add syncthing services
This commit is contained in:
pinpox
@@ -1,6 +0,0 @@
|
||||
# Dont import this file
|
||||
# It is only here for backwards compatibility.
|
||||
# Dont author new modules with this file.
|
||||
{
|
||||
imports = [ ./roles/peer.nix ];
|
||||
}
|
||||
@@ -1,6 +0,0 @@
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
../shared.nix
|
||||
];
|
||||
}
|
||||
@@ -1,21 +0,0 @@
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
instanceNames = builtins.attrNames config.clan.inventory.services.syncthing;
|
||||
instanceName = builtins.head instanceNames;
|
||||
instance = config.clan.inventory.services.syncthing.${instanceName};
|
||||
introducer = builtins.head instance.roles.introducer.machines;
|
||||
|
||||
introducerId = "${config.clan.core.settings.directory}/vars/per-machine/${introducer}/syncthing/id/value";
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
../shared.nix
|
||||
];
|
||||
|
||||
clan.syncthing.introducer = lib.strings.removeSuffix "\n" (
|
||||
if builtins.pathExists introducerId then
|
||||
builtins.readFile introducerId
|
||||
else
|
||||
throw "${introducerId} does not exists. Please run `clan vars generate ${introducer}` to generate the introducer device id"
|
||||
);
|
||||
}
|
||||
@@ -1,11 +1,7 @@
|
||||
---
|
||||
description = "A secure, file synchronization app for devices over networks, offering a private alternative to cloud services."
|
||||
features = [ "inventory" ]
|
||||
|
||||
[constraints]
|
||||
roles.introducer.min = 1
|
||||
roles.introducer.max = 1
|
||||
---
|
||||
|
||||
**Warning**: This module was written with our VM integration in mind likely won't work outside of this context. They will be generalized in future.
|
||||
|
||||
## Usage
|
||||
@@ -26,7 +22,7 @@ We recommend configuring this module as an sync-service through the provided opt
|
||||
- **Share Folders**: Select folders to share with connected devices and configure permissions and synchronization parameters.
|
||||
|
||||
!!! info
|
||||
Clan automatically discovers other devices. Automatic discovery requires one machine to be an [introducer](#clan.syncthing.introducer)
|
||||
Clan automatically discovers other devices. Automatic discovery requires one machine to be an [introducer](#roles.introducer)
|
||||
|
||||
If that is not the case you can add the other device by its Device ID manually.
|
||||
You can find and share Device IDs under the "Add Device" button in the Web GUI. (`127.0.0.1:8384`)
|
||||
@@ -37,4 +33,4 @@ We recommend configuring this module as an sync-service through the provided opt
|
||||
|
||||
## Support
|
||||
|
||||
- **Documentation**: Extensive documentation is available on the [Syncthing website](https://docs.syncthing.net/).
|
||||
- **Documentation**: Extensive documentation is available on the [Syncthing website](https://docs.syncthing.net/).
|
||||
160
clanServices/syncthing/default.nix
Normal file
160
clanServices/syncthing/default.nix
Normal file
@@ -0,0 +1,160 @@
|
||||
{
|
||||
# lib,
|
||||
# config,
|
||||
# pkgs,
|
||||
...
|
||||
}:
|
||||
{
|
||||
_class = "clan.service";
|
||||
manifest.name = "clan-core/syncthing";
|
||||
manifest.description = "A secure, file synchronization app for devices over networks";
|
||||
|
||||
roles.introducer = {
|
||||
interface =
|
||||
{ lib, ... }:
|
||||
{
|
||||
options = {
|
||||
|
||||
id = lib.mkOption {
|
||||
description = ''
|
||||
The ID of the machine.
|
||||
It is generated automatically by default.
|
||||
'';
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
example = "BABNJY4-G2ICDLF-QQEG7DD-N3OBNGF-BCCOFK6-MV3K7QJ-2WUZHXS-7DTW4AS";
|
||||
# default = config.clan.core.vars.generators.syncthing.files."id".value;
|
||||
defaultText = "config.clan.core.vars.generators.syncthing.files.\"id\".value";
|
||||
};
|
||||
introducer = lib.mkOption {
|
||||
description = ''
|
||||
The introducer for the machine.
|
||||
'';
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
};
|
||||
autoAcceptDevices = lib.mkOption {
|
||||
description = ''
|
||||
Auto accept incoming device requests.
|
||||
Should only be used on the introducer.
|
||||
'';
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
};
|
||||
autoShares = lib.mkOption {
|
||||
description = ''
|
||||
Auto share the following Folders by their ID's with introduced devices.
|
||||
Should only be used on the introducer.
|
||||
'';
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
example = [
|
||||
"folder1"
|
||||
"folder2"
|
||||
];
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
perInstance =
|
||||
{
|
||||
|
||||
# instanceName,
|
||||
roles,
|
||||
settings,
|
||||
...
|
||||
}:
|
||||
|
||||
{
|
||||
nixosModule =
|
||||
{
|
||||
...
|
||||
}:
|
||||
{
|
||||
_module.args = { inherit settings roles; };
|
||||
imports = [
|
||||
./shared.nix
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
roles.peer = {
|
||||
interface =
|
||||
{ lib, ... }:
|
||||
{
|
||||
options = {
|
||||
|
||||
id = lib.mkOption {
|
||||
description = ''
|
||||
The ID of the machine.
|
||||
It is generated automatically by default.
|
||||
'';
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
example = "BABNJY4-G2ICDLF-QQEG7DD-N3OBNGF-BCCOFK6-MV3K7QJ-2WUZHXS-7DTW4AS";
|
||||
# default = config.clan.core.vars.generators.syncthing.files."id".value;
|
||||
defaultText = "config.clan.core.vars.generators.syncthing.files.\"id\".value";
|
||||
};
|
||||
introducer = lib.mkOption {
|
||||
description = ''
|
||||
The introducer for the machine.
|
||||
'';
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
};
|
||||
autoAcceptDevices = lib.mkOption {
|
||||
description = ''
|
||||
Auto accept incoming device requests.
|
||||
Should only be used on the introducer.
|
||||
'';
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
};
|
||||
autoShares = lib.mkOption {
|
||||
description = ''
|
||||
Auto share the following Folders by their ID's with introduced devices.
|
||||
Should only be used on the introducer.
|
||||
'';
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
example = [
|
||||
"folder1"
|
||||
"folder2"
|
||||
];
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
perInstance =
|
||||
{
|
||||
|
||||
# instanceName,
|
||||
roles,
|
||||
settings,
|
||||
...
|
||||
}:
|
||||
|
||||
{
|
||||
nixosModule =
|
||||
{
|
||||
...
|
||||
}:
|
||||
|
||||
{
|
||||
_module.args = { inherit settings roles; };
|
||||
imports = [
|
||||
./shared.nix
|
||||
];
|
||||
|
||||
# clan.syncthing.introducer = lib.strings.removeSuffix "\n" (
|
||||
# if builtins.pathExists introducerId then
|
||||
# builtins.readFile introducerId
|
||||
# else
|
||||
# throw "${introducerId} does not exists. Please run `clan vars generate ${introducer}` to generate the introducer device id"
|
||||
# );
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
23
clanServices/syncthing/flake-module.nix
Normal file
23
clanServices/syncthing/flake-module.nix
Normal file
@@ -0,0 +1,23 @@
|
||||
{
|
||||
self,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
module = lib.modules.importApply ./default.nix {
|
||||
inherit (self) packages;
|
||||
};
|
||||
in
|
||||
{
|
||||
clan.modules.syncthing = module;
|
||||
|
||||
perSystem =
|
||||
{ ... }:
|
||||
{
|
||||
clan.nixosTests.syncthing = {
|
||||
imports = [ ./tests/vm/default.nix ];
|
||||
|
||||
clan.modules."@clan/syncthing" = module;
|
||||
};
|
||||
};
|
||||
}
|
||||
@@ -2,49 +2,10 @@
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
settings,
|
||||
...
|
||||
}:
|
||||
{
|
||||
options.clan.syncthing = {
|
||||
id = lib.mkOption {
|
||||
description = ''
|
||||
The ID of the machine.
|
||||
It is generated automatically by default.
|
||||
'';
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
example = "BABNJY4-G2ICDLF-QQEG7DD-N3OBNGF-BCCOFK6-MV3K7QJ-2WUZHXS-7DTW4AS";
|
||||
default = config.clan.core.vars.generators.syncthing.files."id".value;
|
||||
defaultText = "config.clan.core.vars.generators.syncthing.files.\"id\".value";
|
||||
};
|
||||
introducer = lib.mkOption {
|
||||
description = ''
|
||||
The introducer for the machine.
|
||||
'';
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
};
|
||||
autoAcceptDevices = lib.mkOption {
|
||||
description = ''
|
||||
Auto accept incoming device requests.
|
||||
Should only be used on the introducer.
|
||||
'';
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
};
|
||||
autoShares = lib.mkOption {
|
||||
description = ''
|
||||
Auto share the following Folders by their ID's with introduced devices.
|
||||
Should only be used on the introducer.
|
||||
'';
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
example = [
|
||||
"folder1"
|
||||
"folder2"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
imports = [
|
||||
{
|
||||
# Syncthing ports: 8384 for remote access to GUI
|
||||
@@ -65,7 +26,7 @@
|
||||
{
|
||||
assertion = lib.all (
|
||||
attr: builtins.hasAttr attr config.services.syncthing.settings.folders
|
||||
) config.clan.syncthing.autoShares;
|
||||
) settings.autoShares;
|
||||
message = ''
|
||||
Syncthing: If you want to AutoShare a folder, you need to have it configured on the sharing device.
|
||||
'';
|
||||
@@ -80,12 +41,8 @@
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
|
||||
overrideFolders = lib.mkDefault (
|
||||
if (config.clan.syncthing.introducer == null) then true else false
|
||||
);
|
||||
overrideDevices = lib.mkDefault (
|
||||
if (config.clan.syncthing.introducer == null) then true else false
|
||||
);
|
||||
overrideFolders = lib.mkDefault (if (settings.introducer == null) then true else false);
|
||||
overrideDevices = lib.mkDefault (if (settings.introducer == null) then true else false);
|
||||
|
||||
key = lib.mkDefault config.clan.core.vars.generators.syncthing.files."key".path or null;
|
||||
cert = lib.mkDefault config.clan.core.vars.generators.syncthing.files."cert".path or null;
|
||||
@@ -98,13 +55,13 @@
|
||||
devices =
|
||||
{ }
|
||||
// (
|
||||
if (config.clan.syncthing.introducer == null) then
|
||||
if (settings.introducer == null) then
|
||||
{ }
|
||||
else
|
||||
{
|
||||
"${config.clan.syncthing.introducer}" = {
|
||||
"${settings.introducer}" = {
|
||||
name = "introducer";
|
||||
id = config.clan.syncthing.introducer;
|
||||
id = settings.introducer;
|
||||
introducer = true;
|
||||
autoAcceptFolders = true;
|
||||
};
|
||||
@@ -120,7 +77,7 @@
|
||||
SharedFolderById = "/rest/config/folders/";
|
||||
apiKey = config.clan.core.vars.generators.syncthing.files."apikey".path;
|
||||
in
|
||||
lib.mkIf config.clan.syncthing.autoAcceptDevices {
|
||||
lib.mkIf settings.autoAcceptDevices {
|
||||
description = "Syncthing auto accept devices";
|
||||
requisite = [ "syncthing.service" ];
|
||||
after = [ "syncthing.service" ];
|
||||
@@ -138,7 +95,7 @@
|
||||
${lib.getExe pkgs.curl} -X POST -d "{\"deviceId\": $ID}" -H "Content-Type: application/json" -H "X-API-Key: $APIKEY" ${baseAddress}${postNewDevice}
|
||||
|
||||
# get all shared folders by their ID
|
||||
for folder in ${builtins.toString config.clan.syncthing.autoShares}; do
|
||||
for folder in ${builtins.toString settings.autoShares}; do
|
||||
SHARED_IDS=$(${lib.getExe pkgs.curl} -X GET -H "X-API-Key: $APIKEY" ${baseAddress}${SharedFolderById}"$folder" | ${lib.getExe pkgs.jq} ."devices")
|
||||
PATCHED_IDS=$(echo $SHARED_IDS | ${lib.getExe pkgs.jq} ".+= [{\"deviceID\": $ID, \"introducedBy\": \"\", \"encryptionPassword\": \"\"}]")
|
||||
${lib.getExe pkgs.curl} -X PATCH -d "{\"devices\": $PATCHED_IDS}" -H "X-API-Key: $APIKEY" ${baseAddress}${SharedFolderById}"$folder"
|
||||
@@ -147,7 +104,7 @@
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.timers.syncthing-auto-accept = lib.mkIf config.clan.syncthing.autoAcceptDevices {
|
||||
systemd.timers.syncthing-auto-accept = lib.mkIf settings.autoAcceptDevices {
|
||||
description = "Syncthing Auto Accept";
|
||||
|
||||
wantedBy = [ "syncthing-auto-accept.service" ];
|
||||
@@ -162,7 +119,7 @@
|
||||
let
|
||||
apiKey = config.clan.core.vars.generators.syncthing.files."apikey".path;
|
||||
in
|
||||
lib.mkIf config.clan.syncthing.autoAcceptDevices {
|
||||
lib.mkIf settings.autoAcceptDevices {
|
||||
description = "Set the api key";
|
||||
after = [ "syncthing-init.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@@ -182,7 +139,6 @@
|
||||
};
|
||||
|
||||
clan.core.vars.generators.syncthing = {
|
||||
migrateFact = "syncthing";
|
||||
|
||||
files."key".group = config.services.syncthing.group;
|
||||
files."key".owner = config.services.syncthing.user;
|
||||
47
clanServices/syncthing/tests/vm/default.nix
Normal file
47
clanServices/syncthing/tests/vm/default.nix
Normal file
@@ -0,0 +1,47 @@
|
||||
{
|
||||
name = "syncthing";
|
||||
|
||||
clan = {
|
||||
# test.useContainers = false;
|
||||
directory = ./.;
|
||||
inventory = {
|
||||
|
||||
machines.introducer = { };
|
||||
machines.peer1 = { };
|
||||
machines.peer2 = { };
|
||||
|
||||
instances."test" = {
|
||||
module.name = "@clan/syncthing";
|
||||
module.input = "self";
|
||||
|
||||
roles.introducer.machines.introducer = {
|
||||
# autoAcceptDevices = true;
|
||||
# autoShares = [ ];
|
||||
};
|
||||
roles.peer.machines.peer1 = { };
|
||||
roles.peer.machines.peer2 = { };
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
|
||||
introducer.wait_for_unit("syncthing.service")
|
||||
peer1.wait_for_unit("syncthing.service")
|
||||
peer2.wait_for_unit("syncthing.service")
|
||||
|
||||
# Check that syncthing web interface is accessible
|
||||
introducer.wait_for_open_port(8384)
|
||||
peer1.wait_for_open_port(8384)
|
||||
peer2.wait_for_open_port(8384)
|
||||
|
||||
# Basic connectivity test
|
||||
introducer.succeed("curl -s http://127.0.0.1:8384")
|
||||
peer1.succeed("curl -s http://127.0.0.1:8384")
|
||||
peer2.succeed("curl -s http://127.0.0.1:8384")
|
||||
|
||||
import time
|
||||
time.sleep(500000000)
|
||||
'';
|
||||
}
|
||||
6
clanServices/syncthing/tests/vm/sops/machines/introducer/key.json
Executable file
6
clanServices/syncthing/tests/vm/sops/machines/introducer/key.json
Executable file
@@ -0,0 +1,6 @@
|
||||
[
|
||||
{
|
||||
"publickey": "age1t6s4d0sn3jlzlu7zxuux5fx8xw9xjfr0gqfaur0wessfrxsg35hsqttv2t",
|
||||
"type": "age"
|
||||
}
|
||||
]
|
||||
6
clanServices/syncthing/tests/vm/sops/machines/peer1/key.json
Executable file
6
clanServices/syncthing/tests/vm/sops/machines/peer1/key.json
Executable file
@@ -0,0 +1,6 @@
|
||||
[
|
||||
{
|
||||
"publickey": "age1mq8u3x9z8v3zdm59qslxyn33zm0rpjzrd9sr9fjzqwp8d66t9czq626xsd",
|
||||
"type": "age"
|
||||
}
|
||||
]
|
||||
6
clanServices/syncthing/tests/vm/sops/machines/peer2/key.json
Executable file
6
clanServices/syncthing/tests/vm/sops/machines/peer2/key.json
Executable file
@@ -0,0 +1,6 @@
|
||||
[
|
||||
{
|
||||
"publickey": "age18mp7v3ck9eg0vqy3y83z5hdhum9rc77ntwal42p30udejkzvky2qjluy4x",
|
||||
"type": "age"
|
||||
}
|
||||
]
|
||||
@@ -0,0 +1,15 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:JbpTTfHD92NlaUR7xAyJFoqD+4mYDlpE1gdWuCsrMyar8rUzS6vX7i7ymd69K0tPAT/UUZAmNacPFwvjTkZmdv+/719FNBkowrc=,iv:ZHTcm+V1dNZ07kRQEDNFYh8NMMwZ5g5cq0Tg281Aaec=,tag:tjAJRuQrRC0JYhS0tA+VUw==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJZWV1ZUZlODZ2OXlXbzVX\nSTkzV0VFL1NJVXpzKy9hTy9NN3gzeWxJbzE4CnJZc0JYd2s3ci85aDFuQ3pJbmtT\nSWZGRmREM25nWjhkZ1hGNE0rcVpMbFEKLS0tIDk3aHZ6ZVlaTmhOV3B4b3g5MzV4\nUUNWcXdHcTlVVEw3UGlxQWtBSDdpMk0K6nCih/rHq4vLS/oDz8cbjY8TVVsQmzaW\nivSd3WhpUaRdigyw/u3/5Lmaii1awy2qJdyREbzzUVgJPfoZ87pabw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:15Z",
|
||||
"mac": "ENC[AES256_GCM,data:KoxJwNfRO1SDlgCc5p9+ZDP6rXOAUXG48ousVXKgNfR+qyS9i0FIYjgJxsSxzsYyn0Md7fbbJdX8MEnJZkgkTn0pJ46HfHsD4oiE66AF4pcgdIssTo4BX6RvoqbCdtS6hi6dpyrW7j1PPhwO3DRhaFIO58Nk1fxcVpyATzm8Gyg=,iv:SYotgqC8fA80mmjYZxUM0p+MUGxRYKHCd1pscS3HVt0=,tag:3XrQabwt+KEtk8JLZ4HTPA==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../users/admin
|
||||
@@ -0,0 +1,15 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:Lr3bPR9MjNvwBYPIQg0D4qIDhRbD++ZOpuGvz093d+DWva1b4h1jhcsnmziOvINZQ3vVpizklkASRWo757FOJLLV1LiXNqiZAbY=,iv:HbsNN9Who9BFTHEUrRVAA5MAkadXVqTGEsq5kTPZdQo=,tag:pGW8oINEGRjDgg1JoHdUEQ==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBM1Q5UEpvaDQ4K25oTWN3\nbmdPaTdZUTFFR0xUVEttajNXOSt1T3BnTjJnCkE2eUVleXJKckovdkw3ak1xUGZj\nK3hET0E0OU5KYlZLL2daZFNaZ3cyS00KLS0tIHFwMW9LTHNLR1JwaHdiMnc2bWhH\nMWtwMElUYW50ZXlGZG1US1hiWlNoRjAKTg62lhjMCG1uPtxAmq5L7QGwmlwvGnxG\n+qTZHAPAoTUaWtnJfJpueGB1OJbr4HbUH0gN0cBqq7Y0DGIyvGqidA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:27Z",
|
||||
"mac": "ENC[AES256_GCM,data:1fh6Jp+y6jGI3NgZMgGcuVHX3GLXYH9LKbPG4cVwOk1otX94zr0UcrVOSgH3m9J7QpGlFl48HwCfoNZzkRVmX633Px1UZQopOSZLao8Ao7ZcAwP3EmIowwJBC8//pYIhE6JwPlIlRbHOQRDd8HhIM1VwNjc8dUBBX0VyTAgyT4w=,iv:0Z722NhqETyVY+mkerERVw9TmKx0aASdSdYYdNucmCg=,tag:PT56bX50YajhlHQttz+Ffw==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../users/admin
|
||||
@@ -0,0 +1,15 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:XgQnGe/dmXyir8gDOgcsdYok1d1blDBx+AFDLw+tXBzv5FY1pSbonSuOKmEVWDEmRCR3o1D8qiuUrDsa68D3als69A/bRhYHR+A=,iv:JzNB2VjE+HHAOQXkN3t95wQPiBBj/c93X5JHP8fosHg=,tag:fcAG53Tp+38NAfqSObIa4A==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6amIrbk9uV1IyQ20zMExo\nL0RrMmxOa3dEOGNmZFhIWXF1Sjc1K3VtdkdFCklLdEVNYnpsclRUdUtyTmVteWhu\nMHpPQmYzSEVldytGazJ1azBnQWJsaEUKLS0tIEZFY0hMNnV1TE9jODdpdy80eXRx\nMDZWSGt1MnhYQWJoMmNoaW1KWGVsVk0Ki0VQLz79+QQeiOri0aBqHEsVessIyjX8\nv3OZAjwMglPNv3j4CIqY/F4sfrAYxKUNB7g0Ui56BZlrG/i68EupAg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:39Z",
|
||||
"mac": "ENC[AES256_GCM,data:081iGB26aJv0067lLJVetcKOyzzaHys6W70hcxB9010kpyU6AkxNt+HCa2lvJNAv+lls4WXgM6WsD/KODkDvbZsP4U3P9sJqY4RbTqJvypN4yjmzogneB7GVOenMQ8ywbm+ILM54nx8Enn6GPm4YX6yTat4WVTFFd+dJYmfBBmM=,iv:rXOqKtBSZvwozT49Zhp6aBpLXWlim7KLRGg6yIb2vkQ=,tag:vmjlvW0PNlHYs7syshJETg==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../users/admin
|
||||
@@ -0,0 +1,4 @@
|
||||
{
|
||||
"publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"type": "age"
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/machines/introducer
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:/dsV5uaNTBmB82lbzlQHGyRbFeXM9l32igrLcfGG13td,iv:6PB0LqjRtvrSYxeOPN+261VqacGg0jczCyyF4FZQa/I=,tag:4GlcYRhYhHVdSkwDSzcT6Q==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKYmJIUVhVQ3c3ZnhweUhU\nZnR6THB1Y2RjWExPckIwNEl1SlRGeVJORUVVCkk1ZzZwbGNwc1JQOFRpN2MwT0xG\nZTErNzVmSnhPazJJVHBKUnl6d2lYaVkKLS0tIHJRclM2WEYzQTRwVXRHcUUxSTlt\na1pHamdpdm9hUU9PSndybzdlMWY3NkkKcTnYp/5fUTdiNr0ajJeAPuLwhgWAdlAE\ngZ4soLdZoBFUHSsh0LhEm6jO2DXEKUZY7oLZi1gSZZbPA7PI/5k7OA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1t6s4d0sn3jlzlu7zxuux5fx8xw9xjfr0gqfaur0wessfrxsg35hsqttv2t",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3THZibDFMaTZrKzJVWjd3\nd3RScjZVZmNlbitmc2FkRXl0UlVmZlRoM2dJCnlkUW1pa3dHZlNqTklxc3dZTkha\nQUpWck5BcEk4NjRjSXI3TlFzQ0pzVVUKLS0tIFpJdHJzKzVkeGFBcnRvR3pDeFN2\nNFNFaW9kY3JXdzk0Q3hPS29iOFRkK1UKoQSqFLIAeU6aRL+rDQ+oJ9PS6aAtAPeo\n5Kpwoi3KQHVrDDIRBaxvZ2BXObOyU0tBqjzBdrOgtRn+96HmnZ6JDw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:15Z",
|
||||
"mac": "ENC[AES256_GCM,data:4T1+t0hZwN0ThdXoCcNeUiQNj2RosRP6HL6SKmsnECn3pmDZqJEt/0xEQWDeDcvfHyZkJAFbU0RfhYsyz2wtYZwuMDL8WEbHURa1GQ4uKNWfUPPeu88eTwnYsbvtUS6TdRZ26eDoQKDNEed1cy9TfI4Bugdt0rrl6O+su2Ikvyo=,iv:aMLJ4r55UY5cIB1rQNns3jN2U/ZjfFN1vl6ZsXpcBbo=,tag:P2Dv7LeGB1fT4TYHwJgLGw==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/users/admin
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/machines/introducer
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:6bI+k3BUKfpOnYSZx6ucCEKLvPCC2+LVrHzxQyN7MvLKk43LnKsfSSI8lpp5l8CE8Bpcpq9BqWVU3ZhnwmM4RbiHg/+C7R374KqoV0TLXMwq4lkeVM5oh4On2qBbnxsXtBz6NbJmIiJPPTT5YARdDAdIVUZ21jOj7G5jvm1BbAWojVkrKpb5IpOTmuxSA0CPEQRsvP9NHH+5Btm3J8Py4bHcRpgNeKaFfTrJjtXN2te8hTjJb8sGmFvuOr92Tdh/+O5qeA4SjMXqRJEiJiE+Fc9X9ukrxlZkDwsSn2gXQu7ahGhjOZCvQ/Th9j55/ZPiu5zrypfBIltSfGaMzHTqSECSGozfNSqbAAuu/ybCMmp87HDg9RQ3M/2yYqmSs2cRSB1/jN7ha3LTEnPhPKWnpOmnNvQT/rSX0wyfGtdKVk0bIgEc28wIKANyJC+HPPtENdcmdUhx6q2CRi1h+nFz92zkRGzWySgCcl51WawFDD6KRKLvqpq9LWv/bNl4NOQd307hPZguLLB6/Q/yV29j+XgGrZcmlOnn5NfAlVfF+F6ckebPxDKMg0Z3DD/83DPM18iO5SeDcaNVS3c3KoeSpURWMHr5+2n+qtu3wVvKsPPhAsBV8diwGxp5z00Rr84mHXPfnz56Tr+m/rYLfflryrybxTujcuWFCGgzwMdeaYx4tz7lQAY1XtdKSNTYjhWdDfFbqThP3HVGJsRQshCd+8Q4miEfJzDmUgbrUuoF3VjkMApZ4wULV5BCcLrDYIXkwu1lyDt5fk4G0TyZCP8JvBV3zcVxjAPW86tSHNcX0V56Yd090s51u0iJyM/eqNxoNXa/DWBuLd4jpWJRz2c48pUO1XRgqvZHFmUcO5q7SPL/bCvdpjqaopnOqt3501zGB2q+TGfyZUZ3sqtylTPz4C7tv/hrCzmRCTzEFlfsmUOi08DL/6K65ihe6uXjoH2fB7ypjUy4u5L1XcBIvxSitcSacosJHSUtWcFZ6mWIgVyChTjWRfCAF4eB3aVctW+OmVTeiTcdAfbDiPR5FNyDWPTMnnorjBVZkpU=,iv:RGNo6ipQplIsHL7avQpTgEKMDifKnB5W96vYf6X96cQ=,tag:k8oObQ1m3aVnG94MR7dhHw==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5NFVRb3cvZEZXdW1xWlBP\nWWNCRjlxYmpPQ1k2aFBmOUR4M0F2ai9Iam5ZCkxzU2dUamZXRmRqV3ZyWTRvdUda\ncTlHa1BuSDQ0em9lMXRwUlc5V2E1WUUKLS0tIDRkamJVZ3NIVlJGRlNrK0EyT09x\nbHVsMzlKVzJGNS8vVVlHRlFJRmUvUlUK1OSBTQi6R3XYEZEQmpGCrMr8m4jCBRiV\nj/G9sCahhTUc0D7E7DTXD3fwfXnZk1bD7buA99f908DT2Bjv4TfeKQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1t6s4d0sn3jlzlu7zxuux5fx8xw9xjfr0gqfaur0wessfrxsg35hsqttv2t",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwZkJFbWhINkxmK3g4RHFN\neko4VTZHVGZOK1E2dFVqbWdVZktnTEdqT1JJCnBraG1acHVrNzlBWmJhNEMya1Fi\ndUw0NDdKakdLcGE1Z0tsSHVvQ0l1NFkKLS0tIDZvek42eXVEbEdWeG1vSENnakQ4\nQzlGaUNKMVhEM2QwY3ZPTW5nYXNLUkUK2laHy33U+hcQMT4jlUOqtVRCy+hNHyaS\nyuSk1i7Am3VeProaXccREjHjYRHn/l/B1oLRQQQT4cLcComxOArz0w==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:16Z",
|
||||
"mac": "ENC[AES256_GCM,data:CVyuCoiArDYnoz/GQ0OZ2K0rJ1+Y1xoznp+v4rxAfL22fv3mY29EDw7ByYXxye0ARCD8gBFCpKeUvWbfOPJGfjsfAFT0AxLYFbUONgejYZpVZbnlElfLUSi39ZhaSwcImqe4RLJ2TND/HuJ6jwz0Lb1h8BWOq5/NeF8JJH2tHFo=,iv:n2liiufvBjCjASBIAmOu2Q5IONsX99GFmZw7YDeHJ+4=,tag:0bYMs8k362w7jApCird4yA==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/users/admin
|
||||
@@ -0,0 +1 @@
|
||||
UHILKRC-BZSMZT7-CA5ANWX-DJTR55R-NBGUBK4-SOZJG5Z-MONIHKP-ZHFGOAL
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/machines/introducer
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:YOzFYRjbmtSqzz+gaimswru/Xl3h2bZ0zkkM+QokycDIGhk5wrdlrGNJiaiQk3xJ1JUEbJewmsBFPz0Xcl8Nh2aAj58s0fMg/H0lb6WfF0n7B4u3TZ6urWir4ViUPdVxcS7oxKhJCU2KoqFNpXS/NjRCmi4G12j42VGBStLNxCFZ8EH4oK/nV0tYpJ++meKA9IlQbuEKmAv6Xt7Ry1isW4THl7jzYwE6y7I1ThqudnDtvqguY+Nl27vMmFed+WmpE4jsXjeW7T/CTynafen81uL7gP6xiy/n+3nZNYgutHCTqa1AonITDIJrzRjAPMmYxwv0k1ebYImBCT0wH7rnmbLF7y4EMNFuA3O5nAvpZ8tkkLzooVf0PCYrtWbwsxOm,iv:T6aRMEHnOezxswMnJXBXoHVkVDFtDqvtCRhqvQHLOWU=,tag:2zTGHZWCt6SQrESyC3f9Rg==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSK2pOU0Zoam52V00vdnFi\nR2hpenpHQ1BDaHlyODZ0cmgvdzlLMTZ6em5VCi9sdG9zdzY0Z1pDQVF3dnNSREdt\nQVVUQ29uaE03SWM3bnA3blRHZWJmUmMKLS0tIGwyNUhVMTJ5SkxudlZaVUJaM0xJ\nSEpoaFZaUlczMkYxWlZhb1RBbUZ3SFUKGmjG+r998QLDJylznGhuqa6magj9x9PM\nly7PlqaoZ1diLuFklqFVExK3cXwvA6xdOScZqd8/P/sEdzAodDuKQw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1t6s4d0sn3jlzlu7zxuux5fx8xw9xjfr0gqfaur0wessfrxsg35hsqttv2t",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnMlpRK043Rm0zbTJxUGlv\nbE5mOUhhZDQ3a2UrNVhHZithUTJMRlo2Q2hZCjQ2aUt6VXpuOVE4dVVyVFc0WjBm\nMWI0SHVqYUNjdkQvSXY5QWdFTDRjdGcKLS0tIDBleURzYVBlZVcwQk85YzhOWE1z\nd2ZwYVRMM0dxM3U0RWI0Z2kxSjlETWsK+/m7xmcoXlnfYkRL3RK1VATGY6RtkmHA\nfg+YeAENLT1Mr9SnJCWcodxFicz8hiN5PinjynjqWgfv/xLMuh2G9Q==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:16Z",
|
||||
"mac": "ENC[AES256_GCM,data:dKjYJ4ogUztSwuP6gkyXj/gYd3TDztuwivhtRzLYwoJLJ7c4anEeZDA51tslnhdDDXQ101JDEt0tD05wAo1YdLTNg9YR0eAh4wZ/dkJ+U92U7DYEW40YXxy8co/WWW50eYqbD6SnZbZAMjf4SbaH6kqtS2MTqeba2B1G/y8sb94=,iv:Z8tzsvSTRjondcN0Vnc3bcyVlVnpqLYRoaOCe6dLQGQ=,tag:leifNnUovWvO5cqzyN2PNw==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/users/admin
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/machines/peer1
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:W48JccasfJGc+WJOgGJf+T5OfVYSAfvghuXC7wUqVkkI,iv:Ukhb8+d1FrZPSmerFZUbuL/G2yHpBNSJeRL4nYG2Cm8=,tag:FCf3VI+eBsmrXvbsI62B7w==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1mq8u3x9z8v3zdm59qslxyn33zm0rpjzrd9sr9fjzqwp8d66t9czq626xsd",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTbkFSTTBYVlNjVjNyYmIx\nSjl3UUp5VVlJZ2xudW8veS94VUVwbS94NHkwCnZ3LzZocFBnYkN3K0wwelhYalM5\nOVRmN3g1Tk5rRTViZXkwT244b1I3bzgKLS0tIEpKdCtiSTdjREV4OVZDbU1rdDk1\nTnZZTEk5OEZlWFRFTTVITkRCTFVFQXMKV8SdppHqwCEIyRTNUxjG7AtGZyVZuKBr\ndXURED8uLw37i2gvAzlUZLzQieV+F//muVF4fFONucBq5wnRskyBTA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWb1p5WEM5d3h1RVRpRVVk\nMXArMk9DOTNoYm9yT3pXbWV1YmN4MDFXd2hvClJpUEwwM0pDSUtqZHRvaTI1RlNF\nTkRBYlo4R1lpR0Y1YnRLWGIxNThFMFUKLS0tIGIzeTZ1QVJTZ3VlbjgwN1Z2Y3Bw\nTWxOT2xtVmR0Zm1jeW8wdE1xTEQ0aDAKkMuwZwMPUPO8kGmc7xCElxvpTFfGqag4\nXm6KaoyGNJO5OoWoXgJawynRNyJX2JFGjcI1M1xK4ItYU5NF4Po8ig==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:27Z",
|
||||
"mac": "ENC[AES256_GCM,data:uOaOVlLb+qLshDC4Y1KxYFgsPpHmNlfDaaPHcBBvNs7brBfsfZOPwVXqPxj5M9IzhD87l7kbYisaeBCqDKPM+IdZV1C3WstRu70a26onLl+JMXYpJSUljQwZKWnL7e48o4MZqcOtY0ghcAajI2if7nnGdKXIF5djdSLwSWHx9e4=,iv:Alb7j8UVmfLHmMzwBpJ9Aor+lffm3P3DAJaipvX6LH4=,tag:L4pTMxjA6dRhK6nl2Kokhw==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/users/admin
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/machines/peer1
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:n5rS499IeNmb7or1zApWyDa74HcFhCGv35zn1DsYED8lWGEnmSFMbOUFlKwa3cBWiGRyQ2UjGzdb7lmDmoNLNzd7JB4ARgI5DapVtj+ymn56VIK5GTBOsRzJgtT4lqh3vEu4Spuv290aBHHg+lsPfdTfsJuOgAr4PVgnNY3O6Exz6EZwOSSvbUX5if7G96Y1bemF2Hh1AbdOg5KvB/Uh6mBW17hnUnbqxT7O7fepYmsSLB/qjBJWVivoMtMQWoQL8IkOapmuQYDf8ig+2FMxzcAQ71wTpTlXLGJ/XAuFSx1tJzpLbFCOpvLtGnemoUIB8viBjgfyTqN5iboJvk/WX110609yx0ew/F45CfpBfjQ66iI1shiCidfPm3ZHCO7KSjXzXEmjX5dVFp3xpz58yJH8LwQtrIQB1OQsLKe2ZmrYfjydoDuN9N+A0a6qN6KJUvIGVxNKnQ1rjj8uq4toVhxsSLQrfNkTFPA1Q624rCOu04oz3wd/oPS28war85atfMjmz9JU+Hw5u5qaxgl7UJno1VYknsrrYDIAGPxUwO56t9kHIgOZpNuD6JqDBJAfGJ1oPT+zVIBcNwNg0Z577g0l9rCLNdKInVCVahxZLCVe3LidtxL/bNzvSYHb09RbkJIhdWn7ouYCHwRRWN5kWbUopm2hHVZjRhC2CGJLBZ3+aLkEJzyZGcQCLF6Jc+/659FD8dXdaqfbR/vEKaVhoLL/WGKeo/lZL6c7TaVwDSIIa7dkk/QvGvmWhO+qG8yIs4vciGa06I62P1Y+9DsMrrWu/yqLTSkWtOpKdvIBh/jPOC4t56JEb/ksIvDLKSdrtrtHyRdCkzZ95XQDAM/a2nv+LnH75Yz9q/R0Caex/OSATCFpNcoyeSJwC5sSs6nV/NJ18YynzclSaKmAvMM8XVx8jrtUEp1yIzgBogxTFJ+yTsvEa6y/yCF3i80RrJNIkOKJDR48g7R/RJTufR+YxQj+RjWpgHbkc/Uhb0cR3X5A0ptA2X6Qz+cW9NXr5dA3A4lVsFzkZLzulqPhCxT9+g8OINx2+ayNx/M=,iv:xy7UNpO48flvQE+otJfHUJLhZlOuUueXLP03cDigXFQ=,tag:HeWayOjoZmVa0dr8GPN7Iw==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1mq8u3x9z8v3zdm59qslxyn33zm0rpjzrd9sr9fjzqwp8d66t9czq626xsd",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBITjNQcHMweFY1ekNkdWFs\nak1wcm5td29BcTI1OFBtMnFXcTg4SEJlUTFZCjc1YlovcSsxOUNFWGIxZWVsRU1L\neS9wNE1rWU05WDdSZEQzbEZib2Yxa3cKLS0tICt4TjVTOG1JUENSNW8xNVlkZHkx\nem1EMEI3Skx5R3BmLzVRYjBkK1BRODQKfX1nexjFXyXxGBvDRlssjw3XcwvtGxGC\narZ2/kmF2nETLoNDVcNIxV5KUPohhTwWdlrmPGksquBrUCjElMOVLw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwMFZ0clBPaE1Xc1NGRTFK\nWlFGTWErdEtoSUhEeG1jWWNycGZsd1h0S0RrClQyQ1dRWGI4VzZRQXlvd3ErU00w\nTjNnQ2VJZEhpZ0RQdUxBUHpONjVNNjAKLS0tIGF1enFGWnhFL3pCM21nSTlhUUxs\naFQreFI2NzJmZVRZeVBxNVBQYVhTWEkKkGUPL0hOBAX2L7Vezq7Sf1V9Yu//X1/x\nNHndFsjTBcaFbDWCxcZpqVvJ0paKm46Nm+AQyhThR0OGCsKbRJhSlQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:27Z",
|
||||
"mac": "ENC[AES256_GCM,data:NieKHtjtSL9NsDsFnIU5MN8pVp55r05Qu7Qf9Pde8W/60xkF1A7kML1zpbUbMfp05VS26aIENps8BOyDZhCJgZG/89NLXccGoJTKFLDUyKDqzwCPuEK+enbRm80VQnPpMLxRSMacCl/Qm3QxpQzLuasQvLH1c18BBhy+jpwuFBY=,iv:NbA65YXGIlkWXu9tmDHdvNL4xxlfp2FFFpjckJ86E80=,tag:XX6T/Hs8W0htQyp7DJhahQ==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/users/admin
|
||||
@@ -0,0 +1 @@
|
||||
LFXPW4H-IIDB5K4-SZ54YJL-PVRW2Q7-52YPHEI-6VZQOQA-PSAVYPV-QF5BCQA
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/machines/peer1
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:QnnXrKYiJMtNQlHBBjwZeosvLjcuMwWH+YjRwy3OeaPQ9gJbj2sAUrkoZSqc5jzi577nTympol92bGIRP51TKJ3k/i0cq7P/UyGIWCjPUi5jmJs3tY8rfztlcyiXr0TPYVYyZDp1ErPfFW96xWjfaSgopjScYGRS/NGkaRedQuP39Hwg4rIPpdrkEbPgVIMCHJdvMcPm2a2RmqX1PzoBj+TEQMCFxyuRg2cTVoqyyYv95w19T+5GddvbVDmB9c8OhG4VS9nqfgdL0IJ3TMUnJAC/S1wfj64YFdhrt7lzR00xriht19ZS+HPhLlBjSruZXa4SrSEtdIMfTAXlVwtw5e/LENhiKumyhmUMqlPRJPANbgZTxa6g1Wq3NmGIOQB6,iv:2I5JcaYbEA4W9zLWTTR4j4I1hREDqb7Nh4Wg9AVEaHE=,tag:WiJhtiPjTMN+CgJU+KNmgw==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1mq8u3x9z8v3zdm59qslxyn33zm0rpjzrd9sr9fjzqwp8d66t9czq626xsd",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXL1pYVmdUclF3dXhlTjJ5\nRFl1WXRrWUwwYUwxMnNvdXdCbFVZRmp0bDFvCnRNd3p1MzV3WHMxUFlkdUt6SHJj\nTHhSYTkzcGZqNnRWMFBPTTVmNGJaa00KLS0tIHNtWkxzdkEwelVqdzRHM2lqT05H\nN1EvdDgrOG5OUXEvdTlwMDJMekdFa3MKzlxMUKl97RGAcilKQuxC34Pzpr9qPsG9\nS5qhziP2xOn+6rXO21/klVQ1pJDZZcsVI+fCFPHTbwJvXvS6VNuLCg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXL3ZCelVSd1ZxTXE3TEFs\ndmdEejl2bE5CTXhqVXZnbEVOOUlaYzhNMnlVClJ5K0hmMXVBTzJUVnVybHY0WCtw\na2tnUm5jR0xGN0M0SHVSSzVvejRZQ1EKLS0tIFNnS2EweEs2V3VXVnA5T0hQVWNq\nREFZckQ5cStZamZBdmZ2WHNzUzdQa0kK6774xhCCzaODxymwg2B+3Y6aRoXyBW1G\n7jTYWEsnf9eUCcBZP+jexT3obituZENtque5Ov1zblaGIBYnxi87Fg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:27Z",
|
||||
"mac": "ENC[AES256_GCM,data:HXcgcj09lBf9NPX5htqHZuU3yLKkKMt+RZtABLPFtzsZzXV6nE/ajlHm6+xI7Fo36u1b3KN9QfQ7i70LP2UKUf1L/JTVZiExkDmcfJCluCaq+/bDpY54ICw1jLZ0ckXgMHSTNwJbvM/UbvqdcB0cCt6MzxRUREHjTW4wk08qpPM=,iv:n24kpaCvODWE6+0cjo5fHCkFYHbz/zSjj9wqbVpd/dg=,tag:9x8wboXQB/YrMUU6L8jXqQ==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/users/admin
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/machines/peer2
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:MMjnYNzHE7QSxrXY7aN8XSFkFwK/lpRhL4qV0vn6cwyn,iv:kB8m6ZhkNta6Y+gsYufvo45B+Q5lHuJBmYN3sk7ALKE=,tag:zbgynC6xhrFGcq+mE2pftA==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age18mp7v3ck9eg0vqy3y83z5hdhum9rc77ntwal42p30udejkzvky2qjluy4x",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4S2FEd2R1Z2hUU3BtSGdZ\nS2I3NjRrNHhGaW9SL3Q3bkJuMFNlM25ya0dNCmhpVmk0eUpWWkpkQWErRUJKdks2\nSzUvMnVQTVJVbC9WeWpkd3VHandrNW8KLS0tIFFWOUlIZFlkYi9NSjJpbXNNWE9I\nMEYxeGJEcGNLaHJOSmR2TytaWDBtaVEKhEfTi3ESLw6I2Uu3ejCGWHMv3LmRvjbg\nZ30CoUmktB7z5/RbdwwiFyV+ijuNq0RPxrlBX0VGEkd/+BrIY4BYxQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwSXpGRkIzU0hwaXBaYXdM\nNTdnZmJTSmVzbVVWZHNCd1VSNjQ4OGdzTkFzClh2Vnl1RWlLbnE0YnVsYjNvZ2hs\nOE04a1QxM0pZVUsvMkpPdlA0Tjdpb28KLS0tIEpMVmFsTVpFcVVvcDdRVk5xZFdS\nMXBTdkt4SlV5UnJTcG4wQU11YjZrS1UKcLyVL6PknecAOLEhjYYbZ38+e+g5jXFd\nJcu7fHEs5O464vgM58SKJQ5m77rGzwqRGh6MjqJTfAl8nPbvw0t2cg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:39Z",
|
||||
"mac": "ENC[AES256_GCM,data:957Dud8YuagJRf8I0pAe4Tpk+En4ac99TAjRVv5eYAQtyDR1iHUwu/NIc0I14wZj7bKP6UqbOntST3jl33xhM2NQGG/FskJppsbS355OirpVfNahqlhcy0Jy5p1L9TikY89SlFgO6kx2eYs67inbk3UXnyeVxAcEIq6qnmh0u60=,iv:rfLaPYlcnBLecIYTIqJbaI2DNERS1MfU1C+7xH51kwY=,tag:5lQ1Ouf40MyB/Q3B6EwMzg==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/users/admin
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/machines/peer2
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:65FnMTSkJxWZrik97mTIIZBH7Y+8bxTlV/wIA2jTV96oQebGWN6kI3lkR562e9ZVoiB5xyTQayU+NZhgIFEzyC5xAnXmLnKlZ2cvcjDJ51TlAujoHD5+R36tb6FrsBkuki3UI/v0xeWUhJSKpIoPL3/1Tq4l8EWVRR/JTf8fuC06HxwyiXJeMU3CkLpbt/txL2VGM9nNov+CbEZL+WJ99kCuRQ/QPAVglj0AulttXBPztNnUtPZBnBZzbFpxE4nRZ7ufjweVrRYgqYNj1CT0gdOJnyId9uu7vkHpZvGiwB3CaEeG3VyOGidfocmC1Yq/bQw26djx6npuiKoXPEgJmyaoi9DPuOvrvMwuYMpuueZCM7+54fbk7VTKusRtp0iOddSP1pevg1zM/w3NjRnnzgicahzxRf2EEGBRea9P4/znmPMHdbylXp1mnuqGpYZEteweOyFQFkjEmjIASI/ZI04JSgTGs37D3WrpD+Utjh/nVOtmeFHbeqbhk7vngDf++PW9nNM3xNhsALhd1w313agzUffQjRI96zXGj4SkUoPXkO9v9uPY+bZUxP4VncO4FbgxcEkO9YS57LiLp56YUzC/72Z30zsLrCnl2YZTXQ8nc7fvFVqfl61HmUC7xaEckQ0YXxH1yXQj+YTsk1qOVY/AyKjjq33j96de0i4AxYCEgZGU0pTkbT92MNezs7Atz066YIi1YC9YsMMMOXdtlz0FvQIN0WTzSqo1AtuyAUXo+otBX9IeMzX3hQ++E7CuHDMjR+I+jwwouAlrNCcn1Ean48cj6UkhNFHem/fysDL/2OYUZqeUfB7Qn8r0Ffewo55/87J0o2+8zlxdEOWPYiKOsT91G8Lq77OaadZCGFnNWlBrzqUkt+TuUa7UM9ok8uyZLX4R+f+hvIuvp+T+IAcz6r0R+1ndHai59r5gfgBeFxB5qnTPYTgujcdAiEeqfg7Dx0DPKEBiIj5awgsdd057oVf+eEY4Cu/mXuKb70TlbgEvelNmB5MRDlWTRm6ybrbnb7NfPmt5UYaTcPX6l/kP5ek95Q==,iv:uAE/AVleWSNp6kY/anvkJOeUqlfiuAgtHBgry6IqcJc=,tag:+J8jTvKqEULP8GW3IUqyTQ==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age18mp7v3ck9eg0vqy3y83z5hdhum9rc77ntwal42p30udejkzvky2qjluy4x",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqdmdzU3Y2V1MzaE51a2Fj\nbFBIUWF3eXJrTUhKVW1tYzFSeGpad1BwRDBvCk96Z1lIMDg0ZnMrNnJkUzA4VXJ1\nZEtzbGNJU3ZzVmFYMzRBNmo5TnEybUkKLS0tIHErQ2dYZlVuckdML3Job3dwM0hM\nVEVWek40Y0F0bStzd09XenhWaVFIYVkKToXp2wUPBe9LtuLMlBPfpQRq4WHLbnSt\nueOxJvflzQveUhdpuHi6IbtE9HyCwtn6joeOnBTNFxt12Dy/s247Aw==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3bGpQQ1N0cmRmcURGV3hq\nUGdHOWh0S1VIQkQ2aFFVNXVnZmpFc050S240Ck03Z1NXNDVISTRvNnhkVnFZdzg0\nVFlXZ1g4citlV21PZ2lEbmRhMFhJaUUKLS0tIDIyTXZNTWpIUFhSYXR4VXBUN284\nYTFqWkQza0V3M05lZDlBQzBtWWFlaTAKfJViXG1KULBXTmDC4PLSWRy9LAVchE47\n1rBtT+r/KlbnOTYYEo7zCMagkPhDdPD5WSegmtghUGkXRtqaTZcTBA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:39Z",
|
||||
"mac": "ENC[AES256_GCM,data:HsnTHpXkyqJMlpbKzHvBH7bxg+ssDwXzjA7JTdpioP74gD8u+oPTHJOlgYI4Qbvr04JbZiRy/cko3BTUXj8C6nCV5gyXhDG3O0rkAGd/v3108ff7WiOWbXpNJ5QhLBnG4Ny1/ITfzu7MQtNkvGFnoktyMtvqHkVeJf5IhOuT6Fo=,iv:T1IYJyi8eXGdVE/JQSvyoyU/Iw/RlpO4TQCx1naZXXI=,tag:Z3J/313RG337U9HdXidrCA==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/users/admin
|
||||
@@ -0,0 +1 @@
|
||||
5N6ZTHC-FZKLOY7-DJCORO3-BG3C4Q3-KD3PCMP-2DM7EHQ-2FS25FK-DCOTSAI
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/machines/peer2
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:rDPNgUOmTINCoQnTQMjEXXrkvIYT7Ju6tX56aUA3cjlRGSzGmJb3Vmec58RS2QHmuOPUykydPTuAHxKs+SNZoXbdzDn75gAjS+eGNXGB9H9TFS2+iLpaSC5XTnfSdyzuGVyPRNvceI/C8FIvEauEpJ9dbS2kkTFTD15u2iI6zTmm/Mtvy2C18BwwEtu+m1TWB90oVduX05rrdnxoMjtscBCKR8fz6CbqYrbnpag9AUGUk8Z+cIMYGlSjDRlyaLWkh33aV/TWx/QOzfAWCyCVLMnU500ch0c6l2fg8daKDJJas2jHxo8KnlBIP2b6SLrcEKtlOSaPicizlJ9UDilDqHQfbucEJTgkQ2eEwJWSmXhU3q3ttGm3mxhQgej5FeIW,iv:6P1hFhDmHs4IYeyxVA/lYu2OL0ciaZNPEmMdBudacds=,tag:9MjdSKKjUO3VlTh/QmAPtA==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age18mp7v3ck9eg0vqy3y83z5hdhum9rc77ntwal42p30udejkzvky2qjluy4x",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCUWYyQXVUMUMwaUt4S3RO\nYkNzd3FxU29qYk1wWVlrTUNPK0lKSTU2RFJrCmZaeGg5Nlg5azhaRSs5SzVDZlpV\nKzJuUmlSekYrdzdGQ3JDejNwUmZ3cWMKLS0tIFhGT29pUC9wNlpGaHBMSHROV0lP\nNXNjQytQVDlOQmI1UThUTm5Qd1BmNmsKlvG3ZENmjPUDHRUB2o4RTCueIdtXZjxU\nz3Xg/RWZjaDInneg0z/jXyhKoqLRk1J0h9f/36CHT7RtVHIjtz2KIQ==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MWovZlBoVk1HdUhhSXNy\nYXgxZVdIaDhqMTk0dFRCVFptaUE0ZmZ4ZHlBClpDNS85a2U0WE12TXVzOFhDcTRM\nWG1yU0dDaS9pUWVUT3pnWXNxRjlSVmcKLS0tIGxiTWVIREE4SlQ0Mm8xQW0ycnB2\na2Q4WGY2eDl0UGVTdXo1bWhMQjdNNzgKorezVfxaH/Kx3lpX57zF/0gAeCu2NzWX\nAm7RAFeHDJ+w0jIlZa2RM6mXOTKDzaF+h4j27GcLLbXsSRNhlFMqvg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-07-22T13:55:39Z",
|
||||
"mac": "ENC[AES256_GCM,data:w9GKY762/ikgNU0ypIOzlnXZqnW3tN1Fz+cVCsgPMQhZbf2OIb5zHgQAcZMHJII5+WqPxLE+PThhZ2hstuz0hvvqXF37KvuT5MblcGShCNOCTJiVwLVhhEUQl3c3C9iXKV+A/aG9psagjHAlhxsdv1UKqVPhQ0bgrl92EZZPdwo=,iv:3XuVGnMu2tOLvkjY8G78qk+mJWZShRsgWx7LwU3qaCI=,tag:+tQcEjZttN9cPxAOer4IoQ==,type:str]",
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.10.2"
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
../../../../../../sops/users/admin
|
||||
@@ -97,6 +97,7 @@ nav:
|
||||
- reference/clanServices/packages.md
|
||||
- reference/clanServices/sshd.md
|
||||
- reference/clanServices/state-version.md
|
||||
- reference/clanServices/syncthing.md
|
||||
- reference/clanServices/trusted-nix-caches.md
|
||||
- reference/clanServices/users.md
|
||||
- reference/clanServices/wifi.md
|
||||
@@ -135,7 +136,6 @@ nav:
|
||||
- reference/clanModules/static-hosts.md
|
||||
- reference/clanModules/sunshine.md
|
||||
- reference/clanModules/syncthing-static-peers.md
|
||||
- reference/clanModules/syncthing.md
|
||||
- reference/clanModules/thelounge.md
|
||||
- reference/clanModules/trusted-nix-caches.md
|
||||
- reference/clanModules/user-password.md
|
||||
|
||||
@@ -407,6 +407,14 @@ def setup_filesystems(container: ContainerInfo) -> None:
|
||||
Path("/etc/os-release").touch()
|
||||
Path("/etc/machine-id").write_text("a5ea3f98dedc0278b6f3cc8c37eeaeac")
|
||||
container.nix_store_dir.mkdir(parents=True)
|
||||
|
||||
# Recreate symlinks
|
||||
for file in Path("/nix/store").iterdir():
|
||||
if file.is_symlink():
|
||||
target = file.readlink()
|
||||
sym = container.nix_store_dir / file.name
|
||||
os.symlink(target, sym)
|
||||
|
||||
# Read /proc/mounts and replicate every bind mount
|
||||
with Path("/proc/self/mounts").open() as f:
|
||||
for line in f:
|
||||
|
||||
Reference in New Issue
Block a user