Jo/puzzlevision
1
0
Fork 0
mirror of https://github.com/Jokiller230/puzzlevision.git synced 2025-09-09 20:30:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

♻️ Migrate and refactor all v1 services, Add atticd service and cleanup

Browse source
This commit is contained in:
Jo 2025-05-25 19:09:33 +02:00
parent 76489651f1
commit e45cfc0fbc
24 changed files with 592 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

28
.sops.yaml
View file

@ -1,31 +1,25 @@
keys: keys:
- &jo age1qcjcwh9tq8pzf2yr7m3hm2n3n3y5rlc30fpkr0eytju9w57ucgcsgcy79d - &jo age1qcjcwh9tq8pzf2yr7m3hm2n3n3y5rlc30fpkr0eytju9w57ucgcsgcy79d
- &absolutesolver age1ajkq0lalyc75tjhdtpx2yshw5y3wt85fwjy24luf69rvpavg33vqw6c3tc - &absolutesolver age1gudgza8lv02nwec0pejqpp5t7zu0tzjsfkmvgvy3ckfscr9f4qrq2sl5dv
creation_rules: creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|cfg)$ - path_regex: secrets/[^/]+\.(yaml|json|env|cfg)$
key_groups: key_groups:
- age: - age:
- *jo - *jo
- *absolutesolver - *absolutesolver
- path_regex: systems/[^/]+/absolutesolver/secrets/.*\.(yaml|env|json|cfg)$ - path_regex: systems/[^/]+/absolutesolver/secrets/.*\.(yaml|env|json|cfg)$
key_groups: key_groups:
- age: - age:
- *jo - *jo
- *absolutesolver - *absolutesolver
- path_regex: systems/[^/]+/puzzlevision/secrets/.*\.(yaml|env|json|cfg)$ - path_regex: systems/[^/]+/puzzlevision/secrets/.*\.(yaml|env|json|cfg)$
key_groups: key_groups:
- age: - age:
- *jo - *jo
- path_regex: homes/[^/]+/jo/secrets/.*\.(yaml|env|json|cfg)$ - path_regex: homes/[^/]+/jo/secrets/.*\.(yaml|env|json|cfg)$
key_groups: key_groups:
- age: - age:
- *jo - *jo
- path_regex: homes/[^/]+/cyn/secrets/.*\.(yaml|env|json|cfg)$
key_groups:
- age:
- *jo
- *absolutesolver

5
flake.nix
View file

@ -44,6 +44,11 @@
url = "github:h-banii/youtube-music-nix"; url = "github:h-banii/youtube-music-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
attic = {
url = "github:zhaofengli/attic";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = {flake-parts, ...} @ inputs: outputs = {flake-parts, ...} @ inputs:

4
homes/x86_64-linux/cyn/default.nix
View file

@ -1,6 +1,6 @@
{pkgs, ...}: { {pkgs, ...}: {
home.packages = with pkgs; [ home.packages = with pkgs; [
cowsay ### Tools
cmatrix git
]; ];
} }

1
modules/flake/systems.nix
View file

@ -17,6 +17,7 @@
(lib.optionals (class == "nixos") [ (lib.optionals (class == "nixos") [
inputs.home-manager.nixosModules.default inputs.home-manager.nixosModules.default
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
inputs.attic.nixosModules.atticd
]) ])
++ (self.lib.dirToModuleList ../${class}); # Import modules based on current classname. ++ (self.lib.dirToModuleList ../${class}); # Import modules based on current classname.
}; };

38
modules/nixos/archetypes/server/default.nix Normal file
View file

@ -0,0 +1,38 @@
{
lib,
self,
config,
...
}: let
inherit (lib) mkEnableOption mkIf;
inherit (self) namespace;
cfg = config.${namespace}.archetypes.server;
in {
options.${namespace}.archetypes.server = {
enable = mkEnableOption "the server archetype for your current system";
};
config = mkIf cfg.enable {
puzzlevision = {
system = {
nix = {
enable = true;
use-lix = true;
};
grub.enable = true;
networking.enable = true;
kernel.enable = true;
shell.enable = true;
locale.enable = true;
};
services = {
docker.enable = true;
};
};
# Enable SSH for remote login
services.openssh.enable = true;
};
}

53
modules/nixos/services/atticd/default.nix Normal file
View file

@ -0,0 +1,53 @@
{
lib,
self,
config,
...
}: let
inherit (lib) mkEnableOption mkIf;
inherit (self) namespace;
cfg = config.${namespace}.services.atticd;
in {
options.${namespace}.services.atticd = {
enable = mkEnableOption "the attic service, a multi-tenant nix binary cache.";
sopsFile = mkOpt types.str null "The location of the sops secret file for the Atticd service.";
sopsFormat = mkOpt types.str null "The format of the sops secret file for the Atticd service.";
subdomain = mkOpt types.str "cache" "The subdomain, of the system domain, the service should be exposed on.";
};
config = mkIf cfg.enable {
config.sops.secrets."services/atticd" = {
sopsFile = cfg.sopsFile;
format = cfg.sopsFormat;
};
services.atticd = {
enable = true;
environmentFile = config.sops.secrets."services/atticd".path;
settings = {
listen = "[::]:3900";
jwt = {};
chunking = {
nar-size-threshold = 64 * 1024; # 64 KiB
min-size = 16 * 1024; # 16 KiB
avg-size = 64 * 1024; # 64 KiB
max-size = 256 * 1024; # 256 KiB
};
};
};
services.traefik.dynamicConfigOptions = {
http = {
services.atticd.loadBalancer.server.url = "http://localhost:3900";
routers.atticd = {
entrypoints = ["websecure"];
rule = "Host(`${cfg.subdomain}.${config.services.domain}`)";
};
};
};
};
}

13
modules/nixos/services/default.nix Normal file
View file

@ -0,0 +1,13 @@
{
lib,
self,
...
}: let
inherit (lib) types;
inherit (self) namespace;
inherit (self.lib) mkOpt;
in {
options.${namespace}.services = {
domain = mkOpt types.str "thevoid.cafe" "The main system domain, used for exposing services.";
};
}

5
modules/nixos/services/docker/default.nix
View file

@ -15,6 +15,9 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Enable docker # Enable docker
virtualisation.docker.enable = true; virtualisation = {
docker.enable = true;
oci-containers.backend = "docker";
};
}; };
} }

34
modules/nixos/services/duckdns/default.nix Normal file
View file

@ -0,0 +1,34 @@
{
lib,
self,
config,
...
}: let
inherit (lib) mkEnableOption mkIf types;
inherit (self) namespace;
inherit (self.lib) mkOpt;
cfg = config.${namespace}.services.duckdns;
in {
options.${namespace}.services.duckdns = {
enable = mkEnableOption "DuckDNS, the dynamic dns service. Will periodically refresh your IP.";
sopsFile = mkOpt types.str null "The location of the sops secret file for the DuckDNS service.";
sopsFormat = mkOpt types.str null "The format of the sops secret file for the DuckDNS service.";
};
config = mkIf cfg.enable {
sops.secrets.duckdns = {
sopsFile = cfg.sopsFile;
format = cfg.sopsFormat;
};
virtualisation.oci-containers.containers.duckdns = {
image = "lscr.io/linuxserver/duckdns:latest";
autoStart = true;
hostname = config.networking.hostname;
environmentFiles = [
config.sops.secrets.duckdns.path
];
};
};
}

54
modules/nixos/services/homepage/default.nix Normal file
View file

@ -0,0 +1,54 @@
{
lib,
self,
config,
...
}: let
inherit (lib) mkEnableOption mkIf types;
inherit (self) namespace;
inherit (self.lib) mkOpt;
cfg = config.${namespace}.services.homepage;
in {
options.${namespace}.services.homepage = {
enable = mkEnableOption "Homepage, an intuitive dashboard for your services.";
subdomain = mkOpt types.str "home" "The subdomain, of the system domain, the service should be exposed on.";
configDir = mkOpt types.str null "The config directory, which will be copied to the Homepage directory during compilation.";
};
config = mkIf cfg.enable {
systemd.tmpfiles.rules = [
"d /var/lib/containers/homepage 0700 root root -"
"d /var/lib/containers/homepage/config 0700 root root -"
"d /var/lib/containers/homepage/images 0700 root root -"
];
# Copy files from homepageConfigDirectory to the target directory
system.activationScripts.homepage = ''
cp -r ${cfg.configDir}/* /var/lib/containers/homepage/
'';
virtualisation.oci-containers.containers.homepage = {
image = "ghcr.io/gethomepage/homepage:latest";
autoStart = true;
hostname = config.networking.hostname;
labels = {
"traefik.enable" = "true";
"traefik.http.routers.homepage.entrypoints" = "websecure";
"traefik.http.routers.homepage.rule" = "Host(`${cfg.subdomain}.${config.services.domain}`)";
"traefik.http.services.homepage.loadbalancer.server.port" = "3000";
};
volumes = [
"/var/lib/containers/homepage/config:/app/config:rw"
"/var/lib/containers/homepage/images:/app/public/images:rw"
# Optional, used for docker integration.
"/var/run/docker.sock:/var/run/docker.sock:ro"
];
environment = {
"HOMEPAGE_ALLOWED_HOSTS" = "${cfg.subdomain}.${config.services.domain}";
};
extraOptions = ["--network=proxy"];
};
};
}

98
modules/nixos/services/traefik/default.nix Normal file
View file

@ -0,0 +1,98 @@
{
lib,
self,
config,
...
}: let
inherit (lib) mkEnableOption mkIf mkOption;
inherit (self) namespace;
cfg = config.${namespace}.services.traefik;
in {
options.${namespace}.services.traefik = {
enable = mkEnableOption "the Traefik service.";
sopsFile = mkOpt types.str null "The location of the sops secret file for the Traefik service.";
sopsFormat = mkOpt types.str null "The format of the sops secret file for the Traefik service.";
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [80 8080 443]; # http, dashboard, https
sops.secrets."services/traefik" = {
sopsFile = cfg.sopsFile;
format = cfg.sopsFormat;
};
systemd.services.traefik = {
serviceConfig = {
EnvironmentFile = [config.sops.secrets."services/traefik".path];
};
};
services.traefik = {
enable = true;
group = "docker";
staticConfigOptions = {
log = {
level = "INFO";
filePath = "/var/lib/traefik/traefik.log";
noColor = false;
maxSize = 100;
compress = true;
};
api = {
dashboard = true;
insecure = true;
};
providers = {
docker = {
exposedByDefault = false;
network = "proxy";
};
};
certificatesResolvers = {
letsencrypt = {
acme = {
email = cfg.cloudflareEmail;
storage = "/var/lib/traefik/acme.json";
#caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"; # Uncomment this when testing stuff!
dnsChallenge = {
provider = "cloudflare";
};
};
};
};
entryPoints.web = {
address = ":80";
http.redirections.entryPoint = {
to = "websecure";
scheme = "https";
permanent = true;
};
};
entryPoints.websecure = {
address = ":443";
http.tls = {
certResolver = "letsencrypt";
domains = [
{
main = "thevoid.cafe";
sans = ["*.thevoid.cafe"];
}
{
main = "rhysbot.co.uk";
sans = ["*.rhysbot.co.uk"];
}
];
};
};
};
};
};
}

49
modules/nixos/services/vaultwarden/default.nix Normal file
View file

@ -0,0 +1,49 @@
{
lib,
self,
config,
...
}: let
inherit (lib) mkEnableOption mkIf types;
inherit (self) namespace;
inherit (self.lib) mkOpt;
cfg = config.${namespace}.services.vaultwarden;
in {
options.${namespace}.services.vaultwarden = {
enable = mkEnableOption "Vaultwarden, a self-hostable password manager.";
sopsFile = mkOpt types.str null "The location of the sops secret file for the Vaultwarden service.";
sopsFormat = mkOpt types.str null "The format of the sops secret file for the Vaultwarden service.";
subdomain = mkOpt types.str "vault" "The subdomain, of the system domain, the service should be exposed on.";
};
config = mkIf cfg.enable {
sops.secrets."services/vaultwarden" = {
sopsFile = cfg.sopsFile;
format = cfg.sopsFormat;
};
# Ensure directories exist before OCI container is launched.
systemd.tmpfiles.rules = [
"d /var/lib/containers/vaultwarden/data 0700 root root -"
];
virtualisation.oci-containers.containers.vaultwarden = {
image = "vaultwarden/server";
autoStart = true;
hostname = config.networking.hostname;
labels = {
"traefik.enable" = "true";
"traefik.http.routers.vaultwarden.entrypoints" = "websecure";
"traefik.http.routers.vaultwarden.rule" = "Host(`${cfg.subdomain}.${config.services.domain}`)";
};
volumes = [
"/var/lib/containers/vaultwarden/data:/data:rw"
];
environmentFiles = [
config.sops.secrets."services/vaultwarden".path
];
extraOptions = ["--network=proxy"];
};
};
}

57
systems/x86_64-nixos/absolutesolver/default.nix Normal file
View file

@ -0,0 +1,57 @@
{pkgs, ...}: {
# Setup Sops
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
sops.age.keyFile = "/var/lib/sops-nix/key.txt";
sops.age.generateKey = true;
puzzlevision = {
users.cyn = {
enable = true;
hashedPassword = "$6$mvK9bT756Aok54Vt$vBRnT66Vb3HL0Y5rEMJlHvKkvzVQ.KUciInTmW3FCBFT00IuFMpz3q9RhXPLTLMRPho65bTg9hMnFPb84I774.";
extraGroups = ["wheel" "docker"];
};
archetypes.server.enable = true;
services = {
traefik = {
enable = true;
sopsFile = ./secrets/traefik.env;
sopsFormat = "dotenv";
};
duckdns = {
enable = true;
sopsFile = ./secrets/duckdns.env;
sopsFormat = "dotenv";
};
vaultwarden = {
enable = true;
sopsFile = ./secrets/vaultwarden.env;
sopsFormat = "dotenv";
};
homepage = {
enable = true;
configDir = ./resources/homepage-config;
};
};
};
services.cron = {
enable = true;
systemCronJobs = [
"*/5 * * * * cyn docker exec -u www-data nextcloud-nextcloud-1 php /var/www/html/cron.php"
"*/15 * * * * cyn docker exec -u www-data nextcloud-nextcloud-1 php /var/www/nextcloud/occ preview:pre-generate"
"* 3 * * * cyn cd /home/cyn/docker/compose/satisfactory && docker compose up -d --force-recreate"
];
};
environment.systemPackages = with pkgs; [
nano
];
networking.hostName = "absolutesolver";
system.stateVersion = "25.05";
}

30
systems/x86_64-nixos/absolutesolver/resources/homepage-config/config/bookmarks.yaml Normal file
View file

@ -0,0 +1,30 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/bookmarks
- IT:
- Github:
- abbr: GH
href: https://github.com/
- Codeberg:
- icon: mdi-image-filter-hdr-outline
href: https://codeberg.org/
- Stackoverflow:
- abbr: SO
href: https://stackoverflow.com/
- Social:
- Reddit:
- abbr: RE
href: https://reddit.com/
- Whatsapp:
- icon: mdi-chat-outline
href: https://web.whatsapp.com/
- Fun:
- YouTube:
- icon: mdi-video-vintage
href: https://youtube.com/
- A-Dark-Room:
- icon: mdi-campfire
href: https://adarkroom.doublespeakgames.com/

10
systems/x86_64-nixos/absolutesolver/resources/homepage-config/config/docker.yaml Normal file
View file

@ -0,0 +1,10 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/docker/
# my-docker:
# host: 127.0.0.1
# port: 2375
default-docker:
socket: /var/run/docker.sock

14
systems/x86_64-nixos/absolutesolver/resources/homepage-config/config/services.yaml Normal file
View file

@ -0,0 +1,14 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/services
- System:
- Fritz!Box:
name: Fritz!Box
icon: avm-fritzbox.png
href: http://192.168.178.1
description: Home router configuration
widget:
type: "fritzbox"
url: http://192.168.178.1
ping: http://192.168.178.1

54
systems/x86_64-nixos/absolutesolver/resources/homepage-config/config/settings.yaml Normal file
View file

@ -0,0 +1,54 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/settings
title: Jo's Home
background:
image: /images/cozy_kitchen_rain_compressed.webp
blur: md
opacity: 45
favicon: /images/logo.png
theme: dark
color: slate
iconStyle: theme
layout:
Media:
style: row
columns: 1
Utilities:
style: column
columns: 2
Entertainment:
style: column
column: 3
System:
style: column
columns: 3
Development:
style: row
columns: 2
Social:
style: column
columns: 3
IT:
style: column
columns: 3
Fun:
style: column
columns: 3
headerStyle: clean
target: _blank
quicklaunch:
searchDescriptions: true
hideInternetSearch: false
hideVisitURL: false
hideVersion: true
showStats: false

22
systems/x86_64-nixos/absolutesolver/resources/homepage-config/config/widgets.yaml Normal file
View file

@ -0,0 +1,22 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/widgets
- resources:
label: System
cpu: true
memory: true
uptime: true
units: metric
- resources:
label: Storage
disk: /
- datetime:
text_size: xl
format:
timeStyle: short
dateStyle: long
hourCycle: h23
locale: de

BIN
systems/x86_64-nixos/absolutesolver/resources/homepage-config/images/cozy_kitchen_rain_compressed.webp Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 36 KiB

BIN
systems/x86_64-nixos/absolutesolver/resources/homepage-config/images/logo.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 17 KiB

9
systems/x86_64-nixos/absolutesolver/secrets/atticd.env Normal file
View file

File diff suppressed because one or more lines are too long

14
systems/x86_64-nixos/absolutesolver/secrets/duckdns.env Normal file
View file

@ -0,0 +1,14 @@
PUID=ENC[AES256_GCM,data:lxkuog==,iv:yP4a8/yPDxqaMWF7B98fx4EnvQTjeLEFHbQfZJKIj5w=,tag:5E71lSVVyFEtW2x9K1bmKg==,type:str]
PGID=ENC[AES256_GCM,data:oLPGtg==,iv:VnXy7EqnelYfXlYpLWHykmyR12AffsdODCUfL9QAvig=,tag:+Gv8qPuMrj1A151FtjPcMA==,type:str]
TZ=ENC[AES256_GCM,data:sf3Yq4iqZt1AOyII/Q==,iv:X8T/uFcBjJ4O8+WDPv8hSjYQzIlp0hkDCq+IwoixP1g=,tag:TDSjLOhvQp0nNopPP0Bf/w==,type:str]
SUBDOMAINS=ENC[AES256_GCM,data:w7fOE6X6l0dbRGRJekNRZFAA,iv:/4E8c2YzQW1zwnRRCTa8X8tnEvkLffM+1wy+4KWuTL0=,tag:MTKGOWLsGvNZGzBrjev8KQ==,type:str]
TOKEN=ENC[AES256_GCM,data:QPGrbiwqJY4smVgCkzF4rg91VpoWjx+3FzQYL5v36LeBGZ0e,iv:aEf8b7pnsBwjv/2NPSJpgq1LZH6pioTo+5QrwXgBRrI=,tag:hU2GEvPMk/oZ1f0/aF/JPg==,type:str]
LOG_FILE=ENC[AES256_GCM,data:Ggb5fCg=,iv:mYZSsNHBSObpqdoFRovWy2CwqAFqsgPCODHvQQtRZyY=,tag:i1WB2x32z+lQ0fQYZXPabA==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQSFEzMTFVTGRuTzdRc1d3\nT01LaVFlN0NQUE5KR1V3cTFhWHFETHNwVm1NClo0RWxyNjYwVFQxbUVoYlp3VGhh\nN21xd2JiUlJiSFVheDV1cndwUFhzUmcKLS0tIHd6NjNlSUUzZ3g0czhuZnVxajhL\nbWhPbzRiU3dzQk13RCt3bkIyV2tjOUUKn/tpVbegYBU1vn59vWmkO2UxZHFzc63k\nKFEou1Gp77uh9IrA/uT5ZF7BFrADMQmX54+whUMsqKHaSAUeuVnzJw==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1qcjcwh9tq8pzf2yr7m3hm2n3n3y5rlc30fpkr0eytju9w57ucgcsgcy79d
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxUTN4OG9WWDVLTnFwcmhr\nY3JXa0dURXg1ODZGN0hkRGF3TEZTZjZIVkdjCmNRMXFWWmxXQUxmV2dHUTJzR1pz\nR1gyZVV5bUhjZENOeW14K3lHV0dDakUKLS0tIFhvRHJtVHdQOUI0WlhtY0kwT3Vu\nbnB5RzA0RmtrZWQ5VVBCZXJMbGxwdlEKGWFr/KBbaj9WxleuNhtV/0KJWz6lpcrI\nnJ5GEf4e0d1CgOAayPKzLpgf5Pz9GAfsHD72NWv7dNAdRrOoa1pL0g==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1ajkq0lalyc75tjhdtpx2yshw5y3wt85fwjy24luf69rvpavg33vqw6c3tc
sops_lastmodified=2025-05-25T17:02:19Z
sops_mac=ENC[AES256_GCM,data:yx+YDiv04ZZBjuag+lF6GObqgL6cJVfj2TZLnl22/U8Yp1Su/IgiPFpqyWqYbjdbnoc2pFe0FhdvUoN58yPjOIm50jdNM3OgQNBhtP/oJU0hwuZGrvI1R9iUhVFDvDjqwDGsC+e92/EGgFKU/rjj0oByhrukqL2khvj/0FeQ8sg=,iv:pLy5UO5Zaqv/bL7OYJqUZ+oRPqaWfaoBkkJpMkvPjzQ=,tag:B9kIFdgHxrvbug2fKUtkDg==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.10.2

10
systems/x86_64-nixos/absolutesolver/secrets/traefik.env Normal file
View file

@ -0,0 +1,10 @@
CF_API_KEY=ENC[AES256_GCM,data:TSDR5dnNolSErwfjAjyOZsyCapan6dumv2Ti2fttkcAY3zIamA==,iv:pJqVyZ8Q7jVa9LOBhiyXP84yAQDGIWcgHf3S5Kmynek=,tag:Rei3sW5oaCcqCsLopEoeKQ==,type:str]
CF_API_EMAIL=ENC[AES256_GCM,data:85E6UE8QCfBxhdWxVvwrnWetC6ZtQBXcujPbXgk=,iv:qEmGfZguzppCJGsPSAj0VsmPI5K4gVHZJzRT6C7bPmM=,tag:LvgXKz1GwWaFJSMgkfh0eg==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBma3VZRkh6MzBLNkZZS3Ay\nZWpiU2NsMjcwc3hlb1J0K0NPdXJTYVYwcG00CjJUV052Vkt0N2tZOU13d0NrTEZj\neXVla2RWUzZDUHFvZ2lmYzYyb0w2RVkKLS0tIFdkZGYweW9nTDNCb3hqdU1HVVBt\na01ucjZVZUhOS3JxNWI3dDllT2FwUmMKWtRC1AsyiE7WGwG8i+kyy3ejNU/EVDvC\n2JwnbAX/E8yLjhx68zTbQ0jF6j7xxfdUqNgOOgK1IlK7zriXuA+y1Q==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1qcjcwh9tq8pzf2yr7m3hm2n3n3y5rlc30fpkr0eytju9w57ucgcsgcy79d
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNZlZwZGk0bGlpdmhCeENs\ncUJJTEhJQllrdDE4WVVLT01qSGZEeFpNL0VnCmZDWWM4L1l5S3dzc20xQTlhVHBi\nRW4vWWxEYjVmK0l3TWJOSjN5VG5ZUFUKLS0tIElZRzZpUGRpSjc3ZHJaTDZYRTJB\ndmoyN2lXYUVSQ3RQaXRuMkgwejdXTTQKGFM9TouDfvIlb6tyymuAAVsDb/LMhPDP\nNX7zSAHNWdTxo+h913NnVFSZJZzPxIR4dMB+sCn+5p6YawB61K5zpg==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1ajkq0lalyc75tjhdtpx2yshw5y3wt85fwjy24luf69rvpavg33vqw6c3tc
sops_lastmodified=2025-05-25T15:36:17Z
sops_mac=ENC[AES256_GCM,data:y2DNwdfrffQA1gcjlI3006+6c9NYXV+2Wsn6IVJcunFoan73iAn/u6D/XZHiF7R2z8/cZOvLW6BCQzEIeUvtm/LeSh9HOz/LV+kYEqvCb2qvc/h8dSXwZY/P+4eIpuSPR0BqeILUAZBzlLbMRQ8vEK+7wA95+72ixl4jaZxPXps=,iv:rjmS6QraVr4gJljwFRkIOcRTLBugWnd9YsZ0m6cvyos=,tag:DIDiHdkuVgCJh9/YWBEEow==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.10.2

10
systems/x86_64-nixos/absolutesolver/secrets/vaultwarden.env Normal file
View file

@ -0,0 +1,10 @@
DOMAIN=ENC[AES256_GCM,data:XtVmddel4uwamadpRlUgwez7AcBSVYBrBL4=,iv:1XILsuKg2iw3HesEEx4aPxKT4uVGItfk1h0i1zFFE50=,tag:ebB7eLD/FudKZ8vihVGrug==,type:str]
SIGNUPS_ALLOWED=ENC[AES256_GCM,data:UZcXAWY=,iv:gsJhwcCeTtDMQuGrwqavLXolIGbqE6xsabl26FWmW2I=,tag:/IUwBMJvG3vXrO4EbFg8Hw==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArYVBPbEY3MEdVSFlZNnlM\nWFJ0L1oyTituV29BQk9BZUNoNzFzRVZWcVYwCktUeElQQ2s0aGtLdzB5dThzUFZU\nVmlxQ3c3RFpGb2h5U0lESmVoUFgxeE0KLS0tIDBGMzBtb3d3T2RobUFMN0FGem5L\nWlRvU25rL2xQNkx1cDJ5dld4YUVpcTQKxPoVeLMB4OkF8C2REvDW1xHB1qnDkqsD\nyzCXhs8HkAZFfv1zw3gNeG2SB7JRTQM4JPCrA0ceg1q9OO7iEInzKA==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1qcjcwh9tq8pzf2yr7m3hm2n3n3y5rlc30fpkr0eytju9w57ucgcsgcy79d
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCWHlkMjhnb0NsVTNSSHox\nTUZtZUlVRkNveDFqVjR2TGFCSWVFWXppRXo4CjF5SWYvRTdzUWFoemxJaFR2VU9B\nbXY3d3RaY3UvUlNCV3FwZDNGd0M0RGcKLS0tIFpUd3VzRDl4aVM5VXoyV3FiWDNy\ndmE0Rk0ySVBiVW9CZ2Jqb1A1aUdNT2MKtiJZLpoOUxpTUosauNZejzK3d/2wpJ33\ndWjowUn4/TKzZ4VjV9hGuokiwlf9ohJJCodINI4PBHWhb3OfXMsGMQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1ajkq0lalyc75tjhdtpx2yshw5y3wt85fwjy24luf69rvpavg33vqw6c3tc
sops_lastmodified=2025-05-25T17:01:30Z
sops_mac=ENC[AES256_GCM,data:2h3KjAcdeDjGJ0lKmkucBxyDrNTl+FgRvoUcWiURHOyDO6RrM3SIyGbqjrr4jRR8Zv6a45SsqgcA8DrwRKWN+dV/IvDY15NNo279JmnS+jK00x+FnYxmSB63GLyz5zWEEY3DV4lOGwsr2eKd2UmH5H9W4Nb0ARMitKIXRMnzzxE=,iv:ip1xWy9XDHQO7KjHPzKmkuv3uGMhrRMXZp3MXWqndHg=,tag:ex+JxUkWj/13/twi0g+Rzw==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.10.2