From af8f4f00c21750728af9811bf6e20ad6b41295a7 Mon Sep 17 00:00:00 2001 From: pinpox Date: Mon, 21 Jul 2025 12:30:03 +0200 Subject: [PATCH] add syncthing services --- clanModules/syncthing/default.nix | 6 - clanModules/syncthing/roles/introducer.nix | 6 - clanModules/syncthing/roles/peer.nix | 21 --- .../syncthing/README.md | 10 +- clanServices/syncthing/default.nix | 160 ++++++++++++++++++ clanServices/syncthing/flake-module.nix | 23 +++ .../syncthing/shared.nix | 66 ++------ clanServices/syncthing/tests/vm/default.nix | 47 +++++ .../vm/sops/machines/introducer/key.json | 6 + .../tests/vm/sops/machines/peer1/key.json | 6 + .../tests/vm/sops/machines/peer2/key.json | 6 + .../vm/sops/secrets/introducer-age.key/secret | 15 ++ .../secrets/introducer-age.key/users/admin | 1 + .../vm/sops/secrets/peer1-age.key/secret | 15 ++ .../vm/sops/secrets/peer1-age.key/users/admin | 1 + .../vm/sops/secrets/peer2-age.key/secret | 15 ++ .../vm/sops/secrets/peer2-age.key/users/admin | 1 + .../tests/vm/sops/users/admin/key.json | 4 + .../syncthing/apikey/machines/introducer | 1 + .../introducer/syncthing/apikey/secret | 19 +++ .../introducer/syncthing/apikey/users/admin | 1 + .../syncthing/cert/machines/introducer | 1 + .../introducer/syncthing/cert/secret | 19 +++ .../introducer/syncthing/cert/users/admin | 1 + .../per-machine/introducer/syncthing/id/value | 1 + .../syncthing/key/machines/introducer | 1 + .../introducer/syncthing/key/secret | 19 +++ .../introducer/syncthing/key/users/admin | 1 + .../peer1/syncthing/apikey/machines/peer1 | 1 + .../per-machine/peer1/syncthing/apikey/secret | 19 +++ .../peer1/syncthing/apikey/users/admin | 1 + .../peer1/syncthing/cert/machines/peer1 | 1 + .../per-machine/peer1/syncthing/cert/secret | 19 +++ .../peer1/syncthing/cert/users/admin | 1 + .../vars/per-machine/peer1/syncthing/id/value | 1 + .../peer1/syncthing/key/machines/peer1 | 1 + .../per-machine/peer1/syncthing/key/secret | 19 +++ .../peer1/syncthing/key/users/admin | 1 + .../peer2/syncthing/apikey/machines/peer2 | 1 + .../per-machine/peer2/syncthing/apikey/secret | 19 +++ .../peer2/syncthing/apikey/users/admin | 1 + .../peer2/syncthing/cert/machines/peer2 | 1 + .../per-machine/peer2/syncthing/cert/secret | 19 +++ .../peer2/syncthing/cert/users/admin | 1 + .../vars/per-machine/peer2/syncthing/id/value | 1 + .../peer2/syncthing/key/machines/peer2 | 1 + .../per-machine/peer2/syncthing/key/secret | 19 +++ .../peer2/syncthing/key/users/admin | 1 + docs/mkdocs.yml | 2 +- .../test_driver/__init__.py | 8 + 50 files changed, 515 insertions(+), 96 deletions(-) delete mode 100644 clanModules/syncthing/default.nix delete mode 100644 clanModules/syncthing/roles/introducer.nix delete mode 100644 clanModules/syncthing/roles/peer.nix rename {clanModules => clanServices}/syncthing/README.md (89%) create mode 100644 clanServices/syncthing/default.nix create mode 100644 clanServices/syncthing/flake-module.nix rename {clanModules => clanServices}/syncthing/shared.nix (72%) create mode 100644 clanServices/syncthing/tests/vm/default.nix create mode 100755 clanServices/syncthing/tests/vm/sops/machines/introducer/key.json create mode 100755 clanServices/syncthing/tests/vm/sops/machines/peer1/key.json create mode 100755 clanServices/syncthing/tests/vm/sops/machines/peer2/key.json create mode 100644 clanServices/syncthing/tests/vm/sops/secrets/introducer-age.key/secret create mode 120000 clanServices/syncthing/tests/vm/sops/secrets/introducer-age.key/users/admin create mode 100644 clanServices/syncthing/tests/vm/sops/secrets/peer1-age.key/secret create mode 120000 clanServices/syncthing/tests/vm/sops/secrets/peer1-age.key/users/admin create mode 100644 clanServices/syncthing/tests/vm/sops/secrets/peer2-age.key/secret create mode 120000 clanServices/syncthing/tests/vm/sops/secrets/peer2-age.key/users/admin create mode 100644 clanServices/syncthing/tests/vm/sops/users/admin/key.json create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/machines/introducer create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/secret create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/users/admin create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/machines/introducer create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/secret create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/users/admin create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/id/value create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/machines/introducer create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/secret create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/users/admin create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/machines/peer1 create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/secret create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/users/admin create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/machines/peer1 create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/secret create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/users/admin create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/id/value create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/machines/peer1 create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/secret create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/users/admin create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/machines/peer2 create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/secret create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/users/admin create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/machines/peer2 create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/secret create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/users/admin create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/id/value create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/machines/peer2 create mode 100644 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/secret create mode 120000 clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/users/admin diff --git a/clanModules/syncthing/default.nix b/clanModules/syncthing/default.nix deleted file mode 100644 index 6cf92de8c..000000000 --- a/clanModules/syncthing/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -# Dont import this file -# It is only here for backwards compatibility. -# Dont author new modules with this file. -{ - imports = [ ./roles/peer.nix ]; -} diff --git a/clanModules/syncthing/roles/introducer.nix b/clanModules/syncthing/roles/introducer.nix deleted file mode 100644 index bdd61dbe9..000000000 --- a/clanModules/syncthing/roles/introducer.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ ... }: -{ - imports = [ - ../shared.nix - ]; -} diff --git a/clanModules/syncthing/roles/peer.nix b/clanModules/syncthing/roles/peer.nix deleted file mode 100644 index d8cf3448c..000000000 --- a/clanModules/syncthing/roles/peer.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, ... }: -let - instanceNames = builtins.attrNames config.clan.inventory.services.syncthing; - instanceName = builtins.head instanceNames; - instance = config.clan.inventory.services.syncthing.${instanceName}; - introducer = builtins.head instance.roles.introducer.machines; - - introducerId = "${config.clan.core.settings.directory}/vars/per-machine/${introducer}/syncthing/id/value"; -in -{ - imports = [ - ../shared.nix - ]; - - clan.syncthing.introducer = lib.strings.removeSuffix "\n" ( - if builtins.pathExists introducerId then - builtins.readFile introducerId - else - throw "${introducerId} does not exists. Please run `clan vars generate ${introducer}` to generate the introducer device id" - ); -} diff --git a/clanModules/syncthing/README.md b/clanServices/syncthing/README.md similarity index 89% rename from clanModules/syncthing/README.md rename to clanServices/syncthing/README.md index b3ef7c465..9b3b65723 100644 --- a/clanModules/syncthing/README.md +++ b/clanServices/syncthing/README.md @@ -1,11 +1,7 @@ --- description = "A secure, file synchronization app for devices over networks, offering a private alternative to cloud services." -features = [ "inventory" ] - -[constraints] -roles.introducer.min = 1 -roles.introducer.max = 1 --- + **Warning**: This module was written with our VM integration in mind likely won't work outside of this context. They will be generalized in future. ## Usage @@ -26,7 +22,7 @@ We recommend configuring this module as an sync-service through the provided opt - **Share Folders**: Select folders to share with connected devices and configure permissions and synchronization parameters. !!! info - Clan automatically discovers other devices. Automatic discovery requires one machine to be an [introducer](#clan.syncthing.introducer) + Clan automatically discovers other devices. Automatic discovery requires one machine to be an [introducer](#roles.introducer) If that is not the case you can add the other device by its Device ID manually. You can find and share Device IDs under the "Add Device" button in the Web GUI. (`127.0.0.1:8384`) @@ -37,4 +33,4 @@ We recommend configuring this module as an sync-service through the provided opt ## Support -- **Documentation**: Extensive documentation is available on the [Syncthing website](https://docs.syncthing.net/). +- **Documentation**: Extensive documentation is available on the [Syncthing website](https://docs.syncthing.net/). \ No newline at end of file diff --git a/clanServices/syncthing/default.nix b/clanServices/syncthing/default.nix new file mode 100644 index 000000000..cf889a504 --- /dev/null +++ b/clanServices/syncthing/default.nix @@ -0,0 +1,160 @@ +{ + # lib, + # config, + # pkgs, + ... +}: +{ + _class = "clan.service"; + manifest.name = "clan-core/syncthing"; + manifest.description = "A secure, file synchronization app for devices over networks"; + + roles.introducer = { + interface = + { lib, ... }: + { + options = { + + id = lib.mkOption { + description = '' + The ID of the machine. + It is generated automatically by default. + ''; + type = lib.types.nullOr lib.types.str; + example = "BABNJY4-G2ICDLF-QQEG7DD-N3OBNGF-BCCOFK6-MV3K7QJ-2WUZHXS-7DTW4AS"; + # default = config.clan.core.vars.generators.syncthing.files."id".value; + defaultText = "config.clan.core.vars.generators.syncthing.files.\"id\".value"; + }; + introducer = lib.mkOption { + description = '' + The introducer for the machine. + ''; + type = lib.types.nullOr lib.types.str; + default = null; + }; + autoAcceptDevices = lib.mkOption { + description = '' + Auto accept incoming device requests. + Should only be used on the introducer. + ''; + type = lib.types.bool; + default = false; + }; + autoShares = lib.mkOption { + description = '' + Auto share the following Folders by their ID's with introduced devices. + Should only be used on the introducer. + ''; + type = lib.types.listOf lib.types.str; + default = [ ]; + example = [ + "folder1" + "folder2" + ]; + }; + + }; + }; + + perInstance = + { + + # instanceName, + roles, + settings, + ... + }: + + { + nixosModule = + { + ... + }: + { + _module.args = { inherit settings roles; }; + imports = [ + ./shared.nix + ]; + }; + }; + }; + + roles.peer = { + interface = + { lib, ... }: + { + options = { + + id = lib.mkOption { + description = '' + The ID of the machine. + It is generated automatically by default. + ''; + type = lib.types.nullOr lib.types.str; + example = "BABNJY4-G2ICDLF-QQEG7DD-N3OBNGF-BCCOFK6-MV3K7QJ-2WUZHXS-7DTW4AS"; + # default = config.clan.core.vars.generators.syncthing.files."id".value; + defaultText = "config.clan.core.vars.generators.syncthing.files.\"id\".value"; + }; + introducer = lib.mkOption { + description = '' + The introducer for the machine. + ''; + type = lib.types.nullOr lib.types.str; + default = null; + }; + autoAcceptDevices = lib.mkOption { + description = '' + Auto accept incoming device requests. + Should only be used on the introducer. + ''; + type = lib.types.bool; + default = false; + }; + autoShares = lib.mkOption { + description = '' + Auto share the following Folders by their ID's with introduced devices. + Should only be used on the introducer. + ''; + type = lib.types.listOf lib.types.str; + default = [ ]; + example = [ + "folder1" + "folder2" + ]; + }; + + }; + }; + + perInstance = + { + + # instanceName, + roles, + settings, + ... + }: + + { + nixosModule = + { + ... + }: + + { + _module.args = { inherit settings roles; }; + imports = [ + ./shared.nix + ]; + + # clan.syncthing.introducer = lib.strings.removeSuffix "\n" ( + # if builtins.pathExists introducerId then + # builtins.readFile introducerId + # else + # throw "${introducerId} does not exists. Please run `clan vars generate ${introducer}` to generate the introducer device id" + # ); + }; + }; + }; + +} diff --git a/clanServices/syncthing/flake-module.nix b/clanServices/syncthing/flake-module.nix new file mode 100644 index 000000000..c9fe291b7 --- /dev/null +++ b/clanServices/syncthing/flake-module.nix @@ -0,0 +1,23 @@ +{ + self, + lib, + ... +}: +let + module = lib.modules.importApply ./default.nix { + inherit (self) packages; + }; +in +{ + clan.modules.syncthing = module; + + perSystem = + { ... }: + { + clan.nixosTests.syncthing = { + imports = [ ./tests/vm/default.nix ]; + + clan.modules."@clan/syncthing" = module; + }; + }; +} diff --git a/clanModules/syncthing/shared.nix b/clanServices/syncthing/shared.nix similarity index 72% rename from clanModules/syncthing/shared.nix rename to clanServices/syncthing/shared.nix index 05c28cd9a..7da28473c 100644 --- a/clanModules/syncthing/shared.nix +++ b/clanServices/syncthing/shared.nix @@ -2,49 +2,10 @@ config, pkgs, lib, + settings, ... }: { - options.clan.syncthing = { - id = lib.mkOption { - description = '' - The ID of the machine. - It is generated automatically by default. - ''; - type = lib.types.nullOr lib.types.str; - example = "BABNJY4-G2ICDLF-QQEG7DD-N3OBNGF-BCCOFK6-MV3K7QJ-2WUZHXS-7DTW4AS"; - default = config.clan.core.vars.generators.syncthing.files."id".value; - defaultText = "config.clan.core.vars.generators.syncthing.files.\"id\".value"; - }; - introducer = lib.mkOption { - description = '' - The introducer for the machine. - ''; - type = lib.types.nullOr lib.types.str; - default = null; - }; - autoAcceptDevices = lib.mkOption { - description = '' - Auto accept incoming device requests. - Should only be used on the introducer. - ''; - type = lib.types.bool; - default = false; - }; - autoShares = lib.mkOption { - description = '' - Auto share the following Folders by their ID's with introduced devices. - Should only be used on the introducer. - ''; - type = lib.types.listOf lib.types.str; - default = [ ]; - example = [ - "folder1" - "folder2" - ]; - }; - }; - imports = [ { # Syncthing ports: 8384 for remote access to GUI @@ -65,7 +26,7 @@ { assertion = lib.all ( attr: builtins.hasAttr attr config.services.syncthing.settings.folders - ) config.clan.syncthing.autoShares; + ) settings.autoShares; message = '' Syncthing: If you want to AutoShare a folder, you need to have it configured on the sharing device. ''; @@ -80,12 +41,8 @@ services.syncthing = { enable = true; - overrideFolders = lib.mkDefault ( - if (config.clan.syncthing.introducer == null) then true else false - ); - overrideDevices = lib.mkDefault ( - if (config.clan.syncthing.introducer == null) then true else false - ); + overrideFolders = lib.mkDefault (if (settings.introducer == null) then true else false); + overrideDevices = lib.mkDefault (if (settings.introducer == null) then true else false); key = lib.mkDefault config.clan.core.vars.generators.syncthing.files."key".path or null; cert = lib.mkDefault config.clan.core.vars.generators.syncthing.files."cert".path or null; @@ -98,13 +55,13 @@ devices = { } // ( - if (config.clan.syncthing.introducer == null) then + if (settings.introducer == null) then { } else { - "${config.clan.syncthing.introducer}" = { + "${settings.introducer}" = { name = "introducer"; - id = config.clan.syncthing.introducer; + id = settings.introducer; introducer = true; autoAcceptFolders = true; }; @@ -120,7 +77,7 @@ SharedFolderById = "/rest/config/folders/"; apiKey = config.clan.core.vars.generators.syncthing.files."apikey".path; in - lib.mkIf config.clan.syncthing.autoAcceptDevices { + lib.mkIf settings.autoAcceptDevices { description = "Syncthing auto accept devices"; requisite = [ "syncthing.service" ]; after = [ "syncthing.service" ]; @@ -138,7 +95,7 @@ ${lib.getExe pkgs.curl} -X POST -d "{\"deviceId\": $ID}" -H "Content-Type: application/json" -H "X-API-Key: $APIKEY" ${baseAddress}${postNewDevice} # get all shared folders by their ID - for folder in ${builtins.toString config.clan.syncthing.autoShares}; do + for folder in ${builtins.toString settings.autoShares}; do SHARED_IDS=$(${lib.getExe pkgs.curl} -X GET -H "X-API-Key: $APIKEY" ${baseAddress}${SharedFolderById}"$folder" | ${lib.getExe pkgs.jq} ."devices") PATCHED_IDS=$(echo $SHARED_IDS | ${lib.getExe pkgs.jq} ".+= [{\"deviceID\": $ID, \"introducedBy\": \"\", \"encryptionPassword\": \"\"}]") ${lib.getExe pkgs.curl} -X PATCH -d "{\"devices\": $PATCHED_IDS}" -H "X-API-Key: $APIKEY" ${baseAddress}${SharedFolderById}"$folder" @@ -147,7 +104,7 @@ ''; }; - systemd.timers.syncthing-auto-accept = lib.mkIf config.clan.syncthing.autoAcceptDevices { + systemd.timers.syncthing-auto-accept = lib.mkIf settings.autoAcceptDevices { description = "Syncthing Auto Accept"; wantedBy = [ "syncthing-auto-accept.service" ]; @@ -162,7 +119,7 @@ let apiKey = config.clan.core.vars.generators.syncthing.files."apikey".path; in - lib.mkIf config.clan.syncthing.autoAcceptDevices { + lib.mkIf settings.autoAcceptDevices { description = "Set the api key"; after = [ "syncthing-init.service" ]; wantedBy = [ "multi-user.target" ]; @@ -182,7 +139,6 @@ }; clan.core.vars.generators.syncthing = { - migrateFact = "syncthing"; files."key".group = config.services.syncthing.group; files."key".owner = config.services.syncthing.user; diff --git a/clanServices/syncthing/tests/vm/default.nix b/clanServices/syncthing/tests/vm/default.nix new file mode 100644 index 000000000..e9ba41a44 --- /dev/null +++ b/clanServices/syncthing/tests/vm/default.nix @@ -0,0 +1,47 @@ +{ + name = "syncthing"; + + clan = { + # test.useContainers = false; + directory = ./.; + inventory = { + + machines.introducer = { }; + machines.peer1 = { }; + machines.peer2 = { }; + + instances."test" = { + module.name = "@clan/syncthing"; + module.input = "self"; + + roles.introducer.machines.introducer = { + # autoAcceptDevices = true; + # autoShares = [ ]; + }; + roles.peer.machines.peer1 = { }; + roles.peer.machines.peer2 = { }; + }; + }; + }; + + testScript = '' + start_all() + + introducer.wait_for_unit("syncthing.service") + peer1.wait_for_unit("syncthing.service") + peer2.wait_for_unit("syncthing.service") + + # Check that syncthing web interface is accessible + introducer.wait_for_open_port(8384) + peer1.wait_for_open_port(8384) + peer2.wait_for_open_port(8384) + + # Basic connectivity test + introducer.succeed("curl -s http://127.0.0.1:8384") + peer1.succeed("curl -s http://127.0.0.1:8384") + peer2.succeed("curl -s http://127.0.0.1:8384") + + import time + time.sleep(500000000) + ''; +} diff --git a/clanServices/syncthing/tests/vm/sops/machines/introducer/key.json b/clanServices/syncthing/tests/vm/sops/machines/introducer/key.json new file mode 100755 index 000000000..7d1180b75 --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/machines/introducer/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age1t6s4d0sn3jlzlu7zxuux5fx8xw9xjfr0gqfaur0wessfrxsg35hsqttv2t", + "type": "age" + } +] \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/sops/machines/peer1/key.json b/clanServices/syncthing/tests/vm/sops/machines/peer1/key.json new file mode 100755 index 000000000..dea4f5847 --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/machines/peer1/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age1mq8u3x9z8v3zdm59qslxyn33zm0rpjzrd9sr9fjzqwp8d66t9czq626xsd", + "type": "age" + } +] \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/sops/machines/peer2/key.json b/clanServices/syncthing/tests/vm/sops/machines/peer2/key.json new file mode 100755 index 000000000..0b745002f --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/machines/peer2/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age18mp7v3ck9eg0vqy3y83z5hdhum9rc77ntwal42p30udejkzvky2qjluy4x", + "type": "age" + } +] \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/sops/secrets/introducer-age.key/secret b/clanServices/syncthing/tests/vm/sops/secrets/introducer-age.key/secret new file mode 100644 index 000000000..1018fc3b0 --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/secrets/introducer-age.key/secret @@ -0,0 +1,15 @@ +{ + "data": "ENC[AES256_GCM,data:JbpTTfHD92NlaUR7xAyJFoqD+4mYDlpE1gdWuCsrMyar8rUzS6vX7i7ymd69K0tPAT/UUZAmNacPFwvjTkZmdv+/719FNBkowrc=,iv:ZHTcm+V1dNZ07kRQEDNFYh8NMMwZ5g5cq0Tg281Aaec=,tag:tjAJRuQrRC0JYhS0tA+VUw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJZWV1ZUZlODZ2OXlXbzVX\nSTkzV0VFL1NJVXpzKy9hTy9NN3gzeWxJbzE4CnJZc0JYd2s3ci85aDFuQ3pJbmtT\nSWZGRmREM25nWjhkZ1hGNE0rcVpMbFEKLS0tIDk3aHZ6ZVlaTmhOV3B4b3g5MzV4\nUUNWcXdHcTlVVEw3UGlxQWtBSDdpMk0K6nCih/rHq4vLS/oDz8cbjY8TVVsQmzaW\nivSd3WhpUaRdigyw/u3/5Lmaii1awy2qJdyREbzzUVgJPfoZ87pabw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:15Z", + "mac": "ENC[AES256_GCM,data:KoxJwNfRO1SDlgCc5p9+ZDP6rXOAUXG48ousVXKgNfR+qyS9i0FIYjgJxsSxzsYyn0Md7fbbJdX8MEnJZkgkTn0pJ46HfHsD4oiE66AF4pcgdIssTo4BX6RvoqbCdtS6hi6dpyrW7j1PPhwO3DRhaFIO58Nk1fxcVpyATzm8Gyg=,iv:SYotgqC8fA80mmjYZxUM0p+MUGxRYKHCd1pscS3HVt0=,tag:3XrQabwt+KEtk8JLZ4HTPA==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/sops/secrets/introducer-age.key/users/admin b/clanServices/syncthing/tests/vm/sops/secrets/introducer-age.key/users/admin new file mode 120000 index 000000000..9e21a9938 --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/secrets/introducer-age.key/users/admin @@ -0,0 +1 @@ +../../../users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/sops/secrets/peer1-age.key/secret b/clanServices/syncthing/tests/vm/sops/secrets/peer1-age.key/secret new file mode 100644 index 000000000..08ae883c0 --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/secrets/peer1-age.key/secret @@ -0,0 +1,15 @@ +{ + "data": "ENC[AES256_GCM,data:Lr3bPR9MjNvwBYPIQg0D4qIDhRbD++ZOpuGvz093d+DWva1b4h1jhcsnmziOvINZQ3vVpizklkASRWo757FOJLLV1LiXNqiZAbY=,iv:HbsNN9Who9BFTHEUrRVAA5MAkadXVqTGEsq5kTPZdQo=,tag:pGW8oINEGRjDgg1JoHdUEQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBM1Q5UEpvaDQ4K25oTWN3\nbmdPaTdZUTFFR0xUVEttajNXOSt1T3BnTjJnCkE2eUVleXJKckovdkw3ak1xUGZj\nK3hET0E0OU5KYlZLL2daZFNaZ3cyS00KLS0tIHFwMW9LTHNLR1JwaHdiMnc2bWhH\nMWtwMElUYW50ZXlGZG1US1hiWlNoRjAKTg62lhjMCG1uPtxAmq5L7QGwmlwvGnxG\n+qTZHAPAoTUaWtnJfJpueGB1OJbr4HbUH0gN0cBqq7Y0DGIyvGqidA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:27Z", + "mac": "ENC[AES256_GCM,data:1fh6Jp+y6jGI3NgZMgGcuVHX3GLXYH9LKbPG4cVwOk1otX94zr0UcrVOSgH3m9J7QpGlFl48HwCfoNZzkRVmX633Px1UZQopOSZLao8Ao7ZcAwP3EmIowwJBC8//pYIhE6JwPlIlRbHOQRDd8HhIM1VwNjc8dUBBX0VyTAgyT4w=,iv:0Z722NhqETyVY+mkerERVw9TmKx0aASdSdYYdNucmCg=,tag:PT56bX50YajhlHQttz+Ffw==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/sops/secrets/peer1-age.key/users/admin b/clanServices/syncthing/tests/vm/sops/secrets/peer1-age.key/users/admin new file mode 120000 index 000000000..9e21a9938 --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/secrets/peer1-age.key/users/admin @@ -0,0 +1 @@ +../../../users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/sops/secrets/peer2-age.key/secret b/clanServices/syncthing/tests/vm/sops/secrets/peer2-age.key/secret new file mode 100644 index 000000000..3aa1e4f56 --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/secrets/peer2-age.key/secret @@ -0,0 +1,15 @@ +{ + "data": "ENC[AES256_GCM,data:XgQnGe/dmXyir8gDOgcsdYok1d1blDBx+AFDLw+tXBzv5FY1pSbonSuOKmEVWDEmRCR3o1D8qiuUrDsa68D3als69A/bRhYHR+A=,iv:JzNB2VjE+HHAOQXkN3t95wQPiBBj/c93X5JHP8fosHg=,tag:fcAG53Tp+38NAfqSObIa4A==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6amIrbk9uV1IyQ20zMExo\nL0RrMmxOa3dEOGNmZFhIWXF1Sjc1K3VtdkdFCklLdEVNYnpsclRUdUtyTmVteWhu\nMHpPQmYzSEVldytGazJ1azBnQWJsaEUKLS0tIEZFY0hMNnV1TE9jODdpdy80eXRx\nMDZWSGt1MnhYQWJoMmNoaW1KWGVsVk0Ki0VQLz79+QQeiOri0aBqHEsVessIyjX8\nv3OZAjwMglPNv3j4CIqY/F4sfrAYxKUNB7g0Ui56BZlrG/i68EupAg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:39Z", + "mac": "ENC[AES256_GCM,data:081iGB26aJv0067lLJVetcKOyzzaHys6W70hcxB9010kpyU6AkxNt+HCa2lvJNAv+lls4WXgM6WsD/KODkDvbZsP4U3P9sJqY4RbTqJvypN4yjmzogneB7GVOenMQ8ywbm+ILM54nx8Enn6GPm4YX6yTat4WVTFFd+dJYmfBBmM=,iv:rXOqKtBSZvwozT49Zhp6aBpLXWlim7KLRGg6yIb2vkQ=,tag:vmjlvW0PNlHYs7syshJETg==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/sops/secrets/peer2-age.key/users/admin b/clanServices/syncthing/tests/vm/sops/secrets/peer2-age.key/users/admin new file mode 120000 index 000000000..9e21a9938 --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/secrets/peer2-age.key/users/admin @@ -0,0 +1 @@ +../../../users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/sops/users/admin/key.json b/clanServices/syncthing/tests/vm/sops/users/admin/key.json new file mode 100644 index 000000000..e408aa96b --- /dev/null +++ b/clanServices/syncthing/tests/vm/sops/users/admin/key.json @@ -0,0 +1,4 @@ +{ + "publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "type": "age" +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/machines/introducer b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/machines/introducer new file mode 120000 index 000000000..d42417fce --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/machines/introducer @@ -0,0 +1 @@ +../../../../../../sops/machines/introducer \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/secret b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/secret new file mode 100644 index 000000000..c51fac836 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:/dsV5uaNTBmB82lbzlQHGyRbFeXM9l32igrLcfGG13td,iv:6PB0LqjRtvrSYxeOPN+261VqacGg0jczCyyF4FZQa/I=,tag:4GlcYRhYhHVdSkwDSzcT6Q==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKYmJIUVhVQ3c3ZnhweUhU\nZnR6THB1Y2RjWExPckIwNEl1SlRGeVJORUVVCkk1ZzZwbGNwc1JQOFRpN2MwT0xG\nZTErNzVmSnhPazJJVHBKUnl6d2lYaVkKLS0tIHJRclM2WEYzQTRwVXRHcUUxSTlt\na1pHamdpdm9hUU9PSndybzdlMWY3NkkKcTnYp/5fUTdiNr0ajJeAPuLwhgWAdlAE\ngZ4soLdZoBFUHSsh0LhEm6jO2DXEKUZY7oLZi1gSZZbPA7PI/5k7OA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1t6s4d0sn3jlzlu7zxuux5fx8xw9xjfr0gqfaur0wessfrxsg35hsqttv2t", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3THZibDFMaTZrKzJVWjd3\nd3RScjZVZmNlbitmc2FkRXl0UlVmZlRoM2dJCnlkUW1pa3dHZlNqTklxc3dZTkha\nQUpWck5BcEk4NjRjSXI3TlFzQ0pzVVUKLS0tIFpJdHJzKzVkeGFBcnRvR3pDeFN2\nNFNFaW9kY3JXdzk0Q3hPS29iOFRkK1UKoQSqFLIAeU6aRL+rDQ+oJ9PS6aAtAPeo\n5Kpwoi3KQHVrDDIRBaxvZ2BXObOyU0tBqjzBdrOgtRn+96HmnZ6JDw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:15Z", + "mac": "ENC[AES256_GCM,data:4T1+t0hZwN0ThdXoCcNeUiQNj2RosRP6HL6SKmsnECn3pmDZqJEt/0xEQWDeDcvfHyZkJAFbU0RfhYsyz2wtYZwuMDL8WEbHURa1GQ4uKNWfUPPeu88eTwnYsbvtUS6TdRZ26eDoQKDNEed1cy9TfI4Bugdt0rrl6O+su2Ikvyo=,iv:aMLJ4r55UY5cIB1rQNns3jN2U/ZjfFN1vl6ZsXpcBbo=,tag:P2Dv7LeGB1fT4TYHwJgLGw==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/users/admin b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/apikey/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/machines/introducer b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/machines/introducer new file mode 120000 index 000000000..d42417fce --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/machines/introducer @@ -0,0 +1 @@ +../../../../../../sops/machines/introducer \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/secret b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/secret new file mode 100644 index 000000000..68822e98a --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:6bI+k3BUKfpOnYSZx6ucCEKLvPCC2+LVrHzxQyN7MvLKk43LnKsfSSI8lpp5l8CE8Bpcpq9BqWVU3ZhnwmM4RbiHg/+C7R374KqoV0TLXMwq4lkeVM5oh4On2qBbnxsXtBz6NbJmIiJPPTT5YARdDAdIVUZ21jOj7G5jvm1BbAWojVkrKpb5IpOTmuxSA0CPEQRsvP9NHH+5Btm3J8Py4bHcRpgNeKaFfTrJjtXN2te8hTjJb8sGmFvuOr92Tdh/+O5qeA4SjMXqRJEiJiE+Fc9X9ukrxlZkDwsSn2gXQu7ahGhjOZCvQ/Th9j55/ZPiu5zrypfBIltSfGaMzHTqSECSGozfNSqbAAuu/ybCMmp87HDg9RQ3M/2yYqmSs2cRSB1/jN7ha3LTEnPhPKWnpOmnNvQT/rSX0wyfGtdKVk0bIgEc28wIKANyJC+HPPtENdcmdUhx6q2CRi1h+nFz92zkRGzWySgCcl51WawFDD6KRKLvqpq9LWv/bNl4NOQd307hPZguLLB6/Q/yV29j+XgGrZcmlOnn5NfAlVfF+F6ckebPxDKMg0Z3DD/83DPM18iO5SeDcaNVS3c3KoeSpURWMHr5+2n+qtu3wVvKsPPhAsBV8diwGxp5z00Rr84mHXPfnz56Tr+m/rYLfflryrybxTujcuWFCGgzwMdeaYx4tz7lQAY1XtdKSNTYjhWdDfFbqThP3HVGJsRQshCd+8Q4miEfJzDmUgbrUuoF3VjkMApZ4wULV5BCcLrDYIXkwu1lyDt5fk4G0TyZCP8JvBV3zcVxjAPW86tSHNcX0V56Yd090s51u0iJyM/eqNxoNXa/DWBuLd4jpWJRz2c48pUO1XRgqvZHFmUcO5q7SPL/bCvdpjqaopnOqt3501zGB2q+TGfyZUZ3sqtylTPz4C7tv/hrCzmRCTzEFlfsmUOi08DL/6K65ihe6uXjoH2fB7ypjUy4u5L1XcBIvxSitcSacosJHSUtWcFZ6mWIgVyChTjWRfCAF4eB3aVctW+OmVTeiTcdAfbDiPR5FNyDWPTMnnorjBVZkpU=,iv:RGNo6ipQplIsHL7avQpTgEKMDifKnB5W96vYf6X96cQ=,tag:k8oObQ1m3aVnG94MR7dhHw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5NFVRb3cvZEZXdW1xWlBP\nWWNCRjlxYmpPQ1k2aFBmOUR4M0F2ai9Iam5ZCkxzU2dUamZXRmRqV3ZyWTRvdUda\ncTlHa1BuSDQ0em9lMXRwUlc5V2E1WUUKLS0tIDRkamJVZ3NIVlJGRlNrK0EyT09x\nbHVsMzlKVzJGNS8vVVlHRlFJRmUvUlUK1OSBTQi6R3XYEZEQmpGCrMr8m4jCBRiV\nj/G9sCahhTUc0D7E7DTXD3fwfXnZk1bD7buA99f908DT2Bjv4TfeKQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1t6s4d0sn3jlzlu7zxuux5fx8xw9xjfr0gqfaur0wessfrxsg35hsqttv2t", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwZkJFbWhINkxmK3g4RHFN\neko4VTZHVGZOK1E2dFVqbWdVZktnTEdqT1JJCnBraG1acHVrNzlBWmJhNEMya1Fi\ndUw0NDdKakdLcGE1Z0tsSHVvQ0l1NFkKLS0tIDZvek42eXVEbEdWeG1vSENnakQ4\nQzlGaUNKMVhEM2QwY3ZPTW5nYXNLUkUK2laHy33U+hcQMT4jlUOqtVRCy+hNHyaS\nyuSk1i7Am3VeProaXccREjHjYRHn/l/B1oLRQQQT4cLcComxOArz0w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:16Z", + "mac": "ENC[AES256_GCM,data:CVyuCoiArDYnoz/GQ0OZ2K0rJ1+Y1xoznp+v4rxAfL22fv3mY29EDw7ByYXxye0ARCD8gBFCpKeUvWbfOPJGfjsfAFT0AxLYFbUONgejYZpVZbnlElfLUSi39ZhaSwcImqe4RLJ2TND/HuJ6jwz0Lb1h8BWOq5/NeF8JJH2tHFo=,iv:n2liiufvBjCjASBIAmOu2Q5IONsX99GFmZw7YDeHJ+4=,tag:0bYMs8k362w7jApCird4yA==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/users/admin b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/cert/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/id/value b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/id/value new file mode 100644 index 000000000..3497bde2c --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/id/value @@ -0,0 +1 @@ +UHILKRC-BZSMZT7-CA5ANWX-DJTR55R-NBGUBK4-SOZJG5Z-MONIHKP-ZHFGOAL diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/machines/introducer b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/machines/introducer new file mode 120000 index 000000000..d42417fce --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/machines/introducer @@ -0,0 +1 @@ +../../../../../../sops/machines/introducer \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/secret b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/secret new file mode 100644 index 000000000..4cc609ef9 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:YOzFYRjbmtSqzz+gaimswru/Xl3h2bZ0zkkM+QokycDIGhk5wrdlrGNJiaiQk3xJ1JUEbJewmsBFPz0Xcl8Nh2aAj58s0fMg/H0lb6WfF0n7B4u3TZ6urWir4ViUPdVxcS7oxKhJCU2KoqFNpXS/NjRCmi4G12j42VGBStLNxCFZ8EH4oK/nV0tYpJ++meKA9IlQbuEKmAv6Xt7Ry1isW4THl7jzYwE6y7I1ThqudnDtvqguY+Nl27vMmFed+WmpE4jsXjeW7T/CTynafen81uL7gP6xiy/n+3nZNYgutHCTqa1AonITDIJrzRjAPMmYxwv0k1ebYImBCT0wH7rnmbLF7y4EMNFuA3O5nAvpZ8tkkLzooVf0PCYrtWbwsxOm,iv:T6aRMEHnOezxswMnJXBXoHVkVDFtDqvtCRhqvQHLOWU=,tag:2zTGHZWCt6SQrESyC3f9Rg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSK2pOU0Zoam52V00vdnFi\nR2hpenpHQ1BDaHlyODZ0cmgvdzlLMTZ6em5VCi9sdG9zdzY0Z1pDQVF3dnNSREdt\nQVVUQ29uaE03SWM3bnA3blRHZWJmUmMKLS0tIGwyNUhVMTJ5SkxudlZaVUJaM0xJ\nSEpoaFZaUlczMkYxWlZhb1RBbUZ3SFUKGmjG+r998QLDJylznGhuqa6magj9x9PM\nly7PlqaoZ1diLuFklqFVExK3cXwvA6xdOScZqd8/P/sEdzAodDuKQw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1t6s4d0sn3jlzlu7zxuux5fx8xw9xjfr0gqfaur0wessfrxsg35hsqttv2t", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnMlpRK043Rm0zbTJxUGlv\nbE5mOUhhZDQ3a2UrNVhHZithUTJMRlo2Q2hZCjQ2aUt6VXpuOVE4dVVyVFc0WjBm\nMWI0SHVqYUNjdkQvSXY5QWdFTDRjdGcKLS0tIDBleURzYVBlZVcwQk85YzhOWE1z\nd2ZwYVRMM0dxM3U0RWI0Z2kxSjlETWsK+/m7xmcoXlnfYkRL3RK1VATGY6RtkmHA\nfg+YeAENLT1Mr9SnJCWcodxFicz8hiN5PinjynjqWgfv/xLMuh2G9Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:16Z", + "mac": "ENC[AES256_GCM,data:dKjYJ4ogUztSwuP6gkyXj/gYd3TDztuwivhtRzLYwoJLJ7c4anEeZDA51tslnhdDDXQ101JDEt0tD05wAo1YdLTNg9YR0eAh4wZ/dkJ+U92U7DYEW40YXxy8co/WWW50eYqbD6SnZbZAMjf4SbaH6kqtS2MTqeba2B1G/y8sb94=,iv:Z8tzsvSTRjondcN0Vnc3bcyVlVnpqLYRoaOCe6dLQGQ=,tag:leifNnUovWvO5cqzyN2PNw==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/users/admin b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/introducer/syncthing/key/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/machines/peer1 b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/machines/peer1 new file mode 120000 index 000000000..3e5f3fae3 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/machines/peer1 @@ -0,0 +1 @@ +../../../../../../sops/machines/peer1 \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/secret b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/secret new file mode 100644 index 000000000..8a7c01e4f --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:W48JccasfJGc+WJOgGJf+T5OfVYSAfvghuXC7wUqVkkI,iv:Ukhb8+d1FrZPSmerFZUbuL/G2yHpBNSJeRL4nYG2Cm8=,tag:FCf3VI+eBsmrXvbsI62B7w==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1mq8u3x9z8v3zdm59qslxyn33zm0rpjzrd9sr9fjzqwp8d66t9czq626xsd", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTbkFSTTBYVlNjVjNyYmIx\nSjl3UUp5VVlJZ2xudW8veS94VUVwbS94NHkwCnZ3LzZocFBnYkN3K0wwelhYalM5\nOVRmN3g1Tk5rRTViZXkwT244b1I3bzgKLS0tIEpKdCtiSTdjREV4OVZDbU1rdDk1\nTnZZTEk5OEZlWFRFTTVITkRCTFVFQXMKV8SdppHqwCEIyRTNUxjG7AtGZyVZuKBr\ndXURED8uLw37i2gvAzlUZLzQieV+F//muVF4fFONucBq5wnRskyBTA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWb1p5WEM5d3h1RVRpRVVk\nMXArMk9DOTNoYm9yT3pXbWV1YmN4MDFXd2hvClJpUEwwM0pDSUtqZHRvaTI1RlNF\nTkRBYlo4R1lpR0Y1YnRLWGIxNThFMFUKLS0tIGIzeTZ1QVJTZ3VlbjgwN1Z2Y3Bw\nTWxOT2xtVmR0Zm1jeW8wdE1xTEQ0aDAKkMuwZwMPUPO8kGmc7xCElxvpTFfGqag4\nXm6KaoyGNJO5OoWoXgJawynRNyJX2JFGjcI1M1xK4ItYU5NF4Po8ig==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:27Z", + "mac": "ENC[AES256_GCM,data:uOaOVlLb+qLshDC4Y1KxYFgsPpHmNlfDaaPHcBBvNs7brBfsfZOPwVXqPxj5M9IzhD87l7kbYisaeBCqDKPM+IdZV1C3WstRu70a26onLl+JMXYpJSUljQwZKWnL7e48o4MZqcOtY0ghcAajI2if7nnGdKXIF5djdSLwSWHx9e4=,iv:Alb7j8UVmfLHmMzwBpJ9Aor+lffm3P3DAJaipvX6LH4=,tag:L4pTMxjA6dRhK6nl2Kokhw==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/users/admin b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/apikey/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/machines/peer1 b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/machines/peer1 new file mode 120000 index 000000000..3e5f3fae3 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/machines/peer1 @@ -0,0 +1 @@ +../../../../../../sops/machines/peer1 \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/secret b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/secret new file mode 100644 index 000000000..f3dead9c1 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:n5rS499IeNmb7or1zApWyDa74HcFhCGv35zn1DsYED8lWGEnmSFMbOUFlKwa3cBWiGRyQ2UjGzdb7lmDmoNLNzd7JB4ARgI5DapVtj+ymn56VIK5GTBOsRzJgtT4lqh3vEu4Spuv290aBHHg+lsPfdTfsJuOgAr4PVgnNY3O6Exz6EZwOSSvbUX5if7G96Y1bemF2Hh1AbdOg5KvB/Uh6mBW17hnUnbqxT7O7fepYmsSLB/qjBJWVivoMtMQWoQL8IkOapmuQYDf8ig+2FMxzcAQ71wTpTlXLGJ/XAuFSx1tJzpLbFCOpvLtGnemoUIB8viBjgfyTqN5iboJvk/WX110609yx0ew/F45CfpBfjQ66iI1shiCidfPm3ZHCO7KSjXzXEmjX5dVFp3xpz58yJH8LwQtrIQB1OQsLKe2ZmrYfjydoDuN9N+A0a6qN6KJUvIGVxNKnQ1rjj8uq4toVhxsSLQrfNkTFPA1Q624rCOu04oz3wd/oPS28war85atfMjmz9JU+Hw5u5qaxgl7UJno1VYknsrrYDIAGPxUwO56t9kHIgOZpNuD6JqDBJAfGJ1oPT+zVIBcNwNg0Z577g0l9rCLNdKInVCVahxZLCVe3LidtxL/bNzvSYHb09RbkJIhdWn7ouYCHwRRWN5kWbUopm2hHVZjRhC2CGJLBZ3+aLkEJzyZGcQCLF6Jc+/659FD8dXdaqfbR/vEKaVhoLL/WGKeo/lZL6c7TaVwDSIIa7dkk/QvGvmWhO+qG8yIs4vciGa06I62P1Y+9DsMrrWu/yqLTSkWtOpKdvIBh/jPOC4t56JEb/ksIvDLKSdrtrtHyRdCkzZ95XQDAM/a2nv+LnH75Yz9q/R0Caex/OSATCFpNcoyeSJwC5sSs6nV/NJ18YynzclSaKmAvMM8XVx8jrtUEp1yIzgBogxTFJ+yTsvEa6y/yCF3i80RrJNIkOKJDR48g7R/RJTufR+YxQj+RjWpgHbkc/Uhb0cR3X5A0ptA2X6Qz+cW9NXr5dA3A4lVsFzkZLzulqPhCxT9+g8OINx2+ayNx/M=,iv:xy7UNpO48flvQE+otJfHUJLhZlOuUueXLP03cDigXFQ=,tag:HeWayOjoZmVa0dr8GPN7Iw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1mq8u3x9z8v3zdm59qslxyn33zm0rpjzrd9sr9fjzqwp8d66t9czq626xsd", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBITjNQcHMweFY1ekNkdWFs\nak1wcm5td29BcTI1OFBtMnFXcTg4SEJlUTFZCjc1YlovcSsxOUNFWGIxZWVsRU1L\neS9wNE1rWU05WDdSZEQzbEZib2Yxa3cKLS0tICt4TjVTOG1JUENSNW8xNVlkZHkx\nem1EMEI3Skx5R3BmLzVRYjBkK1BRODQKfX1nexjFXyXxGBvDRlssjw3XcwvtGxGC\narZ2/kmF2nETLoNDVcNIxV5KUPohhTwWdlrmPGksquBrUCjElMOVLw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwMFZ0clBPaE1Xc1NGRTFK\nWlFGTWErdEtoSUhEeG1jWWNycGZsd1h0S0RrClQyQ1dRWGI4VzZRQXlvd3ErU00w\nTjNnQ2VJZEhpZ0RQdUxBUHpONjVNNjAKLS0tIGF1enFGWnhFL3pCM21nSTlhUUxs\naFQreFI2NzJmZVRZeVBxNVBQYVhTWEkKkGUPL0hOBAX2L7Vezq7Sf1V9Yu//X1/x\nNHndFsjTBcaFbDWCxcZpqVvJ0paKm46Nm+AQyhThR0OGCsKbRJhSlQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:27Z", + "mac": "ENC[AES256_GCM,data:NieKHtjtSL9NsDsFnIU5MN8pVp55r05Qu7Qf9Pde8W/60xkF1A7kML1zpbUbMfp05VS26aIENps8BOyDZhCJgZG/89NLXccGoJTKFLDUyKDqzwCPuEK+enbRm80VQnPpMLxRSMacCl/Qm3QxpQzLuasQvLH1c18BBhy+jpwuFBY=,iv:NbA65YXGIlkWXu9tmDHdvNL4xxlfp2FFFpjckJ86E80=,tag:XX6T/Hs8W0htQyp7DJhahQ==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/users/admin b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/cert/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/id/value b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/id/value new file mode 100644 index 000000000..8cebf9c1a --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/id/value @@ -0,0 +1 @@ +LFXPW4H-IIDB5K4-SZ54YJL-PVRW2Q7-52YPHEI-6VZQOQA-PSAVYPV-QF5BCQA diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/machines/peer1 b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/machines/peer1 new file mode 120000 index 000000000..3e5f3fae3 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/machines/peer1 @@ -0,0 +1 @@ +../../../../../../sops/machines/peer1 \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/secret b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/secret new file mode 100644 index 000000000..e1dc905af --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:QnnXrKYiJMtNQlHBBjwZeosvLjcuMwWH+YjRwy3OeaPQ9gJbj2sAUrkoZSqc5jzi577nTympol92bGIRP51TKJ3k/i0cq7P/UyGIWCjPUi5jmJs3tY8rfztlcyiXr0TPYVYyZDp1ErPfFW96xWjfaSgopjScYGRS/NGkaRedQuP39Hwg4rIPpdrkEbPgVIMCHJdvMcPm2a2RmqX1PzoBj+TEQMCFxyuRg2cTVoqyyYv95w19T+5GddvbVDmB9c8OhG4VS9nqfgdL0IJ3TMUnJAC/S1wfj64YFdhrt7lzR00xriht19ZS+HPhLlBjSruZXa4SrSEtdIMfTAXlVwtw5e/LENhiKumyhmUMqlPRJPANbgZTxa6g1Wq3NmGIOQB6,iv:2I5JcaYbEA4W9zLWTTR4j4I1hREDqb7Nh4Wg9AVEaHE=,tag:WiJhtiPjTMN+CgJU+KNmgw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1mq8u3x9z8v3zdm59qslxyn33zm0rpjzrd9sr9fjzqwp8d66t9czq626xsd", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXL1pYVmdUclF3dXhlTjJ5\nRFl1WXRrWUwwYUwxMnNvdXdCbFVZRmp0bDFvCnRNd3p1MzV3WHMxUFlkdUt6SHJj\nTHhSYTkzcGZqNnRWMFBPTTVmNGJaa00KLS0tIHNtWkxzdkEwelVqdzRHM2lqT05H\nN1EvdDgrOG5OUXEvdTlwMDJMekdFa3MKzlxMUKl97RGAcilKQuxC34Pzpr9qPsG9\nS5qhziP2xOn+6rXO21/klVQ1pJDZZcsVI+fCFPHTbwJvXvS6VNuLCg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXL3ZCelVSd1ZxTXE3TEFs\ndmdEejl2bE5CTXhqVXZnbEVOOUlaYzhNMnlVClJ5K0hmMXVBTzJUVnVybHY0WCtw\na2tnUm5jR0xGN0M0SHVSSzVvejRZQ1EKLS0tIFNnS2EweEs2V3VXVnA5T0hQVWNq\nREFZckQ5cStZamZBdmZ2WHNzUzdQa0kK6774xhCCzaODxymwg2B+3Y6aRoXyBW1G\n7jTYWEsnf9eUCcBZP+jexT3obituZENtque5Ov1zblaGIBYnxi87Fg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:27Z", + "mac": "ENC[AES256_GCM,data:HXcgcj09lBf9NPX5htqHZuU3yLKkKMt+RZtABLPFtzsZzXV6nE/ajlHm6+xI7Fo36u1b3KN9QfQ7i70LP2UKUf1L/JTVZiExkDmcfJCluCaq+/bDpY54ICw1jLZ0ckXgMHSTNwJbvM/UbvqdcB0cCt6MzxRUREHjTW4wk08qpPM=,iv:n24kpaCvODWE6+0cjo5fHCkFYHbz/zSjj9wqbVpd/dg=,tag:9x8wboXQB/YrMUU6L8jXqQ==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/users/admin b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer1/syncthing/key/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/machines/peer2 b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/machines/peer2 new file mode 120000 index 000000000..6370c90d4 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/machines/peer2 @@ -0,0 +1 @@ +../../../../../../sops/machines/peer2 \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/secret b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/secret new file mode 100644 index 000000000..96a4d90ac --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:MMjnYNzHE7QSxrXY7aN8XSFkFwK/lpRhL4qV0vn6cwyn,iv:kB8m6ZhkNta6Y+gsYufvo45B+Q5lHuJBmYN3sk7ALKE=,tag:zbgynC6xhrFGcq+mE2pftA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age18mp7v3ck9eg0vqy3y83z5hdhum9rc77ntwal42p30udejkzvky2qjluy4x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4S2FEd2R1Z2hUU3BtSGdZ\nS2I3NjRrNHhGaW9SL3Q3bkJuMFNlM25ya0dNCmhpVmk0eUpWWkpkQWErRUJKdks2\nSzUvMnVQTVJVbC9WeWpkd3VHandrNW8KLS0tIFFWOUlIZFlkYi9NSjJpbXNNWE9I\nMEYxeGJEcGNLaHJOSmR2TytaWDBtaVEKhEfTi3ESLw6I2Uu3ejCGWHMv3LmRvjbg\nZ30CoUmktB7z5/RbdwwiFyV+ijuNq0RPxrlBX0VGEkd/+BrIY4BYxQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwSXpGRkIzU0hwaXBaYXdM\nNTdnZmJTSmVzbVVWZHNCd1VSNjQ4OGdzTkFzClh2Vnl1RWlLbnE0YnVsYjNvZ2hs\nOE04a1QxM0pZVUsvMkpPdlA0Tjdpb28KLS0tIEpMVmFsTVpFcVVvcDdRVk5xZFdS\nMXBTdkt4SlV5UnJTcG4wQU11YjZrS1UKcLyVL6PknecAOLEhjYYbZ38+e+g5jXFd\nJcu7fHEs5O464vgM58SKJQ5m77rGzwqRGh6MjqJTfAl8nPbvw0t2cg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:39Z", + "mac": "ENC[AES256_GCM,data:957Dud8YuagJRf8I0pAe4Tpk+En4ac99TAjRVv5eYAQtyDR1iHUwu/NIc0I14wZj7bKP6UqbOntST3jl33xhM2NQGG/FskJppsbS355OirpVfNahqlhcy0Jy5p1L9TikY89SlFgO6kx2eYs67inbk3UXnyeVxAcEIq6qnmh0u60=,iv:rfLaPYlcnBLecIYTIqJbaI2DNERS1MfU1C+7xH51kwY=,tag:5lQ1Ouf40MyB/Q3B6EwMzg==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/users/admin b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/apikey/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/machines/peer2 b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/machines/peer2 new file mode 120000 index 000000000..6370c90d4 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/machines/peer2 @@ -0,0 +1 @@ +../../../../../../sops/machines/peer2 \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/secret b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/secret new file mode 100644 index 000000000..02ef15c22 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:65FnMTSkJxWZrik97mTIIZBH7Y+8bxTlV/wIA2jTV96oQebGWN6kI3lkR562e9ZVoiB5xyTQayU+NZhgIFEzyC5xAnXmLnKlZ2cvcjDJ51TlAujoHD5+R36tb6FrsBkuki3UI/v0xeWUhJSKpIoPL3/1Tq4l8EWVRR/JTf8fuC06HxwyiXJeMU3CkLpbt/txL2VGM9nNov+CbEZL+WJ99kCuRQ/QPAVglj0AulttXBPztNnUtPZBnBZzbFpxE4nRZ7ufjweVrRYgqYNj1CT0gdOJnyId9uu7vkHpZvGiwB3CaEeG3VyOGidfocmC1Yq/bQw26djx6npuiKoXPEgJmyaoi9DPuOvrvMwuYMpuueZCM7+54fbk7VTKusRtp0iOddSP1pevg1zM/w3NjRnnzgicahzxRf2EEGBRea9P4/znmPMHdbylXp1mnuqGpYZEteweOyFQFkjEmjIASI/ZI04JSgTGs37D3WrpD+Utjh/nVOtmeFHbeqbhk7vngDf++PW9nNM3xNhsALhd1w313agzUffQjRI96zXGj4SkUoPXkO9v9uPY+bZUxP4VncO4FbgxcEkO9YS57LiLp56YUzC/72Z30zsLrCnl2YZTXQ8nc7fvFVqfl61HmUC7xaEckQ0YXxH1yXQj+YTsk1qOVY/AyKjjq33j96de0i4AxYCEgZGU0pTkbT92MNezs7Atz066YIi1YC9YsMMMOXdtlz0FvQIN0WTzSqo1AtuyAUXo+otBX9IeMzX3hQ++E7CuHDMjR+I+jwwouAlrNCcn1Ean48cj6UkhNFHem/fysDL/2OYUZqeUfB7Qn8r0Ffewo55/87J0o2+8zlxdEOWPYiKOsT91G8Lq77OaadZCGFnNWlBrzqUkt+TuUa7UM9ok8uyZLX4R+f+hvIuvp+T+IAcz6r0R+1ndHai59r5gfgBeFxB5qnTPYTgujcdAiEeqfg7Dx0DPKEBiIj5awgsdd057oVf+eEY4Cu/mXuKb70TlbgEvelNmB5MRDlWTRm6ybrbnb7NfPmt5UYaTcPX6l/kP5ek95Q==,iv:uAE/AVleWSNp6kY/anvkJOeUqlfiuAgtHBgry6IqcJc=,tag:+J8jTvKqEULP8GW3IUqyTQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age18mp7v3ck9eg0vqy3y83z5hdhum9rc77ntwal42p30udejkzvky2qjluy4x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqdmdzU3Y2V1MzaE51a2Fj\nbFBIUWF3eXJrTUhKVW1tYzFSeGpad1BwRDBvCk96Z1lIMDg0ZnMrNnJkUzA4VXJ1\nZEtzbGNJU3ZzVmFYMzRBNmo5TnEybUkKLS0tIHErQ2dYZlVuckdML3Job3dwM0hM\nVEVWek40Y0F0bStzd09XenhWaVFIYVkKToXp2wUPBe9LtuLMlBPfpQRq4WHLbnSt\nueOxJvflzQveUhdpuHi6IbtE9HyCwtn6joeOnBTNFxt12Dy/s247Aw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3bGpQQ1N0cmRmcURGV3hq\nUGdHOWh0S1VIQkQ2aFFVNXVnZmpFc050S240Ck03Z1NXNDVISTRvNnhkVnFZdzg0\nVFlXZ1g4citlV21PZ2lEbmRhMFhJaUUKLS0tIDIyTXZNTWpIUFhSYXR4VXBUN284\nYTFqWkQza0V3M05lZDlBQzBtWWFlaTAKfJViXG1KULBXTmDC4PLSWRy9LAVchE47\n1rBtT+r/KlbnOTYYEo7zCMagkPhDdPD5WSegmtghUGkXRtqaTZcTBA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:39Z", + "mac": "ENC[AES256_GCM,data:HsnTHpXkyqJMlpbKzHvBH7bxg+ssDwXzjA7JTdpioP74gD8u+oPTHJOlgYI4Qbvr04JbZiRy/cko3BTUXj8C6nCV5gyXhDG3O0rkAGd/v3108ff7WiOWbXpNJ5QhLBnG4Ny1/ITfzu7MQtNkvGFnoktyMtvqHkVeJf5IhOuT6Fo=,iv:T1IYJyi8eXGdVE/JQSvyoyU/Iw/RlpO4TQCx1naZXXI=,tag:Z3J/313RG337U9HdXidrCA==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/users/admin b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/cert/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/id/value b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/id/value new file mode 100644 index 000000000..e360647b6 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/id/value @@ -0,0 +1 @@ +5N6ZTHC-FZKLOY7-DJCORO3-BG3C4Q3-KD3PCMP-2DM7EHQ-2FS25FK-DCOTSAI diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/machines/peer2 b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/machines/peer2 new file mode 120000 index 000000000..6370c90d4 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/machines/peer2 @@ -0,0 +1 @@ +../../../../../../sops/machines/peer2 \ No newline at end of file diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/secret b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/secret new file mode 100644 index 000000000..b77f1a390 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:rDPNgUOmTINCoQnTQMjEXXrkvIYT7Ju6tX56aUA3cjlRGSzGmJb3Vmec58RS2QHmuOPUykydPTuAHxKs+SNZoXbdzDn75gAjS+eGNXGB9H9TFS2+iLpaSC5XTnfSdyzuGVyPRNvceI/C8FIvEauEpJ9dbS2kkTFTD15u2iI6zTmm/Mtvy2C18BwwEtu+m1TWB90oVduX05rrdnxoMjtscBCKR8fz6CbqYrbnpag9AUGUk8Z+cIMYGlSjDRlyaLWkh33aV/TWx/QOzfAWCyCVLMnU500ch0c6l2fg8daKDJJas2jHxo8KnlBIP2b6SLrcEKtlOSaPicizlJ9UDilDqHQfbucEJTgkQ2eEwJWSmXhU3q3ttGm3mxhQgej5FeIW,iv:6P1hFhDmHs4IYeyxVA/lYu2OL0ciaZNPEmMdBudacds=,tag:9MjdSKKjUO3VlTh/QmAPtA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age18mp7v3ck9eg0vqy3y83z5hdhum9rc77ntwal42p30udejkzvky2qjluy4x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCUWYyQXVUMUMwaUt4S3RO\nYkNzd3FxU29qYk1wWVlrTUNPK0lKSTU2RFJrCmZaeGg5Nlg5azhaRSs5SzVDZlpV\nKzJuUmlSekYrdzdGQ3JDejNwUmZ3cWMKLS0tIFhGT29pUC9wNlpGaHBMSHROV0lP\nNXNjQytQVDlOQmI1UThUTm5Qd1BmNmsKlvG3ZENmjPUDHRUB2o4RTCueIdtXZjxU\nz3Xg/RWZjaDInneg0z/jXyhKoqLRk1J0h9f/36CHT7RtVHIjtz2KIQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MWovZlBoVk1HdUhhSXNy\nYXgxZVdIaDhqMTk0dFRCVFptaUE0ZmZ4ZHlBClpDNS85a2U0WE12TXVzOFhDcTRM\nWG1yU0dDaS9pUWVUT3pnWXNxRjlSVmcKLS0tIGxiTWVIREE4SlQ0Mm8xQW0ycnB2\na2Q4WGY2eDl0UGVTdXo1bWhMQjdNNzgKorezVfxaH/Kx3lpX57zF/0gAeCu2NzWX\nAm7RAFeHDJ+w0jIlZa2RM6mXOTKDzaF+h4j27GcLLbXsSRNhlFMqvg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-07-22T13:55:39Z", + "mac": "ENC[AES256_GCM,data:w9GKY762/ikgNU0ypIOzlnXZqnW3tN1Fz+cVCsgPMQhZbf2OIb5zHgQAcZMHJII5+WqPxLE+PThhZ2hstuz0hvvqXF37KvuT5MblcGShCNOCTJiVwLVhhEUQl3c3C9iXKV+A/aG9psagjHAlhxsdv1UKqVPhQ0bgrl92EZZPdwo=,iv:3XuVGnMu2tOLvkjY8G78qk+mJWZShRsgWx7LwU3qaCI=,tag:+tQcEjZttN9cPxAOer4IoQ==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/users/admin b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/users/admin new file mode 120000 index 000000000..ca714e122 --- /dev/null +++ b/clanServices/syncthing/tests/vm/vars/per-machine/peer2/syncthing/key/users/admin @@ -0,0 +1 @@ +../../../../../../sops/users/admin \ No newline at end of file diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml index 37b063082..079a1c3a9 100644 --- a/docs/mkdocs.yml +++ b/docs/mkdocs.yml @@ -97,6 +97,7 @@ nav: - reference/clanServices/packages.md - reference/clanServices/sshd.md - reference/clanServices/state-version.md + - reference/clanServices/syncthing.md - reference/clanServices/trusted-nix-caches.md - reference/clanServices/users.md - reference/clanServices/wifi.md @@ -135,7 +136,6 @@ nav: - reference/clanModules/static-hosts.md - reference/clanModules/sunshine.md - reference/clanModules/syncthing-static-peers.md - - reference/clanModules/syncthing.md - reference/clanModules/thelounge.md - reference/clanModules/trusted-nix-caches.md - reference/clanModules/user-password.md diff --git a/lib/test/container-test-driver/test_driver/__init__.py b/lib/test/container-test-driver/test_driver/__init__.py index 3d403dff2..b3564ed37 100644 --- a/lib/test/container-test-driver/test_driver/__init__.py +++ b/lib/test/container-test-driver/test_driver/__init__.py @@ -407,6 +407,14 @@ def setup_filesystems(container: ContainerInfo) -> None: Path("/etc/os-release").touch() Path("/etc/machine-id").write_text("a5ea3f98dedc0278b6f3cc8c37eeaeac") container.nix_store_dir.mkdir(parents=True) + + # Recreate symlinks + for file in Path("/nix/store").iterdir(): + if file.is_symlink(): + target = file.readlink() + sym = container.nix_store_dir / file.name + os.symlink(target, sym) + # Read /proc/mounts and replicate every bind mount with Path("/proc/self/mounts").open() as f: for line in f: