nix +++ b/machines/skynet.nix @@ -23,8 +23,6 @@ Notes: Does not host offical sites ip = ip_pub; name = name; hostname = hostname; - interface = "eth1"; - cidr = 28; }; in { imports = [ diff --git a/machines/vendetta.nix b/machines/vendetta.nix index 3244ba6..3cff501 100644 --- a/machines/vendetta.nix +++ b/machines/vendetta.nix @@ -22,14 +22,14 @@ Notes: Using the server that used to be called Earth ip = ip_pub; name = name; hostname = hostname; - # only required for physical servers - interface = "eno1"; }; in { imports = [ ./hardware/RM002.nix ]; + networking.hostName = name; + deployment = { targetHost = ip_pub; targetPort = 22; @@ -38,6 +38,18 @@ in { tags = ["active-dns" "dns"]; }; + networking = { + # needs to have an address statically assigned + + defaultGateway.interface = lib.mkForce "eno1"; + interfaces.eno1.ipv4.addresses = [ + { + address = "193.1.99.120"; + prefixLength = 26; + } + ]; + }; + services.skynet = { host = host; backup.enable = true; diff --git a/secrets/backup/restic.age b/secrets/backup/restic.age index 00a5b35..1910186 100644 Binary files a/secrets/backup/restic.age and b/secrets/backup/restic.age differ diff --git a/secrets/backup/restic_pw.age b/secrets/backup/restic_pw.age index 356b719..ea0bc3b 100644 --- a/secrets/backup/restic_pw.age +++ b/secrets/backup/restic_pw.age @@ -1,21 +1,20 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA kWC0Tr0nlHEelEzS9xAzZ5UwI1vTgeaBS+zQJCxHe1A -dcVKgK28SA4abje/xfC2bqlDzrkThJh0hpsyCtfGPDM --> ssh-ed25519 4PzZog H/hrMeDv4EmuSvR79vX7spZyF6t506ZKVHWHl4HN1wQ -E4+skv4K1fTqG1cIbRqRr89Ti6D78wxEzap3Sl0UZU8 --> ssh-ed25519 dA0vRg SgmoRqftGwIG34Py02bfdEv2HlI6fPBiKmcBmz2VaiI -DKzlODXbQf9xzUzJHlwtIZbGw3qG2ApfssEF1/nZe+Q --> ssh-ed25519 5Nd93w Q8fxVcYwxbeXJzpKCOWH4/D3t8bWSUm9E4spASzIKnQ -80fe2FiI+5OTojxu32OfFJwS3l/cMPr+5tErOr5wmcM --> ssh-ed25519 q8eJgg zgw/JH1HOdTE38Cr/61gcGo6OruuFUCAUJ4wmNHSXWs -l7ta9JGOwCZCjnfui2Zo3PVF+Ge/UoPL0xm5lZ0GGF8 --> ssh-ed25519 KVr8rw CcJymhaWM76X91C0ECPlZqaN2IARwxo1WMZRmlevnzA -syAw8YySWxtDonZ5txKVNynCdziInCzy4u5kv6mH8PU --> ssh-ed25519 fia1eQ 0ocrOjhQ+CEJK8Li3rDegYkMXkBpjAAStjgvVHGQx3Q -YORVM3sEbE6PLVuwfMkxe9gYqTVVT7DGoG+kQcxaPiQ --> ssh-ed25519 Km71ZA 9W2stpyr/9osFppfqBDjeDzZ6ltU+spmBoeWJ+I8sys -C6DGgwvbwW0r1E3L6o7LUOnPo/n8Sl8tGzm3NlsXGcw --> ssh-ed25519 3pl/Kw pm1noozCEdPbd4f8rkSD/gicvfWTEN1kvYp7TLb68Uo -VH2XUbhIf4nYTmp6rkGt99RcI2xxa7F9QXmDp88r1CY ---- lNlQ5pwix455easITfJ8dztlPYg8Pi77sbAsOQF19dI -#@3|K%kxL,5x/QTbz j.7-]2b_>NJam^ C]Vvh|D̀" \ No newline at end of file +-> ssh-ed25519 V1pwNA mGy7a3SPHMxFaJ5S68jaRkPk16Ahxqp7C2YGnK6A4nM +TrEf7fz6yY7G2HXNxhnM4v7QkVrR5D6vdh+eUVbWbdQ +-> ssh-ed25519 4PzZog 5ixIvICVbbk2z8gqvodMAhCevBWdnfmpskWupnpMm04 +r33h6oeu1jQQGs3mP15xtbRq50FGpKwtbbqWbSTQ1jE +-> ssh-ed25519 dA0vRg gUxwHHDBhxpYMxBE+UfTYJ4I8nY7cEdWG1XBSLLWtlY +pNawroXlES4EyNZSUUiEPNy+WNdG9AnHnUl+7qLB5Os +-> ssh-ed25519 5Nd93w AchMesYdEdLHtphyfCumqrdCRFABzNOEf7KfFgQWFAk +Xnier5jnPDl9n8F5r/R4CjBoEvmwAJRLQWnoWoAudec +-> ssh-ed25519 q8eJgg AgmUpmYT5z1qAFZ+uUY5a7huZ8Bhifs1ZuDBlg7ZJxU +kgaKF9t8cEKBc715dNocxA3o+2dwpK8erRo42NzeP9A +-> ssh-ed25519 KVr8rw AafFkG0axLsqGVs/k0DrzLFsKk4uXtqRbJIFhuAmj18 +shiQFq5ZznBovnNXWfTNvSVX/O1X47hK6g13P8r6xN4 +-> ssh-ed25519 fia1eQ AKbaMyAtdDHSpP5taXQQjaunzvO6yZuCOUjgV2+4iDc +yDFZ54QNklvVHUD1AkiaQ0sntqiRxkMGZw9yos/IvcI +-> ssh-ed25519 3pl/Kw KD86EfxdUwpfFW7wqf283Wmdw8o/qnVzXxTCrtNPsWI +L1a9WXktp4a9s1GxF6O7VV14ZPQOp/VqwS286Dqa3Tk +--- +jytGaOhLk0unuAlkbbtAFNde8Z+tKJ/3l3Y3tBgcFQ +VV7P =O]bZjpQKaXINl_v +Hsh3~FW/ ^a\ #/ڇi[fbX \ No newline at end of file diff --git a/secrets/base/root_pass.age b/secrets/base/root_pass.age deleted file mode 100644 index 9269768..0000000 Binary files a/secrets/base/root_pass.age and /dev/null differ diff --git a/secrets/bitwarden/details.age b/secrets/bitwarden/details.age index 173c7e3..7c53a8d 100644 Binary files a/secrets/bitwarden/details.age and b/secrets/bitwarden/details.age differ diff --git a/secrets/bitwarden/id.age b/secrets/bitwarden/id.age index a2c3bc7..7c2ae23 100644 --- a/secrets/bitwarden/id.age +++ b/secrets/bitwarden/id.age @@ -1,21 +1,19 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA 79HhvqifubFk4bhlUPgKbgSplC41o8/uZV27eaeM0SA -mSJ2rkmOlgXyQAXj6pbFoajxCwPzKDBUWRPXqvHrW+8 --> ssh-ed25519 4PzZog w+6c3JxUfEkgvDz7pq+451XSGC64TCNWau9zOGajpjQ -mEdXqG+GpaYVj6ICYPkCyA9ZRNmMtNsxWNeOpYOhkF0 --> ssh-ed25519 dA0vRg Iy3bkGWSkMvk3wH05ETCFqZzUIc835XyJGHXlfmG2VI -ShexjmkSwsEgHR3uj+sftcB49zbp2z40Mi7NN7VYcII --> ssh-ed25519 5Nd93w TM6CtcmxkTqQTP5UVD/1HPijQhMQsYdPrknDREwxtFw -+ld4GvbKQSKAUwMYzDSxtZqiN3OdnWlszYVzOrMbU0Q --> ssh-ed25519 q8eJgg UgE7W6Lf/jdlSs2TpZNX2wRTY3iwQ1MzZE7zAN5Abz0 -oYf9iiAeoVg4RLYWEvw5xyGevxYQiiqELw/NLiBCZWI --> ssh-ed25519 KVr8rw ZtAdKYXNsNCo7MzfBlQrax/sWItsFQtEo/tESJaviXs -Njql6s/+QtIbBmsbMYllDxodpIaBnRaMoojap4jUVwQ --> ssh-ed25519 fia1eQ nIgFm64i5MPK/GvKl35nnXOO4hoD6+mFzJsFeB/6ICw -bJoDOMX3ek/5lVLeI1v99C24l4EwFcXIFAAlTMJb+Co --> ssh-ed25519 Km71ZA sTHVMQlRs5/xewuUa6yFjuqCEqmWlekSwab0z4OWJRc -ExJw8np5XfBSSLo4cwwYoDoi/GxSGKkTn5rcKdMmI34 --> ssh-ed25519 IzAMqA N6d6EYxr2LUzuHrH83h06JE5MGPcqdAMixJH3GZed0Q -+dE0EBX7jPvMv2qMI3mIuiM9TrhFYQwwC/+Ta+DiCNY ---- g8A4+bzRE56xnD8tVagvXopX6VlcS5iJcOcKTxC0ZGk -K!'_*VEJɇ?{&\AurAXwgzƠXÚzؤeN0&ɵ$$&Ɉ: \ No newline at end of file +-> ssh-ed25519 V1pwNA +Bzh++C1+jxdz1VwwhxPpO3XWn8fy7bsP2wX4mlQ63A +1GZxY76fwUOo/t/XeoCOEuxxq+oiU8+GDaasH7VTOkA +-> ssh-ed25519 4PzZog lkqPlBejVuYcBQwAZX96296VjJqyz3Q7J7O7OzfSDmw +x+bGIiw4SYhEePIkF5PLK6KK7EJ8Iay1oQIOJ18DtQY +-> ssh-ed25519 dA0vRg o0tqstSEhdxxdu4Bu8T/r8al3XJpIHvXp7xe8YNbJgo +m1OKX0L8Nn6ZrXI0Sk61fe8JIRbh+os7p0wzCMtdi6Y +-> ssh-ed25519 5Nd93w pYmPUfDB3HfJZDPgNh4Vmdu3UlTimrX4+EtUzSONyw4 +C/URv/SZEtUlI2SBPNTfni4oI+bsYZ/Wq3xilcS6mMc +-> ssh-ed25519 q8eJgg k5Ml805g9vQ5Wv3hozSCAq8EGzvczTfpssrOeBlB+GE +IxRgNIg7Xi1RN9MthSqjsHoaLpsFWoUVd9f+ak9Qm08 +-> ssh-ed25519 KVr8rw 5YvUQVmarpS4FgsFI8EFLz8tucmvs3V3Q8I0hT9q1i8 +Lifm2EUWhv5hDU9mwkOu4fH8zyjEtGXW1qVBbC4dfvs +-> ssh-ed25519 fia1eQ sSzTT/AeSH5y4vyKt1Vl0bnkT11ZXINQi/pGU+M3oh0 +Qm0ktboSsC0/+HBCIsOu2Oa+EAdT/DlStNLRpC+EOtw +-> ssh-ed25519 IzAMqA DhHry81R6JO3xWujL4l3uOmtqvdmk40srcWuXCU03kg +L4AWjbf1+bNXSMfBpC6DTKU1hvql+1mIRemeHZCFXos +--- Jlkn7bKGiezveI2e56iV/3B08/z/JxsJxgyvgZ6WhN0 +|s X#?WٺW(@L [^tnhGc\z^>^D{*.! b \ No newline at end of file diff --git a/secrets/bitwarden/secret.age b/secrets/bitwarden/secret.age index 2b24b47..fde27b6 100644 --- a/secrets/bitwarden/secret.age +++ b/secrets/bitwarden/secret.age @@ -1,21 +1,19 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA UWCmhr1Mj4BVH+0MJ2zBCRQMVYFK+eEp2AhdYTWSRiw -EL7DlSXyemeZtJw+1SO+vSf2NGg/sPEz5r+p3OntrFo --> ssh-ed25519 4PzZog HIqzyRkhsIgOgxBNZK1HBTBUIpHPDZEhIfo9zmXEqzU -2m9H93js26tJJHwM4ce+8DH7oLf3zEBeQ3sT3zHpOP0 --> ssh-ed25519 dA0vRg 1W13Q5mX61EH31BM/FEk7l92Lo/5WuoMLo39wmwVjW4 -raNdTsgJcKlwqmBE+zVEjfL6VPyzHhcMpNrcl6Y6DmY --> ssh-ed25519 5Nd93w 2gYsG5vFoosuvJo+O+eQscfyoLqYBxOReiT5kdV+bBE -82ghrnctaXECGxn77VT6YfGPuDKwfh+dJ/+3/SBTA8Y --> ssh-ed25519 q8eJgg vzSwKw4EzJksqujeJqfg+1YNM3sgp5Zw7Qld+XNS21Y -65wJiSlqdjZm3Ps2Dg4DB0LzPLgwcYQvJgRvRkeblBw --> ssh-ed25519 KVr8rw f2MjAAqmuw4UcgvjkRku9XX+SYqY6oAfgS1ayVDVa3Y -m1nl/CW9GYaCyShT28JZdECirBJdfBoiK3V2tRBrj5o --> ssh-ed25519 fia1eQ Zkvg9fYBubmg81c7NqEp9fRbSLm2WKVDil+DwnfuPlw -NN+1CMVxAstqBT7qqAhL9whaEvyWgsNXgBOSWmjTqtA --> ssh-ed25519 Km71ZA kfU2W/uwQORahVWcg1qYQ5Q2QhZnAkbzjv9As4fJfis -w+rVDQ0oyLGqTT8yVr7mCOV+55dItAcALIa4ABw5bDI --> ssh-ed25519 IzAMqA Ir8ygCowpY6f4egB9xqplPzP4mJFL1sh+JaQVZrtZEk -y679U8nCE9L8seAvVypssgj2p7aZlIW2Q2TgQqHhpoU ---- Dh0JCQdTvVZYtwnzgqEl+WHxOTXmOzr4/TaHz45r+fc -T.0zY'oa.e-%5?(|us;*/˩wУ0Vp \ No newline at end of file +-> ssh-ed25519 V1pwNA ud7vkafWPnZmwU0gvby16a/lB4VVkUhVpqnwvkMdKig +/PR7w91ONFOWIvObEKI+wD9XTxbjqQoMjlar9yqN8D0 +-> ssh-ed25519 4PzZog nttwEm+xO2qLIkb+FqRmDeqbdidUune5CdS9AvHCmUs +raINPneffb9cQ6Zq3Jpwfz0MiIaTtoOI6s+1wB/S5t4 +-> ssh-ed25519 dA0vRg uuSSiAgzEPgfh+VqE2QfB+8fkJlnUJsffF5/3C4Ovx0 +1oFB/dDSQRpcETXb5IxYSqSG7oI8Y0i/myB6IaJqtUc +-> ssh-ed25519 5Nd93w ZZA2ylM3mB4xjxMzLmrYNujWTcjVsgKRzIYVsmPSqXI +30g14yh+pO4moRvnd9Xxe1/QQxmE2h2zHP9mqn8dULc +-> ssh-ed25519 q8eJgg lkPUz5/vn10nmk03AeA1W/6fp3tfyrdLq+kgoR5Cjy0 +fHtjZtjYG18wWhhvZY3cn3FxxJiY41zQg16ltudBue8 +-> ssh-ed25519 KVr8rw E2OijEik9tPfGCeRe+XDV+tKHTOOxojVbG0esTKuLCk +wXIOcUGlmF9GinF+Z81KQNiVACN2pthS1nwCK41IHMA +-> ssh-ed25519 fia1eQ VIfFJCbkM8ZvKKXN3+ZjxXIgK2y9vHpFdQopX25kUAk +utaTUdI2GBRxkDJT6qmxsdbGqjgSRP0ss4ZgQRQhQBM +-> ssh-ed25519 IzAMqA WX0QlrMPSMMvv3KnbOedpKcQrarKBQLHRXThmvveGmU +uz/jl2Ze8sdlCv5G6U1Dn5EiucQ1wlK4+/wwezX6jTI +--- fLAcK+fEa833GdqAvbD+sIr2ViSHQat1WQgPook94Ag +xIi*X|*>!KG7o)EU7U \ No newline at end of file diff --git a/secrets/discord/t-800.age b/secrets/discord/t-800.age deleted file mode 100644 index f9e4878..0000000 Binary files a/secrets/discord/t-800.age and /dev/null differ diff --git a/secrets/discord/token.age b/secrets/discord/token.age index 71485f4..c6c06dd 100644 Binary files a/secrets/discord/token.age and b/secrets/discord/token.age differ diff --git a/secrets/dns_certs.secret.age b/secrets/dns_certs.secret.age index 507273e..f146486 100644 Binary files a/secrets/dns_certs.secret.age and b/secrets/dns_certs.secret.age differ diff --git a/secrets/dns_dnskeys.conf.age b/secrets/dns_dnskeys.conf.age index dc88913..adbf427 100644 Binary files a/secrets/dns_dnskeys.conf.age and b/secrets/dns_dnskeys.conf.age differ diff --git a/secrets/email/details.age b/secrets/email/details.age index e38bd00..d8c9aa5 100644 --- a/secrets/email/details.age +++ b/secrets/email/details.age @@ -1,29 +1,25 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA sW9NG3ZnVZ7XN4iMceA+WNwEmGp5mB8fYRML4JMxTx4 -Ugwsmg4yXfq9YH99RoV2MymOyhHn+WEFbhSq3jOS+Jk --> ssh-ed25519 4PzZog ncbPVDYkLeBV89U+YKVSGRyNDIdLDuN/YV9AiGcYfkY -rifseFii9IZI6t2cDfhi1GXQQRngI8IM+3H8znbMA/0 --> ssh-ed25519 dA0vRg ZU44BDl8VU2ri+qNYEEj8GF4x4gGUQPnr6YlFA5itGk -zV29wfmrtyxEU1JFEm5P7pfkWwzmNpXflfLRsyZ3vCA --> ssh-ed25519 5Nd93w BCqKxqNscTU2iEm4h/78KCzMjRWtHlO3rwZZjq2lJFQ -Y9yLQ33RvcO1g3a1q3w47Y0kgg1NZpdlYk34LrZ69mw --> ssh-ed25519 q8eJgg lWbDTedbgvxvGpMPDWdrghAKO3duh85kaOR+7xsPd3E -MzwcVM+gzJ/IApGVZNNM+RuYp7EKZyxCDjRkipL3aYU --> ssh-ed25519 KVr8rw 8vJTA9ABfwuZyFwhFZD4n187b6gmq7zCLALqp56mFyw -iQ4MtJ1YtYycFi8qCs4N0/nIXccaw2swi9yIvOLmVmA --> ssh-ed25519 fia1eQ hZzB90WDGom3oaOlWlcBg8iAMAfbZGyosgFIa8AiTWI -HekDEc26Y121KRtKLavDD1xKcaClVgn2tGPrgQYWQBo --> ssh-ed25519 Km71ZA uunwnxdg7A6ZGTbV51r5XL/2hJN/VFIUas0TVxid0Xc -zGx6iHfu+rZ9WbtIITtzDk0nzkFCeIRQpdRVoj7dj0E --> ssh-ed25519 IzAMqA 17lTeNgkOhX6iOPix/YeKZyztDHYLu6OIjZOctANpmQ -fu8VIba1ZNy3QvnVk3bPmCA1n6/dcB02epAs0GLb6zE --> ssh-ed25519 uZzB3g I0QOJAnUor5hnoKDlFeSuW82o94zcWcs6VvKTq37lVo -S6o+cem4L12E8V/DzbvL75azwrhLgZJXkxWXuCd4+Z4 --> ssh-ed25519 Hb0ipQ cEsppH2jMi71R0513L/vq7MaFYYWiRrWZKricdhW/H8 -IvRQejJ2AOQAeWUumh4an0LUSBJYMMnOIr9PU8FjYiA --> ssh-ed25519 IzAMqA cL7V3gfdSkpHtkcDhaH0ATTWUzBir09Xhe91wlaGJ14 -GU8IQvHlwyBBONJKufQRwEr7nZy6y36XszV+E97VA94 ---- Nq7IuDZY4GM8UBq0wdEnn/kZEJRdUlmqR75SlX75Q7w -oTjo(RZlmђ&f7;a8B|ӔB/l -g#L"/* ,a.f.Q -ՓoEMV=2q;IawkF\" Q7$.`MRX۰ \ No newline at end of file +-> ssh-ed25519 V1pwNA rR7/KSP2skc5HZDN98g30IIXuNDJsghQWfyVF57glW0 +oSpYnVqLObrE/MQNHonzOmpGk/BcDyMxwPPQauUB8Zo +-> ssh-ed25519 4PzZog bUKm5Fqx40JQ/8BdJvP15xQvIjwTAxuAqsoPIAyRDi0 +xGvp4hTdaiqD7cxjJTjmJHgehY8VCOVqvvXNIQoGrRU +-> ssh-ed25519 dA0vRg Ty2EEwt35A8ZigOkVmYlLgXbMePI3WALtM1McsFtQnQ +ygu01cCNYlaW9e0APNrDGPjfJE1KkNq1nqi5d6fwqm8 +-> ssh-ed25519 5Nd93w UwOXbO00n1/2pxpz98BZ7yIaEr1PXEvOg7F3Nl80yTY ++E2VbVQXngXUHUQlc2P6ebU0/anioRu/EZgpdf/N8/Q +-> ssh-ed25519 q8eJgg 82IpLMlE/9Wp4fD8PHIiKsff9jJYJtoPF58xCnb6GAU +Ip27egoy6jMgvvTRg6q5NXeTlv9EFhK9PM8rCFu8LhU +-> ssh-ed25519 KVr8rw xEE59aHcuIIB/5pbH3bZuZQ7W2CDUCoyT6EmdOWiZ2s +2uaA7Nx8DNbmGvY/ns/DRHZ1zTZ+JifkR4eVtSzCRd8 +-> ssh-ed25519 fia1eQ /YtGDHVjZTzDO7baOphkGvY0zCgElNT9UMpMhhjFCEw +03+ungOpBCqgTj/kyH1hz1LWTHSlkZ6Qb0c4i9bwOZ0 +-> ssh-ed25519 IzAMqA kSa3Kbz9SyIe1pXTBi39RxVMi6QQV0rjAPgdbEmmJRA +SO7M5B6LR1aZ8r7mFjFAF+Zl1tlsq3j/3/BVkSPWFcE +-> ssh-ed25519 uZzB3g 1WjjfJ50NZO2C7qKp4WOtDHEUlkF0CFmiehMsY8/6Wk +TP6FwDJp0nKd+FaB0tnZa9XoD8tQponT8wK2xZ/k/A4 +-> ssh-ed25519 Hb0ipQ vRwS9w7tO0yryHoip+sqbsD67lqXLD+6hJDNi9YClAU +NiIy//77gNuQ9UJgvt1UPqD99QJzfbh4WFld7Ln0GtE +-> ssh-ed25519 IzAMqA J5spaIE4OAKJsvd1hOy3M2cCbmAG0/9l0dsnKlZfxi4 +RT95kFe4vKr0HQVz+6Gfm7pat7HvSahle2zMhEaQ8DM +--- ag6/92VREDBr8oQUKcFbj25qK4gcMdHa+ej3hf+igbc +r:f)s;˲fI[g<'3rrkיB+cW|~7ϵU} ECq!j71VS4G8i9:Hl9VDmnvS \ No newline at end of file diff --git a/secrets/forgejo/runners/ssh.age b/secrets/forgejo/runners/ssh.age index ec1e6ff..ffda5eb 100644 Binary files a/secrets/forgejo/runners/ssh.age and b/secrets/forgejo/runners/ssh.age differ diff --git a/secrets/forgejo/runners/token1.age b/secrets/forgejo/runners/token1.age index 723b2c9..50ad61e 100644 Binary files a/secrets/forgejo/runners/token1.age and b/secrets/forgejo/runners/token1.age differ diff --git a/secrets/forgejo/runners/token2.age b/secrets/forgejo/runners/token2.age index 5360a17..3c1c894 100644 --- a/secrets/forgejo/runners/token2.age +++ b/secrets/forgejo/runners/token2.age @@ -1,23 +1,21 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA Lw89KnIDDurZQ0UaqDS1utTrKCGXR+Uxs3od/5n09io -1JECYcXRBNWwzoagvEKeoWoW2d8da15eWPfTD8nKqX0 --> ssh-ed25519 4PzZog LB5CnkEPX2RH8vWdD15KMs/qgNbw3e7G8qCV1CMf8kE -pO77W91WR/8MRPLIuJrLk5ib9CPp7xHuUmTS8fmQ3KM --> ssh-ed25519 dA0vRg QhtuGTY1MEpEjRahnU3WtON6Xda7y3HvGXpB3HcDfBk -6sCAQhU4K2nQ5pMbGYY75TKUXxZ4BKHCb6sOHMAuNEA --> ssh-ed25519 5Nd93w 2QcbhnmxOkTrRUMrHR4X3spMUnsLXN9DDnh49qFAYx0 -SD47vo7tOPWmvXR2wTj+BSsxJUqnlXOu8HlTEOExeC4 --> ssh-ed25519 q8eJgg 9TqmbSDG4KOl14FNZmZKFZ5Q/60K657phquz+qpIgyU -odOvsccHqgXoC7WgKcFjJDm5it9ZGm5ifjU2pt5hQZ4 --> ssh-ed25519 KVr8rw w0fZq3VUrN8wi4UrhMUfrviUiaWl4Ol+tbTXN/urISs -TY+dO2Z6TmN9DBPuo1vyxgeXbDcqZlRoP+Q1IN6O/ks --> ssh-ed25519 fia1eQ 5Aqk1jkUQkomeBioV7LAPMzurJ1dHdYHbzLHXH7mrRQ -j+7aPUOeJAI10FL4DjXKlYEkC25gM7TNy/X5vFk68+8 --> ssh-ed25519 Km71ZA S9le6/bZxnkPVuCLqiYc8VMk8LXlk0BVJUtJYc/CmB4 -DTjvS3wBo+RHy0klprrgKS1wYAMAkfzPkpw/ip7KwpE --> ssh-ed25519 CqOTGQ xba3GuenbljaFEcgaX5UknPWjJSyQOMBaJSGk4VHZg4 -uzGnhgquJHT4+0zop9wNg6Fm8ka/9Ri1yPjw65VnGtA --> ssh-ed25519 uZzB3g WaU+50ui82IQHobA1QB62WX7bnjgxSVy9LAGjYifuHI -H0O4GIRchLil79zqim5v46RT8Xbu5zi0dKSRPiT6kHc ---- vg0SOy4LbcYEcxJMe6lbREFPPcxrRI/dJM7Lx3VC1rQ -bxmV^h0l@^RyS\rյ;@t~UYM)A?ƲW˹m,1I \ No newline at end of file +-> ssh-ed25519 V1pwNA DmSENr+7db9t/epcMdOAjr2qt4rSHWopkuS3/xyz+xY +ClfO4iYTReIp6jvUBqQutkXx4XRJ++u8EsspNdDZ8kw +-> ssh-ed25519 4PzZog QzQ5iPiSSruoDS+PDNI+/6PnIYEnnFTvnrxK4W2ZK3Y +iTETtsauc6clML06hoMr7kinsOirURTECfB/PzJaFT4 +-> ssh-ed25519 dA0vRg UCPTgYh2/8JTajlTIgvk64eKNNMHe4ZxIDILxIGAL18 +Qj0ZS/iNwusCONf9Rh05ftd4cHSmWz7bLZ8HHtQewMo +-> ssh-ed25519 5Nd93w D/87p469o+CW9TOqQb4C+3a9+xRvZ4bzk7vr0wXhdRk +E/uvMfpOPvWosWS4s18f+xmexQcpJ0NED1N35pL5IjI +-> ssh-ed25519 q8eJgg pSW+R1LjAdCTL/ys1X93jSSC+ga1phB8iYqAJ1Ic0yw +IFl+195woVbHjz23w3mxBPkjtbfke3C+jYacWWKOpio +-> ssh-ed25519 KVr8rw KfPs+1IA7M7dYqkUW9vty+xl/8loMZDgVFee/ZR+F0M +mTK9yjQR18aKfw/xEdfsnGXPKxqDi1bKPj2mLtB2Xg4 +-> ssh-ed25519 fia1eQ M7nASBk9cGmZmMHf115JAazAEx3tS+sIVB49KlXltWc +YJ48iqVSJQooltbXvw+olKC4ZZt9a92TR2uQ0xROAPY +-> ssh-ed25519 CqOTGQ CeIqatgAbFS8oNy3fOOJdIkLM0X9AwV2zbpQHcOcICM +qAHOkFsbM5fTxcpLFz9Iz16MVBA1oVqlxUADrLxDRrA +-> ssh-ed25519 uZzB3g eA/GpdA5UKoleGcq9BHwj59Hz86YX7oF3LoG6zZ1ogE +sIs5D3s72gVGglG37S0eDLUTEzuy2U9Nbi03aOJ3W4c +--- rkCxZNLeKI9HMNZnwiFRaL1AsIUYtXYJT/YyJ1UMRqc +!Vp-p|_to Ukt`@ xzWں GF=]iY;YOi}J/, \ No newline at end of file diff --git a/secrets/gitlab/db_pw.age b/secrets/gitlab/db_pw.age index 2c4ae22..ea6ef85 100644 --- a/secrets/gitlab/db_pw.age +++ b/secrets/gitlab/db_pw.age @@ -1,22 +1,20 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA eBmTDM8WFdWOVP2Le1Y4+CZOeSg7e4xcxz0eYuxUWkQ -kXjJVAipfCM1Dp8bsbGK8oul9M0P6BLfR6uAC/MQEQI --> ssh-ed25519 4PzZog Q8DfBkyfVx6p5mrG4yrg7KGJCDoNzWdK7p9p/01OsTM -xEf80sJAlQXlIVngSZJWI/TNG+EXonJoR32duCOXByI --> ssh-ed25519 dA0vRg 5BeYWRbucBHgT2idvjbvffbsx+74xbVRk05f2Qg0Cl4 -56nJgkCp46o0XbBCwcrF5pyEHnlbvZ37tfYbKVjxTOQ --> ssh-ed25519 5Nd93w gL9Qox74O8yoM/a111CKQLaZDXkfwhrjth1PzaGrnTs -F9uyWwr0VO+87bejL4vBsuLko9bHNS626IH5hyPBkoQ --> ssh-ed25519 q8eJgg ql4rSMWPNB+MXNl4cUNC5TuJFYjRv6G6RvXqRLDdtHw -vmJbCOvWOM31FScQQgZXSBNEYh7O08RD8ZO4TZtgu5U --> ssh-ed25519 KVr8rw oE4h+ZaE+/VDLAuvBDsMmXSHDM89vgnFiomODKRGGU0 -j7Xh0YMOhNGhYnl8K1L+mhkuZqHV3oi0noVirHIV6sc --> ssh-ed25519 fia1eQ guH1BFGIkSyaKjP5QTOLIYgtdMdrHTChZdv2uXD6qgY -SHlvS6Xdzsld//ANiSDHbGMrBp4oUztRqRJyVaUw+no --> ssh-ed25519 Km71ZA xP0F1MFUkOZ1yNdBbHj1+qA/E6xM6YJjcBccVkV3rlg -A4JFqXV27j0yju5irMf3lBBQE3fIj7WHK9bzvxZhJxU --> ssh-ed25519 uZzB3g Aikhv5OldExETFRpxoeTx5NoHsZJAm2TAzne9KBr8wM -2BSDOfseGgPiHtAHWUIA/rp9uWAPdCvMsvWHRkkFPro ---- gYotGSlSz4Z/ZrzBWpDlP5Pv+Br8WKNrbibDsvAk1uo -;Ko"C -sOs E&&JGʋm">riӦNlQs.bj 8K4@hAֵʵ(߳YمǝqwU Z$L\Z:K'"ۀ_\'^Th;{ܵ. ssh-ed25519 V1pwNA TtxqHD3bJI046SXF61CKfpDRI+HHTRpc/iznIMdQiUs +WWgm2OdnPjj29tIrAMa2sJCNEaR2iTAl/hMfPLv2QoY +-> ssh-ed25519 4PzZog 0I9h+D7DjRwupkHWDUKIxJlVBUWwbCTR1nx8UcEm6Xg +NIYzimYGAo8ou93B/tzjmB1K7hu2tXy4XMRiwlDqI0k +-> ssh-ed25519 dA0vRg 1U+1fUueu2k7FaY8GVN4BAbiF71OvKbGOC4oZ4mV3ko +/fKxmEFW/L9A/1fDIteeTcz/SOv24HNct88oakdAkn0 +-> ssh-ed25519 5Nd93w IjwMC1ZruM915vwA+lExdIq/OFT/4SlWgwOm9xgUPAQ +mOOTbPdcDjORB1GhS0m4/p3MA6TfHXzWXvAMzKhw/n0 +-> ssh-ed25519 q8eJgg mODUrCPf9GAix0jaPaKUs4ws1D9BM4huHbK2mst0SH4 +7qbxM/Wa9pMpB7TjQZgBojXR5qDJUBZvplsrI6EdSO0 +-> ssh-ed25519 KVr8rw ybBiUHmEOyesWxdTEa1LPwI5J/PQaxYi02QJCAuYyGA +LoRQ15hQdVGLj9pJY3TabBFhtPGBvU+bnAa2dzrkOY4 +-> ssh-ed25519 fia1eQ Qu2RTOQiZY9i2SDs0NVlA1zcert0oFcFA3mXDDl59G0 +6akg1POXrvIrzITX6B8yTDw3cCqlxsD0k40mYnv5r/Y +-> ssh-ed25519 uZzB3g xNdZ8eSTFQZ/RcrNR4BpedX2pfceZwPjvgt9Wd8rMwo +kMxoKyE0bjXEZ9tNykOUMZ0uHkqdx///QJB5QnLRhcA +--- 1DKMo46SYm7JlzFo3nZwtaK21TFmapfXqxXzxMXWb0Y +8̋},^mmHv`#?0>ّX;λ LV8=]ԬsEhɂL(`"ZKc1.|G??ep_ۤ +᷎zuPqϪ9SVv~I4 \ No newline at end of file diff --git a/secrets/gitlab/ldap_pw.age b/secrets/gitlab/ldap_pw.age index 9679193..3cdcb5b 100644 --- a/secrets/gitlab/ldap_pw.age +++ b/secrets/gitlab/ldap_pw.age @@ -1,22 +1,19 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA dHoon26BhGIqe6TjYS7Q93OC2vhr64B7ofHzX8FiJxk -EcH7j44+zOHBcJOw0AwpziXtUPxOH//MGacSa7rDNT0 --> ssh-ed25519 4PzZog CrrMq81Ep/Gm9qYcZjRJ1IpXtFGp/1XDfBCB6OSGbiY -gJ+PFL0Sx7izMk54jJr3LPvfZ9DMQP5/FjAXkRw/mkc --> ssh-ed25519 dA0vRg r5S3Fqlmqeeeu75r9COpp4mS07YWY0HP11zby9AjCyY -DGkeIp0M6dIA4WM4KYVZiwalHjou6qzLOFUnksIPU2Q --> ssh-ed25519 5Nd93w bm2DM8tuydnEqbcM7/aMgHtU/cnnfENGHgMgXPft414 -7bFV4Mx/gSaEM7+rJbqjjuod0U7tl8ODbK1+qY7gtmE --> ssh-ed25519 q8eJgg 35Ce/4wweXHadDG1ryl1d53G7IxEOwOFQATYgC6WzBY -5va0fHjZXbH/2ZAFioTcmyeFCid8vrgTFXK6wR/ranA --> ssh-ed25519 KVr8rw dyfXPAGfWlbmjpiol87idweWsU/c1v4gwq18Y/4oZBo -MiuhfBeQeMlHsi7hz0OgOiLIbFjeSaUoJ+xlIHkAmpY --> ssh-ed25519 fia1eQ +GTfP3+0hcdmM9qtZvUw2bZ+32guClfXwRTfvOg5Tzc -8gSAdoh1DRoiD6KTpm5F/hFvT02/3bf4ayD/dICjpTs --> ssh-ed25519 Km71ZA g3doqjZJ0GP9PgkZ5l/ePPxI3gyvILvrQAx4En6r2kA -O2lJGGq/LLsjtzwnfyUSD8Avw+5KbuNGd5XA8FwWJOw --> ssh-ed25519 uZzB3g 79FGgQhIwzLPTKUBhv6RdT3RqBe+JRb3DYLPt5mAPDg -gp9dUDfNPnhAX75SJhFxBmyNdaH8umAQcYzjBHkPEoo ---- XZ+0tCvAK9SgY5daynCjTqE5M0N3ip+wVIg8o/18AEs -`T6,NH]*qzC'T -#\Lb0zB F̽H@ s! "z֫8j} %FEi 䅎Bf@AJq}cUC=%s&lbpˀ\ ssh-ed25519 V1pwNA 2mRcx22kddqldRvOQY7i32z0sMwCuGlbCkJJ8vlJKDY +aL+OgWP6uTute1b5dlPG5Tz12KHeFlCG/Su9+MBTceo +-> ssh-ed25519 4PzZog 67PxsXDuqXhmcyvNAu2jZrDtd+XgUQnEakPw4pR150Y +nOCZQmAhHCptlAz134hin/UKKpuIL+ueRJ7Kzhf5Aiw +-> ssh-ed25519 dA0vRg tiN/eg2X6g4x6KndLJs6ze8i8brhXcsBqP1ZWq2s0T4 +1lx0Qqo81L12eIG4XfQUWYgpimEfgaPweZQ65GTHSaI +-> ssh-ed25519 5Nd93w Iq6wxlnODEkmZaYpf1s3XxKmROa/JwXLdXOtCpXuM3g +0oENjjsAh2c5tIHNEghw1TE50xRfU5yWHnZenYT2UgA +-> ssh-ed25519 q8eJgg HrJ8YlZTp7YhRpKpv5ZBUbxv/777ATRtYzcbGH1JVhI +Cytu763lKuwmLLUhFJo8VunzHxYn75YRLiN3vnhxyL0 +-> ssh-ed25519 KVr8rw s60G0Eusw0rEW3woOFeE++5C4vI8L6NOUXATml2egBo +tPGsNcE3H9crSOCXCkktBzjRq5JyaGvgmx0ZIs3ehOQ +-> ssh-ed25519 fia1eQ P7oFu5pYYdJu2fcqTYbKuENBWiFnNVQxg2N8QAXNVhg +aZUyPG6FpfFo7GixaofYbCeajExpKFME6PBb6fTzk6s +-> ssh-ed25519 uZzB3g hP2SPeZNhsmePX55N6g4Y8q2KIwRONPBEAqSp273Mzk +y2c9S06vYQl9v0G/7IrbEx+kGv3DOnpz6+9+vo1o1wA +--- 7prlMrCmXuXHtiD1+44Pg0LV05OvyIEF9fYkCiLEv1k +_2":Go*.T5.(N4OS6U1 CcO[Q Z#I1 cӍM;/~`=&'?n}e#/q ۱`xjh:?Υ/J3.+OxkYbkdϏ \ No newline at end of file diff --git a/secrets/gitlab/pw.age b/secrets/gitlab/pw.age index e629115..6ef6846 100644 Binary files a/secrets/gitlab/pw.age and b/secrets/gitlab/pw.age differ diff --git a/secrets/gitlab/runners/runner01.age b/secrets/gitlab/runners/runner01.age index 802b8a2..59a5614 100644 Binary files a/secrets/gitlab/runners/runner01.age and b/secrets/gitlab/runners/runner01.age differ diff --git a/secrets/gitlab/runners/runner02.age b/secrets/gitlab/runners/runner02.age index d1517c4..4df759a 100644 Binary files a/secrets/gitlab/runners/runner02.age and b/secrets/gitlab/runners/runner02.age differ diff --git a/secrets/gitlab/secrets_db.age b/secrets/gitlab/secrets_db.age index 12efa5d..3043014 100644 Binary files a/secrets/gitlab/secrets_db.age and b/secrets/gitlab/secrets_db.age differ diff --git a/secrets/gitlab/secrets_jws.age b/secrets/gitlab/secrets_jws.age index df1c17f..25926fd 100644 Binary files a/secrets/gitlab/secrets_jws.age and b/secrets/gitlab/secrets_jws.age differ diff --git a/secrets/gitlab/secrets_otp.age b/secrets/gitlab/secrets_otp.age index e2f666b..7cc8e30 100644 Binary files a/secrets/gitlab/secrets_otp.age and b/secrets/gitlab/secrets_otp.age differ diff --git a/secrets/gitlab/secrets_secret.age b/secrets/gitlab/secrets_secret.age index 54feb45..60b9321 100644 Binary files a/secrets/gitlab/secrets_secret.age and b/secrets/gitlab/secrets_secret.age differ diff --git a/secrets/grafana/pw.age b/secrets/grafana/pw.age index f9285e2..ace35e4 100644 --- a/secrets/grafana/pw.age +++ b/secrets/grafana/pw.age @@ -1,21 +1,19 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA sIoha/7vcAIuauOaV8gQA1spz0NZWfcc4rr2zgUP2k8 -+XELN1EFpMnDsVYgPnSaRm4qduSY+80RCfEFnBPCj/0 --> ssh-ed25519 4PzZog ffub2ZpZEkysUNemtue5UroJj+/Oxi+nIstX7/txi2w -MsvvInOvekc27UTViomCZbeikTKm1vqTKsanOpeSQ8c --> ssh-ed25519 dA0vRg ymDF91ZONYNjDV5Gktf0at2kUkfYbPSja9iWOqcBxVk -gw7IgyRSVKfxeebADqYH7z+TZJcWIMS3g14U3FrDS7c --> ssh-ed25519 5Nd93w n17TARvCsIOmSp0WjZQEczLCFsAVYf9lDlJDdZeqzFU -gRRE87qCSiKevHShj1k0bw+kwOVblwhMGh94WRYdqIM --> ssh-ed25519 q8eJgg 7ZJM3hSRIaQSpMnE594tD3qsufP0IwI5ngmitx/SW34 -Yibvj3cTOT6TOHSFBgeBwpXbGNFjeYs+oNjbfP3GRgc --> ssh-ed25519 KVr8rw O8njcmXqC4uurmzk0MLECH/pVlVqA0dqM9uL00vKlls -h1dhNulCkCc3O8GmNSt67dxK2XhibTJHxx2loo2Y26s --> ssh-ed25519 fia1eQ NE6qJvq6AK7bIlbq7QSJqQwpGv6cgQFv/L/6MXOQUzI -uk1G8a1cECFkjbt7bjcXOYQDHcTBCQwhyqcTg3pIC0o --> ssh-ed25519 Km71ZA wQh+XFb10AF8fdeDGM3mMJG6N43ej48QML69Xa+xFHQ -eDuMG3MT8EuzS+QCAHLUi1NhRWp67jJamSL5iUQKi9c --> ssh-ed25519 IpLDOw wTE9a1YrhG1NqYTOBoihrNH3xt2fKOmGHvx5liEfeHM -Rv9+kBZamBTDS8XGRaTsuUW/t6p5kYnbfNyyZY5n590 ---- 2HVyulzZ1Z3kQSSDH6HN/mu8uT+u8yohmt0bpe/VNQw -M\$0giSmlgJJ_yJ<.l< c~84vGP$ ˉN{5c \ No newline at end of file +-> ssh-ed25519 V1pwNA CGCG7vFUJ9hUdJWRax68aDpHZEREFnrjo3expN7oUTM +/eCKERrmnmceosD45BENTxtoyLmjGmGVvxkGWAtCRyI +-> ssh-ed25519 4PzZog DSUIoivSmbzN0AvKIPXhtjTBft9D9AaRioe6biuh6XQ +XlV7xKGi2BY+sCgJCEiSB9AlpXFoQnbeIxKxNhPRetY +-> ssh-ed25519 dA0vRg sYBG5Ld7lMw+cm5zUgVR9Bi8YVwDrRglII36Tj8Jfl8 +cQMY6UyMrRtfoU6mn0pg47Vf4DB2KcjwiRHEmvU/Rmg +-> ssh-ed25519 5Nd93w H3k1nFMs8wkqsVKzGp3n4CE7MuyxJWRZ+xgSgDbnuzw +2fff1rsfvE5NikWjF9gkvHuthgLKLOey3PebYG26yNs +-> ssh-ed25519 q8eJgg UR21V4UAJ7/ALE7IcfMVYO3mD2jbanhBu1fj1iEjpBI +8Yl7/sLlQmCvGJvKZt1B4lJMSnPt6gHi/k1u6Gm2sII +-> ssh-ed25519 KVr8rw ur14/Gp1Z9ODFFVaUf50i4+ELKy9RHmsXjbaj5h9IGI +FTZn1ZuBixaehBW3hnVjfXrt2m8co1KSp5aUTA+TRdg +-> ssh-ed25519 fia1eQ 5bmpon54otL6GnIhyYT7CbLuCR8vk0td3kPBGxsSWCU +PSngrN6yQODB/Vmu8ka3vvDv5DkShktyOWrhzC9K1LQ +-> ssh-ed25519 rmrvjw J6YtkhTuDaUtc8LUp/zfvQD3LST00arsbe37bZw4nAY +r3TDmtyB0Cc7Mx8EXb1yytvpF3+4//6cy4jkK+cWTls +--- mSjAJK/sd2Qj4Ffuee/T5LTADcNLVTCcKL/4VlqZvd0 +RU$iUXsf_o/&c&{*ي/h\L[%=,Qq \ No newline at end of file diff --git a/secrets/keycloak/pw.age b/secrets/keycloak/pw.age deleted file mode 100644 index 6165130..0000000 --- a/secrets/keycloak/pw.age +++ /dev/null @@ -1,22 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 V1pwNA lV3ABJKTunaYK+s7681CNJBvp0JM/OhSSnkQ2pF5lGk -VokFm+m3stF3HjebxOBmIiWTQqmBaSR+RiWQE6dMQJw --> ssh-ed25519 4PzZog EDXgO1cHPd8xxDbmL/lunkG3McC4a/wzBlFe16ByHS0 -eTNXJMKNSCesEXT0XAuZEhhCyX7eumglnIJ/00y+WTk --> ssh-ed25519 dA0vRg sKq17tK9/rB+VNTYQ/aoTzEcfzeMJTkN+a/Oz0+g9ks -TNrHE3fFaAEMrrJ1264rh3UbJ8jBTxGSaeVPWzX3y3o --> ssh-ed25519 5Nd93w UkQintKS9V/5QH4arHtPKPe33ktNhE4Jl7illmlNuXQ -u0t1110eebk8SYm5e4jI+d1vOSvUCZRJGIqNZ/WmdPs --> ssh-ed25519 q8eJgg uBJUJaR7prW8b/jjhXBjax5lVsnGYpifqZVqExVivyo -hp2Y6RPzNaPZaX4sgOWVStdVWHe8taocUhToaojni4I --> ssh-ed25519 KVr8rw /j1ASDGc0GM7/Rt6RgBj2u2rlARs+iJixYR2gGFvshU -JRPezd9xI6o89hX74agVVLAtX1Lp7dgjkr5ndQfDjSw --> ssh-ed25519 fia1eQ +NO/LIWFudIdovclnaX55jr/x52Rs4sHbP4jxepYHEk -0ykDlD2um8a9gUea1JXrGfP6QsPV+DWIPqfD5cbvCCo --> ssh-ed25519 Km71ZA lAJq3SkNxUWZcmwMWyWrCaCrzyjnJK2A4G2kysZdvGU -wmxgYru5pzJkfkTP8CmI9z8GeqpJdgGO4BmbLWPJ4Jw --> ssh-ed25519 IzAMqA 0yLa+jpL+6w8TvvbFM5IUUrpUncc8HLxuDjKM4t7mC8 -QeeibbBquSOjVimgtszMPTxzgsVUNui1euB4knkzwL0 ---- K9L+f43VUTIuWWMG8Zuzw+27zIPe6l/ortS4i+XhdHc -$sey^$"+ӂM;x?a23/ k'NXiV ",V - @`G% \ No newline at end of file diff --git a/secrets/ldap/details.age b/secrets/ldap/details.age index da4439d..3317f9c 100644 Binary files a/secrets/ldap/details.age and b/secrets/ldap/details.age differ diff --git a/secrets/ldap/pw.age b/secrets/ldap/pw.age index 565793e..e5deda4 100644 --- a/secrets/ldap/pw.age +++ b/secrets/ldap/pw.age @@ -1,27 +1,26 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA qDFD8i1k1rzDBYBtXj6sYiQdmfGhDfXS5vMcYRF32Gs -7zO8QwPzrrqH6JPBRuasWwUw2/O1siBySFvHSp5j0n0 --> ssh-ed25519 4PzZog u2Eg6RB/AmN5GtU/d/WfaJPew8reKZnC8C8AZWVnYRY -5tGVoNyuPKbCQSHnEy61rfuG59t1aEY1XQRJNmuj21E --> ssh-ed25519 dA0vRg wkxiozefM16DTQAF7Ts74MP6R7jZ0FormDqg4SJkjzs -ee9kJkSDUwm3feZhBcsUeWvG90Cy6X+qwuL/PpLSKHI --> ssh-ed25519 5Nd93w LwnaKhjUgCrVDxj0G5WTwHuzjN+nWLApK8LBgXeJAxI -WNicDBw71xFfnSn1R9f0XeAnGPHAfc0QCj9yjHk2Ra0 --> ssh-ed25519 q8eJgg fgH9K/UiFJaCiV/NPDu1RbkMMH6tumir0qhO0gfKGTs -bycdxFG/VHcSbd1g9Ou36sZeTdUarIG5Hyn+Nji6MHk --> ssh-ed25519 KVr8rw 1we04j3ymB7zbOJnarg67KzI/yMiQHr1ytBS8PxVywM -Jjq2uJtOAn62PeTJX021zHgCd6yPkxRnSt4IFc/T6Xc --> ssh-ed25519 fia1eQ 3ywHsF86PLUY5Vr4hE4DI62bsGgA3iU4QFEk9SvHWHU -TvkQ/+gQJ3DXnvpD6U+jKS4EG6kIJa+nX08nUJFs1Wg --> ssh-ed25519 Km71ZA IG4kxxGPSU/CvwDfTjlp1hUgmnzRqK+YCYTfd1qLgxA -B3cTR3mZkipgVe9tdU4re/GYuSlSDdI6Bok7yHPhhOQ --> ssh-ed25519 IzAMqA /eXLqE1/nW5vpiaCC+NH3ytm1XrjQPgKo2rR7igOyBE -EUsEQWWTaS3uhOu/ayZNlwYw3vY7Rb2IeYl6QOelmY8 --> ssh-ed25519 uZzB3g 5SrR6ZP2zqFHCLeykkmpeR+Km4/4ml2AcPnOAxgpq1k -BD5IXtf2/S+ME5mPHPu/yQVqQ02+aivLLV84fBSeq+Y --> ssh-ed25519 Hb0ipQ 5z6PimjHhHU2bXtloaoYqcJk0/S/mrmXqs4u8TJjPnE -2I+d+g8Xivns+fT9W9Ws6rYCcMXJamuZ+uBnXcukcFY --> ssh-ed25519 IzAMqA ZwdALhB/2dqaFC4bSqgXNYPbN0hgUKdEmyNyDpDg3F8 -ukgzLa7A0bVryf4GEXtqbAU6uMlEiZC6ZYnNgIdbPAg ---- XF4TF6aDYrTOXdaLTJgns3ZMeVVCO4OO+LSIczz8vag -nX~' #WY!&XsRBȻgiGʶ7}[myzug]_~:9u(y.v?r4e:0?7,ϻK5dP?40S3a G]I)RN! \ No newline at end of file +-> ssh-ed25519 V1pwNA gbttBwmYtq67vkhosksaN3pMFRD+yIZ9c3jkUqLjzwc +sKzCx+fRVT08lE9SROuhsKk4umCokWSafCQtK6NzX3s +-> ssh-ed25519 4PzZog 1n6kEJ2pIjIt1u6DUG2P0PL8s8k2316YnPR4cGLgW0I +EFE4bJ9AkJFAITUIMUSVaFszK01rpffnzg2HXLSskFU +-> ssh-ed25519 dA0vRg g9Xtgji4q1bjaGGiTqvBW9f/N9D2qZQimo9Wz8aNb10 +zj/0VlNRk3jX054Nu9hZGP+Vpx6YsBtxUTdjOOUyzUc +-> ssh-ed25519 5Nd93w xwTEItzkfxNRvwPcncZGqUGeOpY3eSJSYP7vkhWjlmg +sTTlm+WdWTTKfr+KTUVa5nLJAHv8UcsWJDXAuFqFZOY +-> ssh-ed25519 q8eJgg Jj02qd+MlAOSGLWEsaosZtfo3f0zZyzdT0czSauQr3I +aKHrwFMt4KvICBXm4fdt57ZaaGkilv1Eau7Y6TPB3ls +-> ssh-ed25519 KVr8rw DKp/IrXZ3Cqh7b7coO22iDR/InZ5xY8iLcm1KFgUCSI +YUQJ05y952NIoUeChUDcuvO9ku6S7qoBafRwSmCzLUk +-> ssh-ed25519 fia1eQ w1p/K436VeeWLjTtxZAGeOl0oZWeE88C2OfAg4Vc6Vg +eLcoL3kV2fhtZREEmgIEiX6ci05tU4PypX+WrRaoC4w +-> ssh-ed25519 IzAMqA ItqYQQFlBcabTg8ydW0EEq9ZO7SamcZUGCtZUCAtSmo +RvtyYRdWEmMhU6uA8WSFhuzow8CsXWZmyJR9m+CDo/g +-> ssh-ed25519 uZzB3g gG0Ku+k9Ct8D7ZuHPsD9IZO0+O36jKps6QDYEyhYSy0 +4npr5UCPapsWmyANaX08JVVCmU3mpgD93kGWvEFP4F4 +-> ssh-ed25519 Hb0ipQ jO43lRL6JA0dLRfei2uR4xo7b+hKItvQmYEjauLEvkU +3RuQqq+Z6V0qASF1EhtiDhn5MZ65sdmJ8hzebRmAlK8 +-> ssh-ed25519 IzAMqA 8q3O2zg4eX41Gbh8PSVTxy6ukc28PVvoIROkbKcJqV4 +bnS9VskRrWKZR0KDsh8elU4vhBXuZKV+7sj4Mx8QuXw +--- 3yQiKJMfU9JyNxvcZLea+2FlHsoGWpaAeKQvMLE87uQ +ӪvK #\Q';—Wy:%8]^|>JMF+!Z2<@26S?` C\˘ńKÌbWɞJӄ1' In%A;ۑ@9L3aYMI`n;tr:.Pя + \ No newline at end of file diff --git a/secrets/nextcloud/pw.age b/secrets/nextcloud/pw.age index 047db6e..02fdf3f 100644 --- a/secrets/nextcloud/pw.age +++ b/secrets/nextcloud/pw.age @@ -1,21 +1,19 @@ age-encryption.org/v1 --> ssh-ed25519 V1pwNA enzHbYyPDDgq9WliLne6mFBxUJcIGl2lO0EOob+smn0 -+p8zsbFpe5NkZ6ly3mzmwFzLPT6VPCOxCUCMbPzgZeM --> ssh-ed25519 4PzZog hufrzwSjVHi5fI8vhFdqzuJOnabcVkP08RhocQcy2F8 -rkW1//bKw7PDEAsUqHR1RKmB8WJUmb64Tp7XpRgueJs --> ssh-ed25519 dA0vRg u+TEdkFb1kcboFRD2lseVIgwxRPA2UHKKEuY0UAj9G8 -m5RFvFSrr8wJP/3FuUEY4unRHCdcGeNZGy0yd7TmAB4 --> ssh-ed25519 5Nd93w YZGOEyMxBYfiUzSbq+TL6IaZXlrclAFqwJ2ui0AeqQM -L1cQpnMWh/1bI608iNQBQqAWtHuw0oAvew4kFaffM4E --> ssh-ed25519 q8eJgg lGpgxRy5zmacWvhZFJMPArG9xrUaW2pWFDj9i9k68AA -voaccSRi7JRvslMQb184V+GGhLGndfK0MyVy5WdXDVs --> ssh-ed25519 KVr8rw +cDqGXb/EWa3u04LL7SvXUh/bCkkoql0RGNXiqhbVSk -KxgfXCYOuUbUeuGW+bt/+VFC3vLZnKjaZte7tKVlai8 --> ssh-ed25519 fia1eQ AVGkBzg031Pye0QDxoQnw/D2bfaCPTJCTG4vtfZU0DY -3ag9Cg7zlxLcNG0sN9VQfFQNrHnVOrEz4ayYApzy3Iw --> ssh-ed25519 Km71ZA 60en2Z9LvPiEKb6CWbY8V/XO53ABXKOdC/wfk6aSiHI -9E+Pt5I0nRzA7TRXwtEaHR6BsBP15xcQ8mr9kd66PrA --> ssh-ed25519 YFaxCg L2D66ArXKuoZUdYRr5kycmRgs6EG1h1Z/fg+/TjZam8 -DJF4mVbgSqjJxHkhVUv+7e9vTnPtSa4zAa6N18z+CoE ---- fbOoRpYqRSR88ma5/QLdnhzDq91VJfGMapg6BTBl6tw -VQdʾqԥøgϦU)?b;v$V,oxZ67TȚm:X< \ No newline at end of file +-> ssh-ed25519 V1pwNA ZlR8h9qHUL9sOogTAS4jhOkSqgeWOMgrI2jpzZeB43E +c1B+g2ke5kRtFZ1us5Sb8gxYdb7DUx5l1IzVAfbXxW4 +-> ssh-ed25519 4PzZog uPUS/whEnUBue936Q95LCG31yz987AGVTULqCLfQrSs +cGgATnRDcpNJ7CRUkouyoDk80EYB/QgzkX5snfs2qjg +-> ssh-ed25519 dA0vRg gabrxTdlYIjZWYnRMdID7aLu3hgHKmTG6RQHMMnsdjM +HIKk6j8Cntw6/SAtbAjDTSDqXhRzItris/gcm3UQT2w +-> ssh-ed25519 5Nd93w 9enbyAo/XabNmXWppWZWC0Do+6hwzjLPc/RgpFSsOkY +tLBW23QTKZKYZ0nlJ1WDdqsu8u0vsyNoZ10qrk06p3E +-> ssh-ed25519 q8eJgg 4Un1ZATrDODVT5Nr1qNkQzfhBeWcDkujxvFmXumHKl4 +MW1gkllR6yl4FiR/84jV04TgN/B4WEPbmrIWPVG7yKg +-> ssh-ed25519 KVr8rw ld3Xw4y/UIN6RADoJt+2gwnMbcl7qC4sF2X/pJcdJjU +8b3N70CMfQpXY01EjNxn4dZJ2PwbWG7JgYgfOlGfZT8 +-> ssh-ed25519 fia1eQ 5J0q5b+gAlELovtLXXTwr9jfhOl5L5SEy7+qRxUicCQ +k4Xd1ypatsY4rFPAVZoA89V6NrnLxrIrWBhYCY0BEis +-> ssh-ed25519 YFaxCg UgvKYVP36n85x6AaAIGysm9Kzl4TrMip9GTxVMRuWgM +HuTioTpbARDViBacuvqHM2WDNvL+hDyDCb8YJW2uukE +--- ig5Vtym6PTLi2FyPk/bdMBeQV8qICqxGONQGU2lGfxI +z|^ځ~0]|Ѹ"Qzb"gmr냍u ye$c \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 08d748a..cad986a 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -6,7 +6,6 @@ let thenobrainer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKjaKI97NY7bki07kxAvo95196NXCaMvI1Dx7dMW05Q1 thenobrainer"; eliza = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIJaVEGPDxG/0gbYJovPB+tiODgBDUABlgc1OokmF3WA eliza-skynet"; esy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINS2UR/o+nK8lNHHTj5I84ZAAp6P+ZhXqhedMfx0KHE4 "; - esy_root = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDxHpsApRyCvuP2ToGm46G308Og8lO7BYPuz+EqHVU5w esy root"; users = [ admin @@ -16,7 +15,6 @@ let thenobrainer eliza esy - esy_root ]; agentjones = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDHOxA3uYcqS5gTrG1hS8XXwehzQYAI2I4iULtU8cXft root@agentjones"; @@ -33,7 +31,7 @@ let cadie = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIACcwg27wzzFVvzuTytcnzRmCfGkhULwlHJA/3BeVtgf root@cadie"; marvin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAme2vuVpGYX4La/JtXm3zunsWNDP+SlGmBk/pWmYkH root@marvin"; calculon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGsmeBfh4Jw2GOL7Iyswzn4TVNzalDbxDgh7WuQotFxR root@calculon"; - ariia = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF/x7Zsp9jqxXxxRGLq7ng4HaiZ9o043Bwy4TFPXSs5S root@ariia"; + ariia = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA4kV6W1/tP/nf2ZWNhRoV1mK04R4pS+c5vdsA1n5gpN root@ariia"; optimus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFv0Hb4qfzXUll+Hct1NQOE0bCf0MpE24Cqskd8vAFyj root@optimus"; bumblebee = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINF31tsOZTEpPFCu4wZvJjxxvgFhRpxvo9SKyDMNWHZu root@bumblebee"; @@ -101,13 +99,8 @@ let bitwarden = [ kitt ]; - - sso = [ - kitt - ]; in { # nix run github:ryantm/agenix -- -e secret1.age - "base/root_pass.age".publicKeys = users ++ systems; "dns_certs.secret.age".publicKeys = users ++ systems; "dns_dnskeys.conf.age".publicKeys = users ++ dns; @@ -139,8 +132,7 @@ in { "backup/restic_pw.age".publicKeys = users ++ restic; # discord bot and discord - "discord/token.age".publicKeys = users ++ discord; - "discord/t-800.age".publicKeys = users ++ discord; + "discord/token1.age".publicKeys = users ++ discord; # email stuff "email/details.age".publicKeys = users ++ ldap ++ discord; @@ -156,9 +148,6 @@ in { "bitwarden/secret.age".publicKeys = users ++ bitwarden; "bitwarden/details.age".publicKeys = users ++ bitwarden; - # Keycloak/sso - "keycloak/pw.age".publicKeys = users ++ sso; - # grafana "grafana/pw.age".publicKeys = users ++ grafana; } diff --git a/secrets/stream_ulfm.age b/secrets/stream_ulfm.age index b014d5f..c91deb6 100644 Binary files a/secrets/stream_ulfm.age and b/secrets/stream_ulfm.age differ diff --git a/secrets/wolves/details.age b/secrets/wolves/details.age index 857f7e5..31b96ee 100644 Binary files a/secrets/wolves/details.age and b/secrets/wolves/details.age differ