sercanto/mio-ops
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Activity

Compare commits

base: sercanto:consensus
Branches Tags
sercanto:consensus
sercanto:colmena
sercanto:flakify
sercanto:nixos-24.05
sercanto:nixos-23.11
sercanto:v2024.10.2
sercanto:v2024.10.1
sercanto:v2024.09.5
sercanto:v2024.09.4
sercanto:v2024.09.3
sercanto:v2024.09.2
sercanto:v2024.09.1
sercanto:v2024.08.3
sercanto:v2024.08.2
sercanto:v2024.08.1
sercanto:v2024.07.5
sercanto:v2024.07.4
sercanto:v2024.07.3
sercanto:v2024.07.2
sercanto:CVE-2024-6387
sercanto:v2024.07.1
sercanto:v2024.06.4
sercanto:v2024.06.3
sercanto:v2024.05.4
sercanto:v2024.05.3
sercanto:v2024.05.2
sercanto:v2024.04.2
sercanto:v2024.04.1
sercanto:v2024.03.4
sercanto:v2024.03.3
sercanto:v2024.03.1
sercanto:v2024.02.4
sercanto:v2024.01.3
sercanto:v2023.12.2
sercanto:v2023.11.4
sercanto:v2023.11.3
sercanto:v2023.11.2
sercanto:v2023.11.1
sercanto:v2023.10.4
sercanto:v2023.10.3
sercanto:v2023.10.2
sercanto:v2023.10.1
sercanto:v2023.09.4
sercanto:v2023.09.3
sercanto:v2023.09.2
sercanto:v2023.09.1
sercanto:v2023.08.4
sercanto:v2023.08.3
sercanto:v2023.08.2
sercanto:v2023.08.1
sercanto:v2023.07.4
sercanto:v2023.05.5
sercanto:v2023.05.4
sercanto:v2023.05.3
sercanto:v2023.05.1
sercanto:v2023.04.4
sercanto:v2023.04.3
sercanto:v2023.04.1
sercanto:v2023.03.4
sercanto:v2023.03.3
sercanto:v2023.03.2
sercanto:v2023.03.1
sercanto:v2023.02.3
sercanto:v2023.01.5
sercanto:v2023.01.4
sercanto:v2023.01.3
sercanto:v2023.01.2
sercanto:v2023.01.1
sercanto:v2022.12.1
sercanto:v2022.11.4
sercanto:v2022.11.3
sercanto:v2022.11.2
sercanto:v2022.11.1
sercanto:v2022.10.5
sercanto:v2022.10.4
sercanto:v2022.10.3
sercanto:v2022.10.2
sercanto:v2022.10.1
sercanto:v2022.09.4
sercanto:v2022.09.3
sercanto:v2022.09.2
sercanto:v2022.09.1
sercanto:v2022.08.4
sercanto:v2022.08.3
..
compare: sercanto:nixos-24.05
Branches Tags
sercanto:consensus
sercanto:colmena
sercanto:flakify
sercanto:nixos-24.05
sercanto:nixos-23.11
sercanto:v2024.10.2
sercanto:v2024.10.1
sercanto:v2024.09.5
sercanto:v2024.09.4
sercanto:v2024.09.3
sercanto:v2024.09.2
sercanto:v2024.09.1
sercanto:v2024.08.3
sercanto:v2024.08.2
sercanto:v2024.08.1
sercanto:v2024.07.5
sercanto:v2024.07.4
sercanto:v2024.07.3
sercanto:v2024.07.2
sercanto:CVE-2024-6387
sercanto:v2024.07.1
sercanto:v2024.06.4
sercanto:v2024.06.3
sercanto:v2024.05.4
sercanto:v2024.05.3
sercanto:v2024.05.2
sercanto:v2024.04.2
sercanto:v2024.04.1
sercanto:v2024.03.4
sercanto:v2024.03.3
sercanto:v2024.03.1
sercanto:v2024.02.4
sercanto:v2024.01.3
sercanto:v2023.12.2
sercanto:v2023.11.4
sercanto:v2023.11.3
sercanto:v2023.11.2
sercanto:v2023.11.1
sercanto:v2023.10.4
sercanto:v2023.10.3
sercanto:v2023.10.2
sercanto:v2023.10.1
sercanto:v2023.09.4
sercanto:v2023.09.3
sercanto:v2023.09.2
sercanto:v2023.09.1
sercanto:v2023.08.4
sercanto:v2023.08.3
sercanto:v2023.08.2
sercanto:v2023.08.1
sercanto:v2023.07.4
sercanto:v2023.05.5
sercanto:v2023.05.4
sercanto:v2023.05.3
sercanto:v2023.05.1
sercanto:v2023.04.4
sercanto:v2023.04.3
sercanto:v2023.04.1
sercanto:v2023.03.4
sercanto:v2023.03.3
sercanto:v2023.03.2
sercanto:v2023.03.1
sercanto:v2023.02.3
sercanto:v2023.01.5
sercanto:v2023.01.4
sercanto:v2023.01.3
sercanto:v2023.01.2
sercanto:v2023.01.1
sercanto:v2022.12.1
sercanto:v2022.11.4
sercanto:v2022.11.3
sercanto:v2022.11.2
sercanto:v2022.11.1
sercanto:v2022.10.5
sercanto:v2022.10.4
sercanto:v2022.10.3
sercanto:v2022.10.2
sercanto:v2022.10.1
sercanto:v2022.09.4
sercanto:v2022.09.3
sercanto:v2022.09.2
sercanto:v2022.09.1
sercanto:v2022.08.4
sercanto:v2022.08.3

No commits in common. "consensus" and "nixos-24.05" have entirely different histories.
consensus ... nixos-24.0

84 changed files with 567 additions and 9563 deletions
Show stats Expand all files Collapse all files

5
.envrc
View file

@ -1,5 +0,0 @@
use flake
watch_file flake.nix
# Allow ragenix to find it's configuration
export RULES=$(realpath ./secrets/secrets.nix)

3
.gitignore vendored
View file

@ -1,4 +1,7 @@
*.swp
.direnv
.envrc
Deployments/syncserver.nix
examples
result
secrets

23
default.nix Normal file
View file

@ -0,0 +1,23 @@
{
sources ? import ./nix/sources.nix,
system ? builtins.currentSystem,
crossSystem ? null,
config ? {},
alejandraUnstable ? (import sources.nixpkgsUnstable {}).alejandra,
cardanoNodeProject ? import sources.cardano-node {},
} @ args:
with import ./nix args; {
shell = mkShell {
inherit (import sources.niv {}) niv;
buildInputs = [
alejandraUnstable # The Uncompromising Nix Code Formatter
cardanoNodeProject.cardano-cli # required for KES key rotation
niv
nixops_unstable_minimal # work around for issue #127423
tea # Gitea official CLI client
treefmt # one CLI to format the code tree
];
NIX_PATH = "nixpkgs=${sources.nixpkgs}";
NIXOPS_DEPLOYMENT = "${globals.deploymentName}";
};
}

7161
flake.lock
View file

File diff suppressed because it is too large Load diff

24
flake.nix
View file

@ -1,24 +0,0 @@
{
description = "mio-ops deployment";
inputs = {
cardano-node.url = "github:input-output-hk/cardano-node/?ref=1.35.7";
colmena.url = github:zhaofengli/colmena/?ref=v0.4.0;
cosmicDesktop = {
url = github:lilyinstarlight/nixos-cosmic;
inputs.nixpkgs.follows = "nixpkgsUnstable";
};
daedalus.url = github:input-output-hk/daedalus/?ref=6.0.0;
iohkNix.url = github:input-output-hk/iohk-nix/?ref=df1da282f996ec46b33379407df99613a1fbafdd;
nix.url = github:NixOS/nix/?ref=2.24.6;
nixpkgs.url = github:NixOS/nixpkgs/?ref=nixos-24.05;
nixpkgsUnstable.url = github:NixOS/nixpkgs;
ragenix = {
url = github:yaxitech/ragenix;
inputs.nixpkgs.follows = "nixpkgs";
};
utils.url = "github:numtide/flake-utils";
};
outputs = {...} @ args: import ./outputs.nix args;
}

1
globals-defaults.nix Normal file
View file

@ -0,0 +1 @@
{}

11
globals.nix Normal file
View file

@ -0,0 +1,11 @@
self: super: {
globals =
import ./globals-defaults.nix
// rec {
deploymentName = "mio-ops";
domain = "mcwhirter.io";
environment = "${deploymentName}";
};
}

8
hosts/airgead/default.nix → hosts/airgead.nix
View file

@ -1,16 +1,18 @@
# NixOps configuration for airgead
{
config,
inputs,
pkgs,
lib,
...
}: {
imports = [
../../networks/linode.nix
../../profiles/cardano-node.nix
../networks/linode.nix
../profiles/cardano-node.nix
../secrets/airgead.nix
];
deployment.targetHost = "172.105.187.96";
networking.hostName = "airgead"; # Define your hostname.
system.stateVersion = "20.03"; # The version of NixOS originally installed

7
hosts/brighde/default.nix → hosts/brighde.nix
View file

@ -5,9 +5,9 @@
...
}: {
imports = [
../../hardware/lenovo_yoga7i.nix
../../profiles/desktopFiona.nix
../../profiles/desktop_common.nix
../hardware/lenovo_yoga7i.nix
../profiles/desktopFiona.nix
../profiles/desktop_common.nix
];
# Use the UEFI boot loader.
@ -16,6 +16,7 @@
efi.canTouchEfiVariables = true;
};
deployment.targetHost = "10.42.0.124";
networking.hostName = "brighde"; # A poetess, sage, woman of wisdom, healing
system.stateVersion = "22.05"; # The version of NixOS originally installed

2
hosts/ceilidh/default.nix → hosts/ceilidh.nix
View file

@ -5,7 +5,7 @@
lib,
...
}: {
imports = [../../hardware/raspberry_pi_4_model_B.nix];
imports = [../hardware/raspberry_pi_4_model_B.nix];
# Comment out deployment when building the SD Image.
deployment.targetHost = "10.42.0.108";

6
hosts/ceitidh/default.nix → hosts/ceitidh.nix
View file

@ -6,10 +6,12 @@
...
}: {
imports = [
../../networks/pi3B_rack.nix
#../../profiles/cyclone-ibis.nix
../networks/pi3B_rack.nix
../profiles/cyclone-ibis.nix
];
# Comment out deployment when building the SD Image.
deployment.targetHost = "10.42.0.203";
networking.hostName = "ceitidh"; # Define your hostname.
environment.systemPackages = with pkgs; [

36
hosts/cuallaidh/default.nix → hosts/cuallaidh.nix
View file

@ -6,21 +6,26 @@
...
}: {
imports = [
../../modules/tmate-ssh-server.nix
../../networks/linode.nix
../../profiles/coturn.nix
../../profiles/iog.nix
../../profiles/ipv6.nix
../../profiles/mastodon.nix
../../profiles/matrix.nix
../../profiles/mcwhirter.io.nix
#../../profiles/minecraftServer.nix
../../profiles/nextcloud.nix
../../profiles/nixpkgs-dev.nix
../../profiles/taskserver.nix
../../profiles/tt-rss.nix
../modules/tmate-ssh-server.nix
../networks/linode.nix
../profiles/coturn.nix
#../profiles/cryptpad.nix
#../profiles/hydra.nix
../profiles/iog.nix
../profiles/ipv6.nix
../profiles/mastodon.nix
../profiles/matrix.nix
../profiles/mcwhirter.io.nix
../profiles/minecraftServer.nix
../profiles/nextcloud.nix
../profiles/nixpkgs-dev.nix
../profiles/taskserver.nix
../profiles/tt-rss.nix
../secrets/tt-rss.nix
];
deployment.targetHost = "172.105.171.16";
networking.hostName = "cuallaidh"; # Define your hostname.
networking.interfaces.eth0.ipv6.addresses = [
{
@ -51,9 +56,8 @@
security.acme = {
acceptTerms = true;
defaults.email = "acme@mcwhirter.io";
certs = {"git.mcwhirter.io" = {};};
certs = {"source.mcwhirter.io" = {};};
certs = {"git.mcwhirter.io" = {email = "craige@mcwhirter.io";};};
certs = {"source.mcwhirter.io" = {email = "craige@mcwhirter.io";};};
};
system.stateVersion = "19.03"; # The version of NixOS originally installed

6
hosts/dhu/default.nix → hosts/dhu.nix
View file

@ -5,9 +5,9 @@
...
}: {
imports = [
../../hardware/eeepc701.nix # Include common configuration options
../../secrets/wireless.nix
../../profiles/sway.nix
../hardware/eeepc701.nix # Include common configuration options
../secrets/wireless.nix
../profiles/sway.nix
];
deployment.targetHost = "10.42.0.119";

8
hosts/dionach/default.nix → hosts/dionach.nix
View file

@ -5,11 +5,13 @@
...
}: {
imports = [
../../hardware/purism_librem_15.nix # Include results of the hardware scan.
../../profiles/desktop_common.nix
../../profiles/steam.nix
../hardware/purism_librem_15.nix # Include results of the hardware scan.
../profiles/desktop_common.nix
../profiles/steam.nix
];
deployment.targetHost = "10.42.0.190";
# Use the GRUB 2 boot loader.
boot = {
loader.grub = {

4
hosts/doilidh/default.nix → hosts/doilidh.nix
View file

@ -5,8 +5,10 @@
lib,
...
}: {
imports = [../../networks/pi3B_rack.nix];
imports = [../networks/pi3B_rack.nix];
# Comment out deployment when building the SD Image.
deployment.targetHost = "10.42.0.204";
networking.hostName = "doilidh"; # Define your hostname.
environment.systemPackages = with pkgs; [];

4
hosts/eamhair/default.nix → hosts/eamhair.nix
View file

@ -5,8 +5,10 @@
lib,
...
}: {
imports = [../../networks/pi3B_rack.nix];
imports = [../networks/pi3B_rack.nix];
# Comment out deployment when building the SD Image.
deployment.targetHost = "10.42.0.205";
networking.hostName = "eamhair"; # Define your hostname.
environment.systemPackages = with pkgs; [];

7
hosts/iolear-beag/default.nix → hosts/iolear-beag.nix
View file

@ -5,15 +5,16 @@
...
}: {
imports = [
../../hardware/lenovo_x201.nix
../../profiles/desktop_common.nix
../../profiles/wine.nix
../hardware/lenovo_x201.nix
../profiles/desktop_common.nix
../profiles/wine.nix
];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
deployment.targetHost = "10.42.0.127";
networking.hostName = "iolear-beag"; # Define your hostname.
system.stateVersion = "18.09"; # The version of NixOS originally installed

14
hosts/paidh-uachdar/default.nix → hosts/paidh-uachdar.nix
View file

@ -6,12 +6,14 @@
...
}: {
imports = [
../../hardware/raspberry_pi_3_model_B.nix
../../profiles/host_common.nix
../../profiles/openssh.nix
../../profiles/pi_common.nix
../../profiles/users-ops.nix # MIO Ops users
#../../secrets/wireless.nix # Hey look! A squirrel!
../hardware/raspberry_pi_3_model_B.nix
../profiles/host_common.nix
../profiles/openssh.nix
../profiles/pi_common.nix
#../profiles/xmonad.nix
../secrets/craige.nix # Ssshhhhh!
../secrets/root.nix # Ssshhhhh!
../secrets/wireless.nix # Hey look! A squirrel!
];
# Comment out deployment when building the SD Image.

38
hosts/sanganto/default.nix → hosts/sanganto.nix
View file

@ -5,22 +5,27 @@
...
}: {
imports = [
../../hardware/system76_thelioMira.nix # Include results of the hardware scan.
../../profiles/cron-craige.nix # Provide Craige's cron jobs
../../profiles/haskell-dev.nix # Haskell dev environment
../../profiles/host_common.nix # Common host configuration options
../../profiles/iog.nix # IOHK environment
../../profiles/keyboard.nix
../../profiles/neomutt.nix # Neomutt email
../../profiles/nix-community.nix # Nix community aarch64 tooling
../../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
../../profiles/openssh.nix # Enable and configure openssh
../../profiles/pipewire.nix # Enable and pipewire audio system
../../profiles/xmonad.nix # Xmonad desktop environment
../../profiles/yubikey.nix # Yubikey tooling
../../profiles/users-ops.nix # MIO Ops users
../hardware/system76_thelioMira.nix # Include results of the hardware scan.
../profiles/cron-craige.nix # Provide Craige's cron jobs
../profiles/desktopCraige.nix # Craige's desktop tools and apps
../profiles/haskell-dev.nix # Haskell dev environment
../profiles/host_common.nix # Common host configuration options
../profiles/iog.nix # IOHK environment
../profiles/keyboard.nix
../profiles/neomutt.nix # Neomutt email
../profiles/nix-community.nix # Nix community aarch64 tooling
../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
../profiles/openssh.nix # Enable and configure openssh
../profiles/pantheon.nix # Enable and configure the pantheon desktop
../profiles/pipewire.nix # Enable and pipewire audio system
../profiles/xmonad.nix # Xmonad desktop environment
../profiles/yubikey.nix # Yubikey tooling
../secrets/craige.nix # Ssshhhhh!
../secrets/root.nix # Ssshhhhh!
];
deployment.targetHost = "10.42.0.11";
nixpkgs = {
config = {
allowUnfree = true;
@ -28,7 +33,7 @@
"openssl-1.0.2u"
];
};
overlays = [(import ../../overlays/ncmpcpp.nix)];
overlays = [(import ../overlays/ncmpcpp.nix)];
};
boot = {
@ -47,13 +52,12 @@
fonts.packages = with pkgs; [
anonymousPro
cascadia-code # onospaced font that includes programming ligatures
dejavu_fonts # A typeface family based on the Bitstream Vera fonts
fira-code # Monospace font with programming ligaturess
font-awesome
hack-font # A typeface designed for source code
iosevka # Versatile typeface for code, from code
jetbrains-mono
nerdfonts # Iconic font aggregator, collection, & patcher
open-sans # Used in in my polybar configuration
xkcd-font # Font based handwriting in xkcd comics
];

46
hosts/sercanto/default.nix → hosts/sercanto.nix
View file

@ -5,24 +5,30 @@
...
}: {
imports = [
../../hardware/system76_lemurPro.nix # Include results of the hardware scan.
../../profiles/cron-craige.nix # Provide Craige's cron jobs
../../profiles/haskell-dev.nix # Haskell dev environment
../../profiles/host_common.nix # Common host configuration options
../../profiles/iog.nix # IOHK environment
../../profiles/keyboard.nix
../../profiles/neomutt.nix # Neomutt email
../../profiles/nix-community.nix # Nix community aarch64 tooling
../../profiles/nix-mio-ops.nix # mio-ops Nix tooling
../../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
../../profiles/openssh.nix # Enable and configure openssh
../../profiles/pipewire.nix # Enable and pipewire audio system
../../profiles/powerManagement.nix # Power management for laptops
../../profiles/xmonad.nix # Xmonad desktop environment
../../profiles/yubikey.nix # Yubikey tooling
../../profiles/users-ops.nix # MIO Ops users
../hardware/system76_lemurPro.nix # Include results of the hardware scan.
../profiles/cron-craige.nix # Provide Craige's cron jobs
../profiles/desktopCraige.nix # Craige's desktop tools and apps
../profiles/haskell-dev.nix # Haskell dev environment
../profiles/host_common.nix # Common host configuration options
../profiles/iog.nix # IOHK environment
../profiles/keyboard.nix
../profiles/neomutt.nix # Neomutt email
../profiles/nix-community.nix # Nix community aarch64 tooling
../profiles/nix-mio-ops.nix # mio-ops Nix tooling
../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
../profiles/openssh.nix # Enable and configure openssh
../profiles/pantheon.nix # Enable and configure the pantheon desktop
../profiles/pipewire.nix # Enable and pipewire audio system
../profiles/powerManagement.nix # Power management for laptops
../profiles/xmonad.nix # Xmonad desktop environment
../profiles/yubikey.nix # Yubikey tooling
../secrets/craige.nix # Ssshhhhh!
../secrets/root.nix # Ssshhhhh!
#../secrets/wireless.nix # Hey look! A squirrel!
];
deployment.targetHost = "10.42.0.180";
nixpkgs = {
config = {
allowUnfree = true;
@ -30,11 +36,14 @@
"openssl-1.0.2u"
];
};
overlays = [(import ../../overlays/ncmpcpp.nix)];
overlays = [(import ../overlays/ncmpcpp.nix)];
};
boot = {
loader.efi.canTouchEfiVariables = true;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
kernel.sysctl."net.ipv4.ip_forward" = "1";
extraModprobeConfig = "options kvm_intel nested=1";
};
@ -51,6 +60,7 @@
font-awesome
hack-font # A typeface designed for source code
jetbrains-mono
nerdfonts # Iconic font aggregator, collection, & patcher
open-sans # Used in in my polybar configuration
xkcd-font # Font based handwriting in xkcd comics
];

7
hosts/sithlainnir/default.nix → hosts/sithlainnir.nix
View file

@ -5,15 +5,16 @@
...
}: {
imports = [
../../hardware/lenovo_x201.nix
../../profiles/desktopFiona.nix
../../profiles/desktop_common.nix
../hardware/lenovo_x201.nix
../profiles/desktopFiona.nix
../profiles/desktop_common.nix
];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
deployment.targetHost = "10.42.0.114";
networking.hostName = "sithlainnir"; # Define your hostname.
system.stateVersion = "18.09"; # The version of NixOS originally installed

9
hosts/teintidh/default.nix → hosts/teintidh.nix
View file

@ -5,16 +5,17 @@
...
}: {
imports = [
../../hardware/lenovo_x201.nix
../../profiles/desktop_common.nix
../../profiles/haskell-dev.nix
../../profiles/kids-dev.nix
../hardware/lenovo_x201.nix
../profiles/desktop_common.nix
../profiles/haskell-dev.nix
../profiles/kids-dev.nix
];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
deployment.targetHost = "10.42.0.127";
networking.hostName = "teintidh"; # Define your hostname.
system.stateVersion = "18.09"; # The version of NixOS originally installed

28
modules/default.nix
View file

@ -1,28 +0,0 @@
{
self,
inputs,
nixpkgs,
ragenix,
...
}: let
nixosSystem = nixpkgs.lib.makeOverridable nixpkgs.lib.nixosSystem;
customModules = import ./module-list.nix;
baseModules = [
{
imports = [
({pkgs, ...}: {
nix.nixPath = [
"nixpkgs=${pkgs.path}"
];
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
documentation.info.enable = false;
})
];
}
];
defaultModules = baseModules ++ customModules;
in {
imports = defaultModules;
}

7
modules/module-list.nix
View file

@ -1,7 +0,0 @@
[
./profiles/cosmicDesktop
./profiles/starship
./profiles/toxvpn
./roles/desktop
./roles/desktopCraige
]

31
modules/profiles/cosmicDesktop/default.nix
View file

@ -1,31 +0,0 @@
# Cosmic is a software platform for designing beautiful user experiences
{
config,
inputs,
lib,
pkgs,
...
}:
with lib; let
cfg = config.profiles.cosmicDesktop;
cosmicDesktop = inputs.cosmicDesktop;
cosmic-tweaks = cosmicDesktop.packages."${pkgs.system}".cosmic-tweaks;
in {
options.profiles.cosmicDesktop = {
enable = mkEnableOption "to enable the Cosmic desktop.";
};
config = mkIf (cfg.enable) {
nix.settings = {
substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
};
environment.systemPackages = with pkgs; [
cosmic-tweaks
];
services = {
desktopManager.cosmic.enable = true;
displayManager.cosmic-greeter.enable = true;
power-profiles-daemon.enable = true;
};
};
}

134
modules/profiles/starship/catppuccin.toml
View file

@ -1,134 +0,0 @@
# Get editor completions based on the config schema
"$schema" = 'https://starship.rs/config-schema.json'
# Sets user-defined palette
# Palettes must be defined _after_ this line
palette = "catppuccin_mocha"
# Starship modules
[character]
# Note the use of Catppuccin color 'peach'
success_symbol = "[[󰄛](green) ](peach)"
error_symbol = "[[󰄛](red) ](peach)"
vimcmd_symbol = "[󰄛 ](subtext1)" # For use with zsh-vi-mode
[git_branch]
style = "bold mauve"
[directory]
truncation_length = 4
style = "bold lavender"
# Palette definitions
[palettes.catppuccin_latte]
rosewater = "#dc8a78"
flamingo = "#dd7878"
pink = "#ea76cb"
mauve = "#8839ef"
red = "#d20f39"
maroon = "#e64553"
peach = "#fe640b"
yellow = "#df8e1d"
green = "#40a02b"
teal = "#179299"
sky = "#04a5e5"
sapphire = "#209fb5"
blue = "#1e66f5"
lavender = "#7287fd"
text = "#4c4f69"
subtext1 = "#5c5f77"
subtext0 = "#6c6f85"
overlay2 = "#7c7f93"
overlay1 = "#8c8fa1"
overlay0 = "#9ca0b0"
surface2 = "#acb0be"
surface1 = "#bcc0cc"
surface0 = "#ccd0da"
base = "#eff1f5"
mantle = "#e6e9ef"
crust = "#dce0e8"
[palettes.catppuccin_frappe]
rosewater = "#f2d5cf"
flamingo = "#eebebe"
pink = "#f4b8e4"
mauve = "#ca9ee6"
red = "#e78284"
maroon = "#ea999c"
peach = "#ef9f76"
yellow = "#e5c890"
green = "#a6d189"
teal = "#81c8be"
sky = "#99d1db"
sapphire = "#85c1dc"
blue = "#8caaee"
lavender = "#babbf1"
text = "#c6d0f5"
subtext1 = "#b5bfe2"
subtext0 = "#a5adce"
overlay2 = "#949cbb"
overlay1 = "#838ba7"
overlay0 = "#737994"
surface2 = "#626880"
surface1 = "#51576d"
surface0 = "#414559"
base = "#303446"
mantle = "#292c3c"
crust = "#232634"
[palettes.catppuccin_macchiato]
rosewater = "#f4dbd6"
flamingo = "#f0c6c6"
pink = "#f5bde6"
mauve = "#c6a0f6"
red = "#ed8796"
maroon = "#ee99a0"
peach = "#f5a97f"
yellow = "#eed49f"
green = "#a6da95"
teal = "#8bd5ca"
sky = "#91d7e3"
sapphire = "#7dc4e4"
blue = "#8aadf4"
lavender = "#b7bdf8"
text = "#cad3f5"
subtext1 = "#b8c0e0"
subtext0 = "#a5adcb"
overlay2 = "#939ab7"
overlay1 = "#8087a2"
overlay0 = "#6e738d"
surface2 = "#5b6078"
surface1 = "#494d64"
surface0 = "#363a4f"
base = "#24273a"
mantle = "#1e2030"
crust = "#181926"
[palettes.catppuccin_mocha]
rosewater = "#f5e0dc"
flamingo = "#f2cdcd"
pink = "#f5c2e7"
mauve = "#cba6f7"
red = "#f38ba8"
maroon = "#eba0ac"
peach = "#fab387"
yellow = "#f9e2af"
green = "#a6e3a1"
teal = "#94e2d5"
sky = "#89dceb"
sapphire = "#74c7ec"
blue = "#89b4fa"
lavender = "#b4befe"
text = "#cdd6f4"
subtext1 = "#bac2de"
subtext0 = "#a6adc8"
overlay2 = "#9399b2"
overlay1 = "#7f849c"
overlay0 = "#6c7086"
surface2 = "#585b70"
surface1 = "#45475a"
surface0 = "#313244"
base = "#1e1e2e"
mantle = "#181825"
crust = "#11111b"

129
modules/profiles/starship/chrisTitusTech.toml
View file

@ -1,129 +0,0 @@
format = """
[](#3B4252)\
$python\
$username\
[](bg:#434C5E fg:#3B4252)\
$directory\
[](fg:#434C5E bg:#4C566A)\
$git_branch\
$git_status\
[](fg:#4C566A bg:#86BBD8)\
$c\
$elixir\
$elm\
$golang\
$haskell\
$java\
$julia\
$nodejs\
$nim\
$rust\
[](fg:#86BBD8 bg:#06969A)\
$docker_context\
[](fg:#06969A bg:#33658A)\
$time\
[ ](fg:#33658A)\
"""
command_timeout = 5000
# Disable the blank line at the start of the prompt
# add_newline = false
# You can also replace your username with a neat symbol like  to save some space
[username]
show_always = true
style_user = "bg:#3B4252"
style_root = "bg:#3B4252"
format = '[$user ]($style)'
[directory]
style = "bg:#434C5E"
format = "[ $path ]($style)"
truncation_length = 3
truncation_symbol = "…/"
# Here is how you can shorten some long paths by text replacement
# similar to mapped_locations in Oh My Posh:
[directory.substitutions]
"Documents" = "󰈙 "
"Downloads" = " "
"Music" = " "
"Pictures" = " "
# Keep in mind that the order matters. For example:
# "Important Documents" = "  "
# will not be replaced, because "Documents" was already substituted before.
# So either put "Important Documents" before "Documents" or use the substituted version:
# "Important  " = "  "
[c]
symbol = " "
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[docker_context]
symbol = " "
style = "bg:#06969A"
format = '[ $symbol $context ]($style) $path'
[elixir]
symbol = " "
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[elm]
symbol = " "
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[git_branch]
symbol = ""
style = "bg:#4C566A"
format = '[ $symbol $branch ]($style)'
[git_status]
style = "bg:#4C566A"
format = '[$all_status$ahead_behind ]($style)'
[golang]
symbol = " "
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[haskell]
symbol = " "
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[java]
symbol = " "
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[julia]
symbol = " "
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[nodejs]
symbol = ""
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[nim]
symbol = " "
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[python]
style = "bg:#3B4252"
format = '[(\($virtualenv\) )]($style)'
[rust]
symbol = ""
style = "bg:#86BBD8"
format = '[ $symbol ($version) ]($style)'
[time]
disabled = false
time_format = "%R" # Hour:Minute Format
style = "bg:#33658A"
format = '[ $time ]($style)'

42
modules/profiles/starship/craige.toml
View file

@ -1,42 +0,0 @@
# Use the color palette
palette = "dracula"
[aws]
style = "bold orange"
[character]
error_symbol = "[λ:](bold red)"
success_symbol = "[λ:](bold green)"
[cmd_duration]
style = "bold yellow"
[directory]
style = "bold green"
[git_branch]
style = "bold pink"
[git_status]
style = "bold red"
[hostname]
style = "bold purple"
[username]
format = "[$user]($style) on "
style_user = "bold cyan"
# Define Dracula color palette
[palettes.dracula]
background = "#282a36"
current_line = "#44475a"
foreground = "#f8f8f2"
comment = "#6272a4"
cyan = "#8be9fd"
green = "#50fa7b"
orange = "#ffb86c"
pink = "#ff79c6"
purple = "#bd93f9"
red = "#ff5555"
yellow = "#f1fa8c"

124
modules/profiles/starship/deepOceanic.toml
View file

@ -1,124 +0,0 @@
# Get editor completions based on the config schema
"$schema" = 'https://starship.rs/config-schema.json'
format = """
[](fg:#003b46 bg:#004f5e)\
[](fg:#004f5e bg:#006374)\
[](fg:#006374 bg:#007a8a)\
[](fg:#007a8a bg:#0093a3)\
[](fg:#0093a3 bg:#003b46)\
[](fg:#003b46 bg:#e6454b)\
$username\
[](fg:#e6454b bg:#ff6a4b)\
$battery\
[](fg:#ff6a4b bg:#ffcc66)\
$directory\
[](fg:#ffcc66 bg:#85b57a)\
$git_branch\
$git_status\
[](fg:#85b57a bg:#4da6a6)\
$cmd_duration\
[](fg:#4da6a6 bg:#3a82e6)\
[](fg:#3a82e6 bg:#8c4de6)\
[](fg:#8c4de6)\
$fill\
[---](fg:#ffcc66)
$character\
"""
right_format = """
[󰇥](bold fg:#ffcc66 )
"""
# scheme: "Deep Oceanic Next"
# author: "spearkkk (https://github.com/spearkkk/deep-oceanic-next)"
# base00: "003b46" # background
# base01: "004f5e" # black
# base02: "006374" # bright black
# base03: "007a8a" # grey
# base04: "0093a3" # light grey
# base05: "dce3e8" # foreground
# base06: "e6ebf0" # white
# base07: "f0f5f5" # bright white
# base08: "e6454b" # red
# base09: "ff6a4b" # orange
# base0A: "ffcc66" # yellow
# base0B: "85b57a" # green
# base0C: "4da6a6" # cyan/aqua
# base0D: "3a82e6" # blue
# base0E: "8c4de6" # magenta/purple
# base0F: "e673a3" # pink
# base10: "001114" # darker black
# base11: "000a0d" # darkest black
# base12: "ff5a61" # bright red
# base13: "ffdd80" # bright yellow
# base14: "99d8a0" # bright green
# base15: "66cccc" # bright cyan
# base16: "4da6ff" # bright blue
# base17: "a366ff" # bright purple
palette = "deep_oceanic_next"
[palettes.deep_oceanic_next]
black = "#003b46"
red = "#e6454b"
green = "#85b57a"
blue = "#3a82e6"
yellow = "#ffcc66"
purple = "#8c4de6"
cyan = "#4da6a6"
white = "#dce3e8"
bright-black = "#004f5e"
bright-red = "#ff9999"
bright-green = "#c7e6c7"
bright-blue = "#99ccff"
bright-yellow = "#ffb380"
bright-purple = "#d4a1ff"
bright-cyan = "#99e6e6"
bright-white = "#e6ebf0"
[os]
disabled = true
[username]
show_always = true
style_user = "bg:#f99157 bold fg:#003b46"
style_root = "bg:#f99157 bold fg:#003b46"
format = "[ 󰀄 $user ](bold fg:#003b46 bg:#e6454b)"
# Battery configuration
[battery]
format = "[ $symbol$percentage ](bold fg:#003b46 bg:#ff6a4b)"
[[battery.display]]
threshold = 100
[directory]
truncation_symbol = "…/"
truncation_length = 6
format = "[ $path ](bold fg:#003b46 bg:#ffcc66)"
[git_branch]
symbol = ""
format = "[ $symbol $branch ](bold fg:#003b46 bg:#85b57a)"
[git_status]
format = "[$all_status$ahead_behind ](bold fg:#003b46 bg:#85b57a)"
[package]
disabled = true
[time]
disabled = false
time_format = "%r"
style = "bg:#003b46 fg:white"
format = "[ $time ](bold fg:#003b46 bg:#b26cff)"
[cmd_duration]
format = "[ $duration ](bold fg:#003b46 bg:#4da6a6)"
[fill]
symbol = " "
[character]
error_symbol = "[✗](bold red)"

21
modules/profiles/starship/default.nix
View file

@ -1,21 +0,0 @@
# A minimal, blazing fast, and extremely customizable prompt for any shell
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.profiles.starship;
in {
options.profiles.starship = {
enable = mkEnableOption "to enable the starship prompt.";
};
config = mkIf (cfg.enable) {
programs.starship = {
enable = true;
presets = ["nerd-font-symbols"];
settings = pkgs.lib.importTOML ./craige.toml;
};
};
}

137
modules/profiles/starship/deverebor.toml
View file

@ -1,137 +0,0 @@
# code ~/.config/starship.toml
format = """
[ ](bg:#303030 fg:#c7c7c7)\
$username\
[](bg:#303030 fg:#707070)\
$directory\
$git_branch\
$git_status\
[](#303030)\
\n$character
"""
# Disable the blank line at the start of the prompt
add_newline = false
# You can also replace your username with a neat symbol like  or disable this
# and use the os module below
[username]
show_always = true
style_user = "fg:#b69676 bg:#303030"
style_root = "fg:white bg:#303030"
format = '[$user]($style)'
disabled = false
[status]
style = 'bg:#303030'
symbol = '[✘ ](fg:red bg:#303030)'
success_symbol = '[✔ ](fg:green bg:#303030)'
format = '[[$signal_name ](fg:red bg:#303030)$symbol]($style)'
map_symbol = false
disabled = false
[character]
success_symbol = '[](bold green)'
error_symbol = '[✘](fg:red)'
[cmd_duration]
min_time = 1
style = 'bg:#303030 fg:#909090'
format = '[ took [$duration](bold fg:#909090 bg:#303030)  ]($style)'
[hostname]
ssh_only = false
style = 'fg:white bg:#303030'
format = '[@$hostname ]($style)'
disabled = false
# An alternative to the username module which displays a symbol that
# represents the current operating system
[os]
style = "bg:#303030"
disabled = true # Disabled by default
[directory]
style = "fg:white bg:#303030"
format = "[  $path ]($style)"
truncation_length = 9
truncation_symbol = "~/…/"
truncate_to_repo = true
home_symbol = '~'
# Here is how you can shorten some long paths by text replacement
# similar to mapped_locations in Oh My Posh:
[directory.substitutions]
#"~/" = "~./"
"~" = " ~"
[fill]
symbol = ' '
#symbol = '・'
[c]
symbol = ""
style = "bg:#303030"
format = '[ $symbol ]($style)'
[docker_context]
symbol = " "
style = "bg:#303030"
format = '[ $symbol $context ]($style) $path'
[git_branch]
style = "fg:white bg:#303030"
format = '[](fg:#707070 bg:#303030)[  ](fg:#D6D5CB bg:#303030)[](fg:#FFC0CB bg:#303030)[ $branch ](bold $style)'
truncation_length = 15
[git_status]
style = "fg:#0a96d6 bg:#303030"
conflicted = "~"
up_to_date = " "
untracked = "?"
ahead = "⇡${count}"
diverged = "⇕⇡${ahead_count}⇣${behind_count}"
behind = "⇣${count}"
stashed = "*"
modified = " "
staged = '[++\($count\)](fg:#56b60a bg:#303030)'
renamed = " "
deleted = " "
format = '[$all_status$ahead_behind ]($style)'
[golang]
symbol = "go"
style = "fg:#FFFFFF bg:#303030"
format = '[ $symbol ](bold $style)'
[java]
symbol = ""
style = "fg:#0a96d6 bg:#303030"
format = '[ $symbol ]($style)'
[nodejs]
symbol = ""
style = "fg:#0a96d6 bg:#303030"
format = '[ $symbol ]($style)'
[python]
# Display the version of python from inside a local venv.
#
# Note this will only work when the venv is inside the project and it will only
# work in the directory that contains the venv dir but maybe this is ok?
symbol = ' '
style = "fg:#0a96d6 bg:#303030"
format = '[ $symbol ]($style)'
[rust]
symbol = ""
style = "fg:#0a96d6 bg:#303030"
format = '[ $symbol ]($style)'
[time]
disabled = false
time_format = "%R" # Hour:Minute Format
style = "bg:#303030 fg:#567676"
format = '[$time ]($style)'

42
modules/profiles/starship/dracula.toml
View file

@ -1,42 +0,0 @@
# Use the color palette
palette = "dracula"
[aws]
style = "bold orange"
[character]
error_symbol = "[λ](bold red)"
success_symbol = "[λ](bold green)"
[cmd_duration]
style = "bold yellow"
[directory]
style = "bold green"
[git_branch]
style = "bold pink"
[git_status]
style = "bold red"
[hostname]
style = "bold purple"
[username]
format = "[$user]($style) on "
style_user = "bold cyan"
# Define Dracula color palette
[palettes.dracula]
background = "#282a36"
current_line = "#44475a"
foreground = "#f8f8f2"
comment = "#6272a4"
cyan = "#8be9fd"
green = "#50fa7b"
orange = "#ffb86c"
pink = "#ff79c6"
purple = "#bd93f9"
red = "#ff5555"
yellow = "#f1fa8c"

212
modules/profiles/starship/jaredmontoya.toml
View file

@ -1,212 +0,0 @@
format = """
$os\
[\uE0B0](fg:bar_one bg:bar_two)\
$custom$directory\
[\uE0B0](fg:bar_two bg:bar_three)\
$git_branch\
$git_status\
[\uE0B0](fg:bar_three bg:bar_four)\
$c\
$dart\
$elixir\
$elm\
$golang\
$haskell\
$java\
$julia\
$lua\
$nodejs\
$nim\
$php\
$python\
$rlang\
$ruby\
$rust\
$scala\
[\uE0B0](fg:bar_four)\
"""
right_format = """
[\uE0B2](fg:bar_three)\
$time\
"""
palette = 'theme'
# Defines the colour palette for the theme
[palettes.theme]
bar_one = '#C0CAF5'
bar_two = '#6992D7'
bar_three = '#394260'
bar_four = '#212736'
bar_five = '#1D2230'
text_one = '#090C0C'
text_two = '#EEEEEE'
text_three = '#A3AED2'
[os]
style = 'bg:bar_one fg:text_one'
format = '[ $symbol ]($style)'
disabled = false
[os.symbols]
Alpine = ''
Amazon = ''
Android = ''
Arch = ''
CentOS = ''
Debian = ''
DragonFly = ''
Emscripten = ''
EndeavourOS = ''
Fedora = ''
FreeBSD = ''
Garuda = '󰛓'
Gentoo = ''
HardenedBSD = '󰞌'
Illumos = '󰈸'
Linux = ''
Macos = ''
Manjaro = ''
Mariner = ''
MidnightBSD = ''
Mint = ''
NetBSD = ''
NixOS = ''
OpenBSD = '󰈺'
SUSE = ''
OracleLinux = '󰌷'
Pop = ''
Raspbian = ''
Redhat = ''
RedHatEnterprise = ''
Redox = '󰀘'
Solus = '󰠳'
openSUSE = ''
Ubuntu = ''
Unknown = ''
Windows = '󰍲'
[directory]
truncation_length = 0
truncation_symbol = '.../'
truncate_to_repo = false
fish_style_pwd_dir_length = 1
style = 'bold fg:text_two bg:bar_two'
format = '[ $path ]($style)'
[custom.home]
when = ' test "$HOME" = "$PWD" '
style = 'bold fg:text_two bg:bar_two'
symbol = ' '
[custom.folder]
when = ' test "$HOME" != "$PWD" '
style = 'bold fg:text_two bg:bar_two'
symbol = ' '
[directory.substitutions]
'Documents' = ' '
'Downloads' = ' '
'Music' = ' '
'Pictures' = ' '
[git_branch]
symbol = ' '
style = 'fg:text_three bg:bar_three'
format = '[ $symbol $branch ]($style)'
[git_status]
style = 'fg:text_three bg:bar_three'
format = '[$all_status$ahead_behind ]($style)'
[c]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[dart]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[elixir]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[elm]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[golang]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[haskell]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[java]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[julia]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[lua]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[nodejs]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[nim]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[php]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[python]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) (\($virtualenv\) )]($style)'
[rlang]
symbol = 'ﳒ '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[ruby]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[rust]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[scala]
symbol = ' '
style = 'fg:text_three bg:bar_four'
format = '[ $symbol ($version) ]($style)'
[time]
disabled = false
time_format = '%R' # Hour:Minute Format
style = 'fg:text_three bg:bar_three'
format = '[  $time ]($style)'

41
modules/profiles/starship/minimalTokyoNight.toml
View file

@ -1,41 +0,0 @@
format = """
$directory\
[](fg:#769ff0 bg:#394260)\
$git_branch\
$git_status\
[](fg:#394260)\
"""
right_format = """
[](fg:#292E42)\
$character\
[](fg:#1d2230 bg:#292E42)\
$time
"""
add_newline = false
[character]
format = "$symbol"
success_symbol = "[✔ ](fg:#c3e88d bg:#292E42)"
error_symbol = "[✘ ](fg:#c53b53 bg:#292E42)"
[directory]
truncation_length = 6
style = "fg:#1a1b26 bg:#769ff0"
format = "[ $path ]($style)"
[git_branch]
symbol = ""
style = "bg:#394260"
format = '[[ $symbol $branch ](fg:#769ff0 bg:#394260)]($style)'
[git_status]
style = "bg:#394260"
format = '[[($all_status$ahead_behind )](fg:#769ff0 bg:#394260)]($style)'
[time]
disabled = false
time_format = "%R" # Hour:Minute Format
style = "bg:#1d2230"
format = '[[  $time ](fg:#a0a9cb bg:#1d2230)]($style)'

35
modules/profiles/starship/rishavnandi.toml
View file

@ -1,35 +0,0 @@
# ~/.config/starship.toml
# Inserts a blank line between shell prompts
add_newline = true
# Change the default prompt format
format = """\
[](238)$env_var\
$all[](238)$character"""
# Change the default prompt characters
[character]
success_symbol = "[](238)"
error_symbol = "[](238)"
# Shows the username
[username]
style_user = "white bold"
style_root = "black bold"
format = "者 [$user]($style) "
disabled = false # disable in powershell
show_always = true
[hostname]
ssh_only = false
format = "on [$hostname](bold yellow) "
disabled = false
[directory]
truncation_length = 3
truncation_symbol = "…/"
home_symbol = " ~"
read_only_style = "197"
read_only = "  "
format = "at [$path]($style)[$read_only]($read_only_style) "

23
modules/profiles/toxvpn/default.nix
View file

@ -1,23 +0,0 @@
# VPN configuration for MIO.
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.profiles.toxvpn;
in {
options.profiles.toxvpn = {
enable = mkEnableOption "to enable toxvpn.";
};
config = mkIf (cfg.enable) {
services.toxvpn = {
enable = true;
auto_add_peers = [
"4b921c107cd25b9bc62dfa4a040a9409f51d3aa001d4f12e15f01b4eba9e2f7f8ecc3b68cd13" # sanganto
"a18dfff426f5a752eb1bdc90ea307850982c1dff1444caf72b75f73483e358213b60281235a4" # eamhair
];
};
};
}

118
modules/roles/desktop/default.nix
View file

@ -1,118 +0,0 @@
# Desktop role
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.roles.desktop;
in {
options.roles.desktop = {
enable = mkEnableOption "to enable the desktop role.";
};
config = mkIf (cfg.enable) {
boot.loader.systemd-boot = {
enable = true;
configurationLimit = 5;
};
environment.systemPackages = with pkgs; [
brave # Privacy-oriented browser
chromium
cosmic-tweaks
element-desktop # A feature-rich client for Matrix.org
evince # document viewer
firefox # A web browser built from Firefox source tree
gnome.gnome-tweaks # A tool to customize advanced GNOME 3 options
krita # A free and open source painting application
libreoffice-fresh # Comprehensive, professional-quality productivity suite
librewolf # Firefox fork, focused on privacy, security and freedom
mplayer # A movie player that supports many video formats
nextcloud-client # Nextcloud desktop client
pavucontrol # PulseAudio Volume Control
pwgen # Password generator
rsync
shotwell # Photo organizer
signal-desktop # Private, simple, and secure messenger
usbutils # Tools for working with USB devices, such as lsusb
xorg.libxcb # X C binding
];
fonts.packages = with pkgs; [
nerdfonts # Iconic font aggregator, collection, & patcher
];
networking = {
networkmanager.enable = true; # Enables network support via NetworkManager.
firewall.enable = true;
};
nix.settings = {
substituters = ["https://cosmic.cachix.org/"];
trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
};
services = {
acpid.enable = true; # A daemon for delivering ACPI events to userspace programs
blueman.enable = true; # GTK-based Bluetooth Manager
devmon.enable = true; # Enable external device automounting.`
displayManager = {
defaultSession = "cosmic"; # Set GNOME as the default session
};
libinput = {
enable = true; # Enable touchpad support.
touchpad = {
tapping = true;
tappingButtonMap = "lrm"; # Set the touchpad button mappeing
};
};
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
};
udev.packages = [
pkgs.android-udev-rules # Android udev rules list
];
udisks2.enable = true; # Enable udisks2
};
sound.enable = true; # Enable sound.
security.rtkit.enable = true; # realtime scheduling for sound
# Configure common hardware settings
hardware = {
pulseaudio = {
enable = false;
};
bluetooth = {
enable = true; # Enable bluetooth
settings = {
General = {
Enable = "Source,Sink,Media,Socket";
NoPlugin = "sap";
};
Policy = {AutoEnable = "true";};
};
};
opengl.enable = true;
};
# Configure libreWolf and Chromium
nixpkgs.config = {allowUnfree = true;};
profiles.cosmicDesktop.enable = true;
programs = {
chromium = {
enable = true;
homepageLocation = "https://start.duckduckgo.com/";
};
};
# Groups to add
users.groups = {
audio.members = ["craige" "fiona" "hamish" "logan" "xander"];
libvirtd.members = ["craige" "fiona" "hamish" "logan" "xander"];
networkmanager.members = ["craige" "fiona" "hamish" "logan" "xander"];
};
};
}

39
modules/roles/desktopCraige/default.nix
View file

@ -1,39 +0,0 @@
# Craige's addiotnal desktop requirements
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.roles.desktopCraige;
in {
options.roles.desktopCraige = {
enable = mkEnableOption "to enable Craige's desktop role.";
};
config = mkIf (cfg.enable) {
environment.systemPackages = with pkgs; [
ffmpeg-full # record, convert and stream audio and video
gimp # The GNU Image Manipulation Program
kdePackages.kasts # Kirigami-based podcast player
mpd # A flexible, powerful daemon for playing music
ncmpcpp # A featureful ncurses based MPD client inspired by ncmpc
nvme-cli # NVM-Express user space tooling for Linux
pandoc # Conversion between documentation formats
pavucontrol # PulseAudio Volume Control
siji # An iconic bitmap font based on Stlarch with additional glyphs
shared-mime-info # A database of common MIME types
shotwell # Photo organizer
sshfs # allows remote filesystems to be mounted over SSH
taskwarrior # Highly flexible command-line tool to manage TODO lists
termonad # Terminal emulator configurable in Haskell
texliveFull # TeX Live environment
tmate # Instant Terminal Sharing
tor-browser-bundle-bin # Tor Browser Bundle built by torproject.org
tuba # Fediverse client
unzip # An extraction utility for archives compressed in .zip format
vcsh # Version Control System for $HOME
yt-dlp # Command-line tool to download videos
];
};
}

107
nix/sources.json Normal file
View file

@ -0,0 +1,107 @@
{
"cardano-node": {
"branch": "refs/tags/1.35.7",
"description": "The core component that is used to participate in a Cardano decentralised blockchain.",
"homepage": "https://cardano.org",
"owner": "input-output-hk",
"repo": "cardano-node",
"rev": "f0b4ac897dcbefba9fa0d247b204a24543cf55f6",
"sha256": "0s2jkj4mwl03hxg4ff9kyw41s32xbf31rnhag2m1qrglgsh8wzw9",
"type": "tarball",
"url": "https://github.com/input-output-hk/cardano-node/archive/f0b4ac897dcbefba9fa0d247b204a24543cf55f6.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"daedalus": {
"branch": "release/5.2.0",
"description": "The open source cryptocurrency wallet for ada, built to grow with the community",
"homepage": "https://daedaluswallet.io/",
"owner": "input-output-hk",
"repo": "daedalus",
"rev": "2990f5a44189097b3de2e7e7a19caa8062a8ae7b",
"sha256": "1w2w7qfashbqimcywzvhh0z5jrlfaja04sgi6p5hp08adwad6r92",
"type": "tarball",
"url": "https://github.com/input-output-hk/daedalus/archive/2990f5a44189097b3de2e7e7a19caa8062a8ae7b.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"iohk-nix": {
"branch": "master",
"description": "nix scripts shared across projects",
"homepage": null,
"owner": "input-output-hk",
"repo": "iohk-nix",
"rev": "df1da282f996ec46b33379407df99613a1fbafdd",
"sha256": "0vpcyrswxkynn2q37qsrhvf62whk2ijpcwqnamxcchcq6lwfpn0l",
"type": "tarball",
"url": "https://github.com/input-output-hk/iohk-nix/archive/df1da282f996ec46b33379407df99613a1fbafdd.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"mcwhirter-io": {
"branch": "nixos-23.11",
"rev": "2ca0244e2ff130ca851bb2487b03b606b701286a",
"sha256": "1alh4z2qpnh1wv3mclnmh8f3cqnks4h6hcrq1kwl5xz4xs2pc1ss",
"type": "tarball",
"url": "https://reciproka.dev/sercanto/mcwhirter.io/archive/2ca0244e2ff130ca851bb2487b03b606b701286a.tar.gz",
"url_template": "https://reciproka.dev/sercanto/mcwhirter.io/archive/<rev>.tar.gz"
},
"niv": {
"branch": "master",
"description": "Easy dependency management for Nix projects",
"homepage": "https://github.com/nmattia/niv",
"owner": "nmattia",
"repo": "niv",
"rev": "82e5cd1ad3c387863f0545d7591512e76ab0fc41",
"sha256": "090l219mzc0gi33i3psgph6s2pwsc8qy4lyrqjdj4qzkvmaj65a7",
"type": "tarball",
"url": "https://github.com/nmattia/niv/archive/82e5cd1ad3c387863f0545d7591512e76ab0fc41.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixos-23.05": {
"branch": "nixos-23.05",
"description": "Nix Packages collection & NixOS",
"homepage": "",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
"sha256": "05cbl1k193c9la9xhlz4y6y8ijpb2mkaqrab30zij6z4kqgclsrd",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/70bdadeb94ffc8806c0570eb5c2695ad29f0e421.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixos2111": {
"branch": "nixos-21.11",
"description": "Nix Packages collection",
"homepage": "",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "63198c9ccefdbd337cef0d85db0ea2689f4ce418",
"sha256": "05gc6xyv8a2dppngm1q44j85j769lr90lg20s6jv62gfg344i50r",
"type": "tarball",
"url": "https://github.com/nixos/nixpkgs/archive/63198c9ccefdbd337cef0d85db0ea2689f4ce418.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixpkgs": {
"branch": "nixos-24.05",
"builtin": false,
"description": "A read-only mirror of NixOS/nixpkgs tracking the released channels. Send issues and PRs to",
"homepage": "https://github.com/NixOS/nixpkgs",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "805a384895c696f802a9bf5bf4720f37385df547",
"sha256": "1q7y5ygr805l5axcjhn0rn3wj8zrwbrr0c6a8xd981zh8iccmx0p",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/805a384895c696f802a9bf5bf4720f37385df547.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixpkgsUnstable": {
"branch": "nixos-unstable",
"description": "Nix Packages collection",
"homepage": "",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ad57eef4ef0659193044870c731987a6df5cf56b",
"sha256": "1fz2yjr8as12g9qhixwc8vzd294v3q5jzmrk5dwp8w44qz3clc2b",
"type": "tarball",
"url": "https://github.com/nixos/nixpkgs/archive/ad57eef4ef0659193044870c731987a6df5cf56b.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}

141
nix/sources.nix Normal file
View file

@ -0,0 +1,141 @@
# This file has been generated by Niv.
let
#
# The fetchers. fetch_<type> fetches specs of type <type>.
#
fetch_file = pkgs: spec:
if spec.builtin or true
then builtins_fetchurl {inherit (spec) url sha256;}
else pkgs.fetchurl {inherit (spec) url sha256;};
fetch_tarball = pkgs: spec:
if spec.builtin or true
then builtins_fetchTarball {inherit (spec) url sha256;}
else pkgs.fetchzip {inherit (spec) url sha256;};
fetch_git = spec:
builtins.fetchGit {
url = spec.repo;
inherit (spec) rev ref;
};
fetch_builtin-tarball = spec:
builtins.trace ''
WARNING:
The niv type "builtin-tarball" will soon be deprecated. You should
instead use `builtin = true`.
$ niv modify <package> -a type=tarball -a builtin=true
''
builtins_fetchTarball {inherit (spec) url sha256;};
fetch_builtin-url = spec:
builtins.trace ''
WARNING:
The niv type "builtin-url" will soon be deprecated. You should
instead use `builtin = true`.
$ niv modify <package> -a type=file -a builtin=true
'' (builtins_fetchurl {inherit (spec) url sha256;});
#
# Various helpers
#
# The set of packages used when specs are fetched using non-builtins.
mkPkgs = sources: let
sourcesNixpkgs =
import (builtins_fetchTarball {inherit (sources.nixpkgs) url sha256;})
{};
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
in
if builtins.hasAttr "nixpkgs" sources
then sourcesNixpkgs
else if hasNixpkgsPath && !hasThisAsNixpkgsPath
then import <nixpkgs> {}
else
abort ''
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
add a package called "nixpkgs" to your sources.json.
'';
# The actual fetching function.
fetch = pkgs: name: spec:
if !builtins.hasAttr "type" spec
then abort "ERROR: niv spec ${name} does not have a 'type' attribute"
else if spec.type == "file"
then fetch_file pkgs spec
else if spec.type == "tarball"
then fetch_tarball pkgs spec
else if spec.type == "git"
then fetch_git spec
else if spec.type == "builtin-tarball"
then fetch_builtin-tarball spec
else if spec.type == "builtin-url"
then fetch_builtin-url spec
else
abort
"ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
# Ports of functions for older nix versions
# a Nix version of mapAttrs if the built-in doesn't exist
mapAttrs =
builtins.mapAttrs
or (f: set:
with builtins;
listToAttrs (map (attr: {
name = attr;
value = f attr set.${attr};
}) (attrNames set)));
# fetchTarball version that is compatible between all the versions of Nix
builtins_fetchTarball = {
url,
sha256,
} @ attrs: let
inherit (builtins) lessThan nixVersion fetchTarball;
in
if lessThan nixVersion "1.12"
then fetchTarball {inherit url;}
else fetchTarball attrs;
# fetchurl version that is compatible between all the versions of Nix
builtins_fetchurl = {
url,
sha256,
} @ attrs: let
inherit (builtins) lessThan nixVersion fetchurl;
in
if lessThan nixVersion "1.12"
then fetchurl {inherit url;}
else fetchurl attrs;
# Create the final "sources" from the config
mkSources = config:
mapAttrs (name: spec:
if builtins.hasAttr "outPath" spec
then
abort
"The values in sources.json should not have an 'outPath' attribute"
else spec // {outPath = fetch config.pkgs name spec;})
config.sources;
# The "config" used by the fetchers
mkConfig = {
sourcesFile ? ./sources.json,
sources ? builtins.fromJSON (builtins.readFile sourcesFile),
pkgs ? mkPkgs sources,
}: rec {
# The sources, i.e. the attribute set of spec name to spec
inherit sources;
# The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers
inherit pkgs;
};
in
mkSources (mkConfig {})
// {
__functor = _: settings: mkSources (mkConfig settings);
}

34
nixops.nix Normal file
View file

@ -0,0 +1,34 @@
# NixOps configuration for the mio-ops nodes
{
network = {
description = "mio-ops nodes";
enableRollback = true;
};
network.storage.legacy = {databasefile = "~/.nixops/deployments.nixops";};
defaults = {
config,
pkgs,
lib,
...
}: {
system.autoUpgrade.enable = false; # Disabled as it conflicts with NixOps
};
airgead = import hosts/airgead.nix;
brighde = import hosts/brighde.nix;
ceilidh = import hosts/ceilidh.nix;
cuallaidh = import hosts/cuallaidh.nix;
dhu = import hosts/dhu.nix;
dionach = import hosts/dionach.nix;
iolear-beag = import hosts/iolear-beag.nix;
doilidh = import hosts/doilidh.nix;
eamhair = import hosts/eamhair.nix;
ceitidh = import hosts/ceitidh.nix;
paidh-uachdar = import hosts/paidh-uachdar.nix;
sanganto = import hosts/sanganto.nix;
sercanto = import hosts/sercanto.nix;
sithlainnir = import hosts/sithlainnir.nix;
teintidh = import hosts/teintidh.nix;
}

195
outputs.nix
View file

@ -1,195 +0,0 @@
{
self,
cardano-node,
colmena,
cosmicDesktop,
daedalus,
nix,
nixpkgs,
nixpkgsUnstable,
ragenix,
utils,
...
} @ inputs:
(utils.lib.eachDefaultSystem (system: let
deploymentName = "mio-ops";
pkgs = nixpkgs.legacyPackages."${system}";
nix_path = "nixpkgs=${nixpkgs}";
in {
devShell =
pkgs.callPackage
./shell.nix {
inherit (colmena.packages."${pkgs.system}") colmena;
inherit (nix.packages."${pkgs.system}") nix;
inherit (ragenix.packages."${pkgs.system}") ragenix;
inherit deploymentName;
inherit nix_path;
};
}))
// {
colmena = {
meta = {
description = "mio-ops deployment";
name = "deploymentName";
nixpkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [];
};
};
defaults = {pkgs, ...}: {
imports = [
./modules
cosmicDesktop.nixosModules.default
];
# make flake inputs accessible in NixOS
_module.args.inputs = inputs;
nixpkgs.overlays = [
(super: self: {
inherit (nixpkgsUnstable.legacyPackages."${pkgs.system}") toxvpn;
})
];
profiles.starship.enable = true;
profiles.toxvpn.enable = false;
};
# Comment out deployment line when building the SD Image.
airgead = {
imports = [
hosts/airgead
cardano-node.nixosModules.cardano-node
ragenix.nixosModules.default
];
deployment = {
tags = ["active" "vps"];
targetHost = "172.105.187.96";
};
};
brighde = {
imports = [
hosts/brighde
ragenix.nixosModules.default
];
deployment = {
tags = ["active"];
targetHost = "10.42.0.124";
};
};
ceilidh = {
imports = [
hosts/ceilidh
ragenix.nixosModules.default
];
};
ceitidh = {
imports = [
hosts/ceitidh
ragenix.nixosModules.default
];
deployment = {
tags = ["active" "rPi"];
targetHost = "10.42.0.203";
};
};
cuallaidh = {
imports = [
hosts/cuallaidh
ragenix.nixosModules.default
];
deployment = {
tags = ["active" "vps"];
targetHost = "172.105.171.16";
};
};
#dhu = {
# imports = [
# hosts/dhu
# ragenix.nixosModules.default
# ];
#};
dionach = {
imports = [
hosts/dionach
ragenix.nixosModules.default
];
deployment = {
tags = ["active"];
targetHost = "10.42.0.190";
};
};
doilidh = {
imports = [
hosts/doilidh
ragenix.nixosModules.default
];
deployment = {
tags = ["active" "rPi"];
targetHost = "10.42.0.204";
};
};
eamhair = {
imports = [
hosts/eamhair
ragenix.nixosModules.default
];
deployment = {
tags = ["active" "rPi"];
targetHost = "10.42.0.205";
};
services.toxvpn.localip = "10.37.0.205";
};
iolear-beag = {
imports = [
hosts/iolear-beag
ragenix.nixosModules.default
];
deployment = {
tags = ["inactive"];
targetHost = "10.42.0.127";
};
};
#paidh-uachdar = {
# imports = [
# hosts/paidh-uachdar
# ragenix.nixosModules.default
# ];
#};
sanganto = {
imports = [
hosts/sanganto
ragenix.nixosModules.default
];
deployment.targetHost = "10.42.0.11";
roles.desktop.enable = true;
roles.desktopCraige.enable = true;
services.toxvpn.localip = "10.37.0.11";
};
sercanto = {
imports = [
hosts/sercanto
ragenix.nixosModules.default
];
deployment.targetHost = "10.42.0.180";
roles.desktop.enable = true;
roles.desktopCraige.enable = true;
};
sithlainnir = {
imports = [
hosts/sithlainnir
ragenix.nixosModules.default
];
deployment = {
tags = ["inactive"];
targetHost = "10.42.0.114";
};
};
teintidh = {
imports = [
hosts/teintidh
ragenix.nixosModules.default
];
deployment = {
tags = ["inactive"];
targetHost = "10.42.0.127";
};
};
};
}

6
overlays/ncmpcpp.nix
View file

@ -1,6 +0,0 @@
# Enable the visualiser in ncmpcpp
self: super: {
ncmpcpp = super.ncmpcpp.override {
visualizerSupport = true;
};
}

3
profiles/bash.nix
View file

@ -6,6 +6,9 @@
export TERM="xterm-256color"
test -r ~/.dir_colors && eval $(dircolors ~/.dir_colors)
'';
promptInit = ''
eval "$(starship init bash)"
'';
vteIntegration = true;
};
}

44
profiles/cardano-node.nix
View file

@ -1,42 +1,19 @@
# NixOps configuration for the hosts running a Cardano node
{
config,
inputs,
pkgs,
lib,
...
}: let
cardanoNodeProject = import (inputs.cardano-node + "/nix") {
gitrev = inputs.cardano-node.rev;
sources = import ../nix/sources.nix;
cardanoNodeProject = import (sources.cardano-node + "/nix") {
gitrev = sources.cardano-node.rev;
};
iohkNix = import (sources.iohk-nix) {};
in {
age.secrets = {
cardano-kes = {
file = ../secrets/cardano/cardano-kes.age;
path = "/run/keys/cardano-kes";
owner = "cardano-node";
group = "cardano-node";
mode = "0600";
};
cardano-opcert = {
file = ../secrets/cardano/cardano-opcert.age;
path = "/run/keys/cardano-opcert";
owner = "cardano-node";
group = "cardano-node";
mode = "0600";
};
cardano-vrf = {
file = ../secrets/cardano/cardano-vrf.age;
path = "/run/keys/cardano-vrf";
owner = "cardano-node";
group = "cardano-node";
mode = "0600";
};
};
imports = [../secrets/cardano/producers.nix "${sources.cardano-node}/nix/nixos"];
#imports = [../secrets/cardano/producers.nix];
environment.systemPackages = [inputs.cardano-node.packages.${pkgs.system}.cardano-cli];
environment.systemPackages = [cardanoNodeProject.cardano-cli];
services = {
cardano-node = {
@ -44,9 +21,8 @@ in {
environment = "mainnet";
hostAddr = "0.0.0.0";
nodeConfig =
inputs.cardano-node.environments.x86_64-linux.mainnet
iohkNix.cardanoLib.environments.mainnet.nodeConfig
// {
Protocol = "Cardano";
hasPrometheus = ["127.0.0.1" 12798];
setupScribes = [
{
@ -57,9 +33,9 @@ in {
];
defaultScribes = [["JournalSK" "cardano"]];
};
kesKey = "${config.age.secrets.cardano-kes.path}";
vrfKey = "${config.age.secrets.cardano-vrf.path}";
operationalCertificate = "${config.age.secrets.cardano-opcert.path}";
kesKey = "/run/keys/cardano-kes";
vrfKey = "/run/keys/cardano-vrf";
operationalCertificate = "/run/keys/cardano-opcert";
};
};

10
profiles/coturn.nix
View file

@ -5,14 +5,7 @@
lib,
...
}: {
age.secrets = {
coturn = {
file = ../secrets/coturn.age;
owner = "turnserver";
group = "turnserver";
mode = "0640";
};
};
imports = [../secrets/coturn.nix];
services = {
coturn = {
@ -27,7 +20,6 @@
no-tcp-relay = true; # Disable TCP relay endpoints
extraConfig = "\n cipher-list=\"HIGH\"\n no-loopback-peers\n no-multicast-peers\n ";
secure-stun = true; # Require authentication of the STUN Binding request
static-auth-secret-file = config.age.secrets.coturn.path;
cert = "/var/lib/acme/turn.mcwhirter.io/fullchain.pem";
pkey = "/var/lib/acme/turn.mcwhirter.io/key.pem";
min-port = 49152; # Lower bound of UDP relay endpoints

15
profiles/daedalus.nix
View file

@ -1,14 +1,17 @@
# NixOps configuration for the hosts running Daedalus
{
config,
inputs,
lib,
pkgs,
lib,
...
}: {
}: let
sources = import ../nix/sources.nix;
daedalusProject = import sources.daedalus {};
daedalusMainnet = daedalusProject.daedalus;
#daedalusFlight = daedalusProject.daedalus {--argstr cluster mainnet_flight -o daedalusFlight};
in {
environment.systemPackages = [
inputs.daedalus.packages."${pkgs.system}".daedalus-mainnet
#inputs.daedalus.packages."${pkgs.system}".daedalus-preprod
#inputs.daedalus.packages."${pkgs.system}".daedalus-preview
daedalusMainnet
#daedalusFlight
];
}

46
profiles/desktopCraige.nix Normal file
View file

@ -0,0 +1,46 @@
# Craige's NixOS desktop requirements
{
config,
pkgs,
...
}: {
# Craige's Desktop Packages
imports = [
../profiles/ebooks.nix
../profiles/minecraftClient.nix
../profiles/spotify.nix # Spotify settings
];
environment.systemPackages = with pkgs; [
byobu # text-based window manager and terminal multiplexer.
caprine-bin # an elegant Facebook Messenger desktop app
element-desktop # A feature-rich client for Matrix.org
enlightenment.terminology # Powerful terminal emulator based on EFL
firefox # A web browser built from Firefox source tree
ffmpeg-full # record, convert and stream audio and video
gimp # The GNU Image Manipulation Program
gopass # password file manager
libreoffice # Comprehensive, professional-quality productivity suite
mpd # A flexible, powerful daemon for playing music
ncmpcpp # A featureful ncurses based MPD client inspired by ncmpc
nextcloud-client # Nextcloud themed desktop client
nvme-cli # NVM-Express user space tooling for Linux
pandoc # Conversion between documentation formats
pwgen # Password generator
siji # An iconic bitmap font based on Stlarch with additional glyphs
shared-mime-info # A database of common MIME types
shotwell # Photo organizer
signal-desktop # Private, simple, and secure messenger
sshfs # allows remote filesystems to be mounted over SSH
sweethome3d.application # design and visualise homes
taskwarrior # Highly flexible command-line tool to manage TODO lists
termonad # Terminal emulator configurable in Haskell
texliveFull # TeX Live environment
tmate # Instant Terminal Sharing
tor-browser-bundle-bin # Tor Browser Bundle built by torproject.org
tuba # Fediverse client
unzip # An extraction utility for archives compressed in .zip format
vcsh # Version Control System for $HOME
yt-dlp # Command-line tool to download videos
];
}

9
profiles/desktop_common.nix
View file

@ -1,6 +1,5 @@
# Common configuration for MIO desktops
{
inputs,
config,
pkgs,
...
@ -12,8 +11,12 @@
../profiles/daedalus.nix
../profiles/openssh.nix
../profiles/powerManagement.nix
../profiles/users-core.nix
../profiles/users.nix
../secrets/user-craige.nix
../secrets/user-fiona.nix
../secrets/user-hamish.nix
../secrets/user-logan.nix
../secrets/user-root.nix
../secrets/user-xander.nix
];
# Common Desktop Packages

7
profiles/games-kids.nix
View file

@ -2,9 +2,11 @@
{
config,
pkgs,
nixpkgsUnstable,
...
}: {
}: let
sources = import ../nix/sources.nix;
unstable = import sources.nixpkgsUnstable {};
in {
imports = [
../profiles/minecraftClient.nix # Play Minecraft :-)
];
@ -18,6 +20,7 @@
freeciv # Multiplayer (or single player), turn-based strategy game
freedroidrpg # Isometric 3D RPG similar to game Diablo
gcompris # Educational software suite, kids aged 2 to 10
unstable.grapejuice # Simple Wine+Roblox management tool
#lincity_ng # City building game
meritous # Action-adventure dungeon crawl game
minetest # Infinite-world block sandbox game

2
profiles/host_common.nix
View file

@ -10,6 +10,7 @@
./chrony.nix
../profiles/neovim.nix
../profiles/logrotate.nix
../profiles/starship.nix
./tmux.nix
./zsh.nix
];
@ -26,7 +27,6 @@
console = {
keyMap = "us"; # Set the default console key map
font = "ter-powerline-v32n"; # Set the default console font
packages = with pkgs; [powerline-fonts];
};
time.timeZone = "Australia/Brisbane"; # Set your preferred timezone:

11
profiles/iog.nix
View file

@ -1,26 +1,30 @@
# NixOps configuration for the hosts utilising IOHK resources
{
config,
inputs,
pkgs,
lib,
...
}: let
nix = inputs.nix.packages."${pkgs.system}".nix;
sources = import ../nix/sources.nix;
nixVersion = (import sources.nixpkgs {}).nixVersions.latest;
in {
imports = [../profiles/terminal-recording.nix ../profiles/nix-direnv.nix];
nix = {
package = nix;
package = nixVersion;
settings = {
substituters = [
"https://cache.nixos.org"
"https://erc20.cachix.org"
"https://cache.iog.io"
"s3://iohk-vit-bitte/infra/binary-cache/?region=eu-central-1"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"erc20.cachix.org-1:SSf1RXfccF4/rwiwgBrbV7n8EBn0xciuU/TMdtor8LE="
"hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ="
"iohk.cachix.org-1:DpRUyj7h7V830dp/i6Nti+NEO2/nhblbov/8MW7Rqoo="
"vit-testnet-0:0lvkEoYh+XrBh7pr4bXjsUisUkUxsyLvvWBIJwym/RM="
];
};
extraOptions = ''
@ -37,6 +41,7 @@ in {
brave # Privacy-oriented browser
buildkite-agent # Buildkite for IOHK
cue # A data constraint language
discord # cross-platform voice and text chat
docker # Pack, ship and run any application as a lightweight container
docker-compose # Multi-container orchestration for Docker
freerdp # A Remote Desktop Protocol Client, xfreerdp

12
profiles/ipv6.nix
View file

@ -1,12 +0,0 @@
# NixOps configuration for the hosts running a TURN server (coturn)
{
config,
pkgs,
lib,
...
}: {
networking = {
enableIPv6 = true;
tempAddresses = "disabled";
};
}

4
profiles/matrix.nix
View file

@ -5,6 +5,8 @@
lib,
...
}: {
imports = [../secrets/matrix.nix];
i18n = {
extraLocaleSettings = {
LC_COLLATE = "C.UTF-8"; # Ensure correct locale for postgres
@ -64,7 +66,7 @@
server_name = "mcwhirter.io"; # Server's public domain name
tls_certificate_path = "/var/lib/acme/mcwhirter.io/fullchain.pem";
tls_private_key_path = "/var/lib/acme/mcwhirter.io/key.pem";
turn_shared_secret = "${config.services.coturn.static-auth-secret-file}";
turn_shared_secret = "IZI43ylg6aJdMwy5MyhUPqT8SJD4C3P1vDcIFMzqGvTXJiCjAEvnPcDCBZfig5Q6";
turn_uris = [
"turn:turn.mcwhirter.io:5349?transport=udp"
"turn:turn.mcwhirter.io:5350?transport=udp"

6
profiles/mcwhirter.io.nix
View file

@ -4,8 +4,8 @@
pkgs,
...
}: let
#sources = import ../nix/sources.nix;
#mcwhirter-io = import sources.mcwhirter-io {};
sources = import ../nix/sources.nix;
mcwhirter-io = import sources.mcwhirter-io {};
webdomain = "mcwhirter.io";
in {
environment.sessionVariables = {
@ -23,7 +23,7 @@ in {
# website hostname
enableACME = true; # Use ACME certs
forceSSL = true; # Force SSL
#root = "${mcwhirter-io}"; # Wesbite root
root = "${mcwhirter-io}"; # Wesbite root
};
"www.${webdomain}" = {
# Respect our elders :-)

3
profiles/neovim.nix
View file

@ -11,7 +11,6 @@
configure = {
packages.myPlugins = with pkgs.vimPlugins; {
start = [
ale # Asynchronous Lint Engine
deoplete-nvim # an extensible and asynchronous completion framework
formatter-nvim # A format runner for neovim
fugitive # Vim Git wrapper
@ -27,6 +26,7 @@
nvim-treesitter # configurations and abstraction layer for Neovim.
onedarkpro-nvim # Dark and light themes for Neovim
supertab # Allows you to use <Tab> for all your insert completion
syntastic # Syntax checking hacks
vim-terraform # tab completion, syntax highlighting, indentation
vim-terraform-completion
vim-cue # Cue filetype plugin for Vim
@ -329,7 +329,6 @@
javascript = treefmt,
lua = treefmt,
mint = treefmt,
markdown = treefmt,
nix = treefmt,
rego = treefmt,
ruby = treefmt,

22
profiles/nextcloud.nix
View file

@ -5,22 +5,8 @@
lib,
...
}: {
age.secrets = {
nextcloud-dbpass = {
file = ../secrets/nextcloud-dbpass.age;
path = "/run/keys/nextcloud-dbpass";
mode = "0640";
owner = "nextcloud";
group = "nextcloud";
};
nextcloud-adminpass = {
file = ../secrets/nextcloud-adminpass.age;
path = "/run/keys/nextcloud-adminpass";
mode = "0640";
owner = "nextcloud";
group = "nextcloud";
};
};
imports = [../secrets/nextcloud.nix];
services.nextcloud = {
enable = true; # Enable Nextcloud
hostName = "cloud.mcwhirter.io"; # FQDN for the Nextcloud instance
@ -31,8 +17,8 @@
dbname = "nextcloud"; # Set the database name
dbhost = "/run/postgresql"; # Set the database connection
dbuser = "nextcloud"; # Set the database user
dbpassFile = config.age.secrets.nextcloud-dbpass.path;
adminpassFile = config.age.secrets.nextcloud-adminpass.path;
dbpassFile = "/run/keys/nextcloud-dbpass"; # Where to find the database password
adminpassFile = "/run/keys/nextcloud-admin"; # Where to find the admin password
adminuser = "root"; # Set the admin user name
};
autoUpdateApps = {

31
profiles/pipewire.nix
View file

@ -1,31 +0,0 @@
# Common configuration for pipewire on MIO desktops
{
config,
pkgs,
...
}: {
security.rtkit.enable = true;
services = {
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
};
environment.etc = {
"wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = ''
bluez_monitor.properties = {
["bluez5.enable-sbc-xq"] = true,
["bluez5.enable-msbc"] = true,
["bluez5.enable-hw-volume"] = true,
["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
}
'';
};
hardware.pulseaudio.enable = false;
sound.enable = true; # Enable sound.
}

8
profiles/server_common.nix
View file

@ -4,10 +4,14 @@
pkgs,
lib,
...
}: {
}: let
sources = import ../nix/sources.nix;
nixpkgs2305 = (import sources."nixos-23.05" {}).pkgs;
in {
imports = [
../profiles/openssh.nix
../profiles/users-core.nix
../secrets/user-craige.nix
../secrets/user-root.nix
];
programs.mosh = {

5
profiles/starship.nix Normal file
View file

@ -0,0 +1,5 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
starship # A minimal, blazing fast, and extremely customizable prompt for any shell
];
}

1
profiles/taskserver.nix
View file

@ -9,7 +9,6 @@
enable = true; # Enable Taskwarrior server
fqdn = "task.mcwhirter.io"; # Server's public domain name
listenHost = "task.mcwhirter.io"; # Sets listening IP & opens firewall
openFirewall = true;
organisations = {
teaghlach = {
groups = ["teaghlach"];

22
profiles/tt-rss.nix
View file

@ -5,20 +5,12 @@
lib,
...
}: {
age.secrets = {
tt-rss-dbpass = {
file = ../secrets/tt-rss-dbpass.age;
owner = "tt_rss";
group = "tt_rss";
mode = "0640";
};
};
services.tt-rss = {
enable = true; # Enable TT-RSS
database = {
# Configure the database
type = "pgsql"; # Database type
passwordFile = "${config.age.secrets.tt-rss-dbpass.path}"; # Where to find the password
passwordFile = "/run/keys/tt-rss-dbpass"; # Where to find the password
};
email = {
fromAddress = "news@mcwhirter.io"; # Address for outgoing email
@ -47,6 +39,16 @@
];
};
systemd = {
services = {
tt-rss = {
# Ensure tt-rss starts after nixops keys are loaded
after = ["tt-rss-dbpass-key.service"];
wants = ["tt-rss-dbpass-key.service"];
};
};
};
services.postgresqlBackup.databases = ["tt_rss"];
services.nginx = {
@ -63,4 +65,6 @@
};
security.acme.certs = {"news.mcwhirter.io".email = "craige@mcwhirter.io";};
users.groups.keys.members = ["tt_rss"]; # Required due to NixOps issue #1204
}

39
profiles/users-core.nix
View file

@ -1,39 +0,0 @@
# User configuration common to all MIO hosts
{
config,
pkgs,
...
}: {
age.secrets = {
root.file = ../secrets/root.age;
craige.file = ../secrets/craige.age;
};
# MIO Groups:
users.groups = {
craige.gid = 1000;
};
# MIO Users
users.users = {
root = {
hashedPasswordFile = config.age.secrets.root.path;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K"
];
};
craige = {
isNormalUser = true;
description = "Craige McWhirter";
uid = 1000;
group = "craige";
extraGroups = [
"wheel"
];
hashedPasswordFile = config.age.secrets.craige.path;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K"
];
};
};
}

41
profiles/users-ops.nix
View file

@ -1,41 +0,0 @@
# User configuration common to all MIO Opshosts
{
config,
pkgs,
...
}: {
age.secrets = {
root.file = ../secrets/root-ops.age;
craige.file = ../secrets/craige-ops.age;
};
# MIO Groups:
users.groups.craige.gid = 1000;
# MIO Users
users.users.root = {
hashedPasswordFile = config.age.secrets.root.path;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K"
];
};
users.users.craige = {
isNormalUser = true;
home = "/home/craige";
description = "Craige McWhirter";
uid = 1000;
group = "craige";
extraGroups = [
"audio"
"libvirtd"
"networkmanager"
"qemu-libvirtd"
"video"
"wheel"
];
hashedPasswordFile = config.age.secrets.craige.path;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K"
];
};
}

57
profiles/users.nix
View file

@ -1,57 +0,0 @@
# User configuration common to all MIO hosts
{
config,
pkgs,
...
}: {
age.secrets = {
fiona.file = ../secrets/fiona.age;
hamish.file = ../secrets/hamish.age;
logan.file = ../secrets/logan.age;
xander.file = ../secrets/xander.age;
};
# MIO Groups:
users.groups = {
fiona.gid = 1004;
hamish.gid = 1001;
logan.gid = 1002;
xander.gid = 1003;
};
# MIO Users
users.users = {
fiona = {
isNormalUser = true;
description = "Fiona McWhirter";
uid = 1004;
group = "fiona";
extraGroups = ["networkmanager"];
hashedPasswordFile = config.age.secrets.fiona.path;
};
hamish = {
isNormalUser = true;
description = "Hamish McWhirter";
uid = 1001;
group = "hamish";
extraGroups = ["networkmanager"];
hashedPasswordFile = config.age.secrets.hamish.path;
};
logan = {
isNormalUser = true;
description = "Logan Stoddart";
uid = 1002;
group = "logan";
extraGroups = ["networkmanager"];
hashedPasswordFile = config.age.secrets.logan.path;
};
xander = {
isNormalUser = true;
description = "Xander Stoddart";
uid = 1003;
group = "xander";
extraGroups = ["networkmanager"];
hashedPasswordFile = config.age.secrets.logan.path;
};
};
}

4
profiles/xmonad.nix
View file

@ -26,11 +26,11 @@
desktopManager = {
xterm.enable = false; # Disable NixOS default desktop manager.
gnome.enable = false; # Enable GNOME desktop environment
plasma5.enable = false; # Enable Plasma desktop environment
plasma5.enable = true; # Enable Plasma desktop environment
};
displayManager = {
gdm.enable = false; # Enable the GNOME display manager
lightdm.greeters.pantheon.enable = false;
lightdm.greeters.pantheon.enable = true;
};
windowManager = {
# Open configuration for the window manager.

3
profiles/zsh.nix
View file

@ -25,6 +25,9 @@
enable = true;
plugins = ["fzf" "git"];
};
promptInit = ''
eval "$(starship init zsh)"
'';
vteIntegration = true;
};

61
secrets/cardano/cardano-kes.age
View file

@ -1,61 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBpMC84
S09IcHB5aFVVb3pIRkhUbWNuRGRkbHlUUlZDTG5WakZFSENaVEJvCk1RUVhaNGpQ
SURDQ0YydStCcDg5OGl1NEYzYjJ2TWNHZTlHdUZRYURNb0UKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIEd4dEtMdXY1TnFNaWwwbDdURGlXNWJDb3V0SXYybURpdVZqM21n
STJmMU0KV1JaYmRXbjhoK1QvWXBEZzc5a09EMGhZZWhzb0tReGkxSW80aWFqb0ZN
MAotPiBzc2gtZWQyNTUxOSA5aEV5RFEgbVg5c1RqVHBOQUxreDg5c2pnNEJ2dzFD
ZkFiRnEvQUZ0dmFDdEhQOTN3WQp5cE0zOWE1cVhFR0czUitxa1ovOWtrayt5WG1z
Yk4vZGkzZTJoaUpNMEdnCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBmYmQ1YTZQRmtu
bmtoalNXSFRrdUFRRVEzTHZ6YVh1Nlh2YWY2WE5Vam5VCkdtWGZWdnNRNDByL3Zh
QkpVMFNya1IwY1BkMWRlY0ovT21QN21yMVpTSWMKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IHRKaWVuTUM1b0hoQ1ZkS29RWFVyQ3FDcXhUWWlEd0FBOGhwWnQ5a2Rqd2MK
WXF4ZmQvUU81Z0RnWTNIZFRUVTVJSkNHcDFOclUzSGxMMWpBMlpvLzZEWQotPiBz
c2gtZWQyNTUxOSBQeEt3alEgZVNudVB1UDBTd0FTVjB4andQWEJ0SXpsWUszR3dI
OFlmakh0NTZIemJrNAo4OE1lNlJpZ3NWVHdvSG8rK0laN3J3cGxKd2t5K1Jnb1lV
NmZCOGhFNE5jCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSA5TjdkL21wcmhTdE9Td2Z5
c1FrdU1pVFRCNzMyKzIwYTNvNjBzZStoUTFnCkx5UjUwUzYyWm53dWg1ZDUrazNy
NUFLMlJwUWNhSVIwc2haenBmL0lQcU0KLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIEZG
cDZLTlA4cUxqR08xbCtDRldRZkNzK2c1Z1lBZGNvNTh3NjJwM2tpM2cKYlBTRDYz
aGlMMWxUV2MyOTVwMndBWTM0SDhKaTlTS0hsYm1kZUJNYnd3QQotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgWk9uTTM1TjdzWDZXODU3UUVZdGJ1d1c2eWNnOGRaaEowUDQ1
clRGWkN5ZwpGd2RDYWtHYW1YTURmN1dNZEtCdFF4YWZjV1NhS0ZqdE01czYwcXkr
czRBCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBTd2pKTFptK01WZVhEQ0g2by81SlUz
MTc1eFE0T3g5TnhGKzIxbU5YRDFJCnJHWVNWV0dNUXFXaFdIRUZMVVdnbUI5TzV2
WURGWXhMQmFYQUphMDluaGsKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IHhXUk9qTktH
NHJySXp3ZS9XVEFGUFU5VFM3OUN0NDZUOC9lY2NZbkV6d1EKVUhXQ1VEQVUralls
b1Job3BtK2JmSFZQTWZRb1hrMFc5aUNEczdZY3dRVQotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgUjlOcmg5cXVSdTlHVVJDZUE3THdjb1YybmZmSExCM2IvZ29lNVpNYi9R
MApjOEVmditLQXM0Zzd2WFRSeThBaEo4aEtnME5BQWJsYUxUUTZWSXlQREEwCi0+
IFA1Y0w8LWdyZWFzZSAmQWogcixOK34Kc1cvRVpiandaUHAvMXJvSUZoVzZPaWpx
L1ozeTdKZkcKLS0tIGcxTi9hZVVuWDZxblg2TEFNSk5zTk00SmtmWUhKb2FHc3JV
aFMrdUFPTGsK0DCthsP/cg/SkY56up9zt7WqxzMtLvo4Bv3O+EMK2WknyR/g+QJx
QKKBkILmt07R+MpDBlHA1X8AOH5iT7tNNNplp2dztzFC6pRL/v2hBIVL+abqmAMj
pG9TEt+FISgd1PxTS55cHugUaC8LJNi7wa/4sBwTTI+Rnl4KHZBo5BiGUq61dX6j
fd6pZXSmptT4dBVV2ZETyBYoOqe74cPe5gVQfVMzXI4xnKRhe9va4qnmoEZV2YQD
MUl8JtRGVbeIPvQdM8fQjcaZNNw5rhYMMadJtuo5beqG1z+i+tAxJISBv+NU3rNv
FTaDPKXlP1UvsK+SgPFZYI6VMZiFo9ZoMYSYiirO6jHXOQutzo11qy0wzToQTpU8
zRe9QbMzuhgGewQEfZYayQzTQa5yQDvCH1fTVqtcDeQVB1/xw9DpwLFDfV/kGN8o
T2KBv3d2hOqP74vNOoSMsBE9PxcB9hdKQ347mBueN9c245FuRH188+VV1wYG0CTD
ogd4zyt3NRT2HM06YiR5fNGo7kHLjoREPQFabiyKmpWIQ/Mpa3/fC7LaBZqQe1hS
fnhh3/STGv4kpAJN7iADrsqN/JDNAiAkTSWVHabu5zxPwOgRyQ4/HS3SpvhatNxG
TuNNiMKbn28rjaoRK2pepkw5RHbGLjtapiTqDF0uqoyQfPCL02NDToKprbuJYM7v
/4xhmREPA/FJWxMMDEGY+vvIlyYYHfaogipZpodT02+mjSLTeLIv7bTBFh+sD1M+
el7T6bKhfZo8dXqoaFyhAj8b0yCwVMeGmDIfnJmPWTnHAHPvM7iX2Xd1Q0fshgN+
BtU1GKIQs0g7W8JTcvtpZbxtB0phFQT0SJXdDoFbE1lQl13wcecy2QL7KHywG8/R
tSMKgSrhcb23BffId5a2xtLoYvr4EmxWHT8+4boWF0UwPArOLCH1kz2OiQb0/avC
Lm78KVqlIC0ck8dk6wDRUzGAFB4kQpsFEhfk+OHTQuhSzqFlo/AWsldNhosZF2SA
roOMZlfmabJPPPcidpnV+xbyzL7NWF5uPgJvVN4pDCcfow79g+QH2sztIjcFOLHt
5hZimXHm/0aVpxRbTKFOrEiDIthDK0QWZCxJCvl0BmeFrRzTtSNPUHlEEcVdcCFo
15kKS5BS4r4Ma7xD4Hdwn0DxjeWN69TGSrHJTNgCTiy9SG2roAp/gaB9aXHBTvRh
53kKFLNRe5yKuOeMIjH1Kbvh4G4nUoSKK0bFRbG6KUsDFh66g/OD84zQi53k2l/X
liGARABrqmmmuzUJEdfrV2EZuxj7xFAey8MBFGqdTn0ERugIPueJEM2znSkp6w+m
7fxx8JxL2B0oXLEZaV+N6jc9unBA/IhrczF3Mal1zVFx8GlrZyO+ZQmr9J1FkICc
BM6oxuMLb74J3O7gURSaSBBQJd3/bWukyGDZzSkhphiRwHQ+KAfbtEM18XknFiwZ
XG0bXNjMSGXMCDoo9z1YcD8DJRa07H4JoH2rElniTUVmussgi/k+thHojW2BURk1
iNrtBqIbP0YWnqBsxE/UWX630qY15+OfkWW0fd+wUUtV5CYFOaLDp273VOhSYLPB
3YBFdZH0VE8YH/ZJy6Dn8xigX4EWHB1ZdslHWwyPPRMX0CWIJN0flXdnQhAtBhHe
J2an1vTb7K+H0149FP5R9pJLMZDZu+TEY972c3Td/v4A2hQkEPqLnKy5sXqajFDk
u9y25CR1i4oSVeZqI5M6cFeiVchmzeP3TPKV9duLpL8iw63uUi+hKzkxC/CCA000
5RRvoN4+QaZnmkl3y2OuVbYVGdW1fK54
-----END AGE ENCRYPTED FILE-----

41
secrets/cardano/cardano-opcert.age
View file

@ -1,41 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBxQWlJ
ejRsWG1HY2hHUDFoK1IrV1B6UUxSa2o2c3NiTTI1V2w5QmROR2hrCmI3OEV4cm4y
NlFVRm9BWjl6dTJkazY5bXIyRU56T3pLVnNkeDA5dXp5L0UKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIEJ5b1EwQ3RuUEZXNCt6LzJ0YW0zc040czBDbVhwdDhCSGZkVUZV
UnVjbjAKYXNnUzFUS1BCTVJvaEg1dDNRNFk3Z3IrL0pBM3BKZitpNUFzVUFnWk5K
MAotPiBzc2gtZWQyNTUxOSA5aEV5RFEgcmJKOTN6L3NaR1NzSnhFTlNGQTc1MFhn
VVI2WWdhekdvS3RNOVdmd1hDQQpLSFNwMWhZZzkrZVRqdU55QlZkd0pmSUl1WjVw
QlhhTHRvNDIyZzN4UDQwCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyB2c20yY3lWS1Zu
eDliNi9CWHZSaWxiUkFtR0tGaEZhaDcreWlnRG0zRTE4CnFtQ0tkUGxLKzhKNWhR
VFVhcHMvK2ZUVFpBV2FMdUx1NEpzcmRIMUIvU0UKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IG42eUxQTW4va3BRbW1JbnhxWTA5NE8vazNUVzhzcEJ2SDhJYk85VGhqUjAK
Sk1LMXhSUXg0WmhnUVNKWDJyNTlCUFAxL3VpRWdkV3lqeXRwallKeU1hawotPiBz
c2gtZWQyNTUxOSBQeEt3alEgVzBFa3hjNjFYQjAvaHRZNk5qNE81OFRZLzdsUWRz
dDFNdjNXOVlXeStHUQp1Q3ZYMU45Vk84VENnYzlrWU81Uk5wTXlRaGZ2d1lwdGNN
NWQyNzdhQ0JrCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBCc1lDWEU1ajVENHpncURG
c3hERzBERStDN3BTZ1I2dEZNM3ExMDNSVjB3CkdGaGkrb1ozRjRpRmxBYmJleUN5
ODlscXdzY09VM3pBNjluSHJ5Mk5WaFkKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIHZW
MFYvY1hXa1YvcEU4OVlaRkdPU2dWMFJCMjdvekluV01RTDB2ZjdOVkEKYTNhaFJB
cHVpRGJXNCszTmxTVGw2c0lhM3BnNWREVDFJUTZKL2oxWnQ0WQotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgTHFuS0VvRjNrRVo4UHRLVzQ0QSswN1dUeDEvQUhTTVBNeC9C
em5kaEpSVQpQMGNxZ2xrRnpQTFZXMGVUeXhYZWEvTUdRSVZMSDhrOWpiZ0MvbVZk
VUF3Ci0+IHNzaC1lZDI1NTE5IHVsMGt4USBsZWsyNmhRRGdZVDVya0VtUFUzSU11
bmdTU29CTmJrazl4REFMMGx4Q0JzClVtWUtJcUZ6V0lDODc5dFJDTHU0WklkT1Mr
ajMzaGtwNGRHM3FsQm1yaUEKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IHVJYnZrWnoz
WlJvWEkrVHFDSGhORC8rMWlsaUV0eTdoempCOG9yRDJ0RWMKMk5GY3FRWElYdXd0
bVBCajA5YjNaREtLNTZLZ00yaWFPMDVwR2djWU1DZwotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgQW5iaHZJS3I5OVRHa3B4OXptQjdSbkUyRDRsNlVLVFd2WXBxVmpYeVlV
RQpONThJRU9vTHBUdWRpZTJ2UXRNL1RzNzU1cjVlMXN2RjNCeTVtcncyZ1BBCi0+
IDxHLWdyZWFzZSBPX24yIHhCPF9WRzkgRjEkYSBOWDM4ClhTd1RGVUx4NVNCSFAr
a0RHL3lnYnNsUEp2MFFJeVJha0EKLS0tIHNVVlBNeTZESUppNW93ZmlvcmNTWFV3
aFRhcFc4RCtzL2hOWCtabnU1K00K09y1sG6p0grkLk3YzDMSayhsnIyHVgTX7R7H
BxpIPqQXH9kvw6Bm5XkG10hmgSraLKfKN+tGceWGSZRj1AC/kicY6NmixppUpBRb
5ZrffqerYsgqPa7j2b/Cy/2ifmbT1/YfGhFHb3SImc7XeDZpvVxy4GJWDcUTkfu5
3434k3ZHGTDAULEx47Vd0o+QLCCGBIXIAzOXpJifzPuc1jjxTv4+VI2COQdD3cw/
2eSTQrxuJo+2iTgNkssE39xTyHxssKCZTBJ7ig1dRmI7B+xkCEGKgT33if03KvqZ
nPNJ8ul4Y6n+hrBa0LuI3suLW95wk/D5WjWouX3A8JAp+B3BN/Zl1Ov9LowccvF5
y6yTLTqbVZsCpccVr+lasJYl6/K5PEqReoMVpoWrEO+AZA3VEPu7GA/J8NBF8/fS
I6pPVI7SDTmpnA4/05izvNJtGgfc5q2BL83xkL5yy6wsDm+YhaoxJpb1zVPPmAVX
MdqFods3EfzXTlaKihLp9GghfQsZbq15HwAF3Q3szf11YQwR98w=
-----END AGE ENCRYPTED FILE-----

38
secrets/cardano/cardano-vrf.age
View file

@ -1,38 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBGQ0hB
K012ZWtYKzFYL3dGcG4zK2RCYjk3R0wyWnBNTFNQajNINDVVNFNVCkpsalhDTEtj
blJQY0MyV3lwc2p1M1dkdVAxSWpWY29IOUdoeGxFeFFrRDgKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIDNpbUQvd3ZBdlZDQzY1UU9FWk5rK2loYkNDaTlmcG5VWm00WCto
RXlUR1UKbnVGNnZ3dTA5Q3hTc3YzYlV1SkxqMFNEQmJBVU5Yd215ZmtEQTFhN2dK
SQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgbGYvYkhyWlJNQzQ4NUFUbENHQlZxZlVM
UjE4d0FEN2pJUDVFVGRjTy9XZwpyRE1hWHpNZ0pMems3TnhJMCt0RTFObnFSYWpC
dFpUTEFIOEVpU3BTWXBJCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyA0QmF1ZkVRR05w
cDV3TjVNWVgwTE1YSS8xbGJkaGFvZmVWZm4yWm5xRG5rCjRKQnJKbGozeUFqTmt6
NVVqV3hoZms5Z240TU4wY1lCL1l3UHFJdnpGbzAKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IDBSS3R2dXk3NFBaZElYWDI3d3Btai9sMjBHV2xvSnJyMXJIbDZheFZiMWsK
MW9rMkZ1UEJ1VkJJSGNCcDdVWXdZeFgraTBhbFphT21ITmVSWUpDYUJqYwotPiBz
c2gtZWQyNTUxOSBQeEt3alEgY3VKSmNaWG9uYnZaRG9oZHVCek5vQUQ1dmwzSGZC
UHhSZ21NQ292RXpqcwp6WVU1MFV4NjYxaUhkVHIvWHpQb3AwaU5zRFVRRjBSZEtj
UXN0amtncUg0Ci0+IHNzaC1lZDI1NTE5IEIzZFhTQSBxU0dWSnVPaUJEYmdpSXdQ
NW4zcjAyN2NwTUpRY0Z4OVNLTEFhczJDazBVCnNNYm9wNXpBWmJjSzVUQWw1amE4
ZGFwdFNoUHFvVXpZTWk2YzdWakNTOG8KLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIGxm
eTgvWjBIRTNUVzdlSitoZ3RrY2JpR0UxTWNBdVNmRk1VbGd6S0FBV1UKaWRnZ3hG
M3grNDN1Q2FIbmVLTGp6Vkp4YTVwSWpnT1E5WjA5M3VDRFJPQQotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgdXBucnhOVThEVFJKNXJTUXNpOVVHV0FzR0ZBbjF3V01oeG5i
NTZieTgyawpPak45UmRXOUpVREJ2MWhZZ1orWnFaVTJ0Rmc1TzlVb3BhUS9jVU1T
NXpvCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBrS3AxaGFHd3JKcWtHUWt2V2xUNGZs
ZjFqR29yNWdxQzM5MU5PQytGaVdvCjdpVEZaZnZjQnU3bmIyTVp3UlRuTnJxYzZp
NWxIN0FIZ0ZENzhLNUk5SHMKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IGZrZ0U3N0M5
Lzc1ZlovK29OV1h5QU5ZNkhaRFdjNWRQcHF2OWl1M1Jzd1EKYzVHdktjZFZ5S2Ev
TWsvd2hMV1ljS1EybHVjNHdYNUt2b0wxTzA2TGtGVQotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgV0RrU1lnTTZ0L0o5RlIwbUZUNVlQaEgzbGZadmtIeVpmQWhxV1NyY1J4
VQpVQWNKTGlTUElBczNuTlVmbnUzQXNIbVhYYW1jK1RyRlZWN0F1WXVHamVvCi0+
IGNycy1ncmVhc2UgLzdHXk1HQCBCCjQ2a05YbFp6Ni9DRmJoQ1lVVEFpNXEydFpI
cHB3TVphSXcKLS0tIDdOajBjU1NqaXM1dFo2Rk5mWWMvMnpMdWJVcEZZY2g0MWlx
NWhkaTJPKzgKOTYgpJXvf47nS1vCC2kA3G7+oplnot1p73dyTg7kW/mJUeBhXqjf
OX24j8Ovx9paVbyCMIvyRjEJzL58m8S0hFo1wDTL2HGIopyAFIXNTu6ScUJKqWMw
HsB8wZcMxlQghYv0ABmqZJwNqFCRf+CbXeGBqGLNC1WtYndHXj68i7diqTF3IxYs
wpxk3rjLaeJdgSh6+frIb9rh7mck7brKJrPU04/RZBx9EJ3nGPFVBPYK8zTezqCD
cN4rv7deV2dwS7nj7laPtzhignXP0tJVvuSgHYwqh39U//1Lv9y1xoMyEbDNJqcP
AIkapF5A0uv5sL8OoQbfUYqO1xbf8/IRsxJP4ybTiA==
-----END AGE ENCRYPTED FILE-----

35
secrets/coturn.age
View file

@ -1,35 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSB4c1pK
YkY3THNkS1BXN3F0bVlkYjB0S0syQzNEbDJNVit2M2Rab2RCSjJ3CnpTM3k0QnVE
UWU2QU8yV01rY2FuaGJsZTZjd2dWY2ViT3BxWExhUTRNU1UKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIFlJQjJGOHpkQXJtdkM3QkxSdEtTeDVzU3Y1MzNtVWZOU0tDRDd2
blJJZzQKdWlTVi9sN0wvd1NIQUVhV0RXUktIQW12aUdaWDRUUUlkeXB3QVRENndS
bwotPiBzc2gtZWQyNTUxOSA5aEV5RFEgVHBrRk5LbHpPSkFNTVVFTXRJQW03RkJQ
QWkzdDQ2RCt1aHpTdHdZTnlrRQpVYkRDTzhtQ0lYMnlZV3pFZlgxdzBVVkdMeVQz
WlJkQjIvUlNaNmgwbkZjCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBndVpMWnNOVzZO
VTRHRlc2NHU0UkEzMEpOWHByUXluVFpSOCtRWVhEcHpNCnhIaUhUUHVjTlhPY0lW
TFd2MmIvNForbjZPZFJKVDh3QWZSejh1V1hSVmMKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IGErUzhFd0tUUndMbmVqakt3SE0yd2Y0TGRSRjBoMVFPR2RPMzV3V0RHbTgK
eHo5dE1oM0RNL0RuZEVMWThlUUJiZGI2VmZvVDlpY21WMisrR01oK3VmSQotPiBz
c2gtZWQyNTUxOSBQeEt3alEgVUwyL3VFUVlSYjQ0OFhweUxOWTNablQxU01KZjBD
eUNrd2wwMVlwZFJFRQpPWjUra3k2TE81R3V6WXRFY2pXWXVvVS9qRjZOMjdPZHVu
Ri9lV3poKzRFCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBpa0NxNTJnNXZNZ0JtUmly
cldrTVZ0MFU1d0R1ZnNzUUNOR0RmdWlTUmljCnhuWmdZNndwVW8vYWlxclZQK0FM
RVVnN0dWZ212U1pvdUd0dnB6SmtUNnMKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIDFs
ZEtBZlc4MDNmcWtXUU9mKytZN2NxUmJ6SFZvcFBkditiNE1CN0piaWsKajJWMHVQ
bHh6ekV1d3M2T1RzaVdDZFhaNlJyOFRlUGV1YnloZFo0OHl3MAotPiBzc2gtZWQy
NTUxOSAwZHBkZ1Egd3doZGorWWpPem1kak42dWRicGV3ZVlKYjkwaUxEQXZQcDdU
SkN3a29Scwo1UVVoWGpucEtxRUZXd3czeDkva1YyejQ5YzN4SGx5eDFhTHNidFNj
SXVVCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBCd2srQVF3RkJWbE8wRkJNWnNCU3Mw
cWNDbzN4YmhBL1ZlYURuZjVVT1M0ClBUQm9FVG9mcENSZkNCK1ptcVRVQWUrL2Zq
ZERWSFNPWGpXSll1d3BkOTAKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IERKQzZZd2FK
VGJvdGlEL2ZvOGRlcXNXOUpybjhCZmJ2NFdmQ1gxWERKRVEKTXpwWmUvZG9UWUNR
enRNUXBoa1RKUmpCTzVRWFJtL29MNHl3WWl5b2R1awotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgeE1nMm1HdmhQU1ZYZkRBYml1NGdDaHZ4TDB5cXd5WHgxTldxckZaTEJ3
MAp4NUlKYWZmZU9GZjVtVWNOQkJmRk1lWXpXY2dZdXFQT2g1VWp0QU56WU5RCi0+
IHhRTC1ncmVhc2UKR01SMi8wNnRmNFloUDM4WksyREYyVGJ2ekVrdW9rZkg3MGk4
bXJtRgotLS0gaDhiRHR0TVRObUppaDFjZFljYjVTN3lzTzVKVWdyZFRXNkFteEFs
UG43NArxMjjfXgYBXhon0SSpyPNqUQXp7jU5s7WKzj1OnjNgFYT4/9FxuUWVmf0A
wJjib8jXUERlIahSbcBUyTo3kLLLBegQRIbwjZdYhAFekYUE/Lr6pvQAaDwDf1R0
1LaHz9Zy
-----END AGE ENCRYPTED FILE-----

35
secrets/craige-ops.age
View file

@ -1,35 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSAxQXRV
TE5GcXp0ckxqbml4Z0tmdERnT1QxcVpOSUxPUER6bFBSbEhZbTJ3ClJGWnlTN1Rr
ZStKcmRIOTRyWDhkMVRpYW50cnJUSzRYcm9LampkRWYreHcKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIERxU2V5VDlJd1RsQWQyQ213NzVTcFR4UkpKWXFKUzZUTmxmUjlw
M2NRaXMKWjI1OEdDaFQrK1R4TVdwRVhGSlo3dzVoSTBTR3RwYWprSG82cTU4Z0xo
QQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgYXU2Z0ZvNTd1U010TUcwVUtUeUVqUitC
dHpRQWdUYnNzQStVSTAxMGUzSQp4K2hPSkRINTRlOWNic1lIU1kwQk1YT0RGYU5y
OStONjFSMlF1OHlIT2JjCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBDOW9Zd0NXazJM
ODVDYkRoSWdoK2JDZzI2UkVpb25NTTVpNFNDN2VXcUFFCmFpTVNZN29TNzlYa3I2
V0VWMU5aWDZqV1E5cUpwcCtHL0RuUkVuSlpRbDQKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IGgzZGM3d3J0Wk01RVM1U2FkL09vRUFHMkliSnBiN0dMbUJ5TjYxdDJEMlUK
QzdqVjgveUhlbkRZdTk2cUNmenpjM0o2MnkrL1g3c0VGUDJQZHgzWncxawotPiBz
c2gtZWQyNTUxOSBQeEt3alEgWnhIQlgrYUI5UzdqOU5ENHZteFd5bFd3UEVVeUE5
NkFubFpzQ24xVXZndwpkc1NtSStzYU5hWnZXNXRiYjBqMWtSSmcyMkFUeUR1cDJq
eWNnNkZoK0RnCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBmRUViME5ZYUZ6TExwVW5H
ZUZaTzhmWktzSjZ2TDdLY2IySzRSL1AvUzBvCllVaTF6NFJuUi9CcHBFT3huWS84
Z21Xak1RbmI1Ykh5ckR2V3BiK3VLYmcKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIE9z
L3ZDUkhDbDFxZGQ0bHppVWtMTlc1M1Fpd2pGZEFaV0lad00rZXVRRU0KaUNPT3JT
aEJ5U3l4RzVkSnV3MmM4OFZXQ0RKQWs3NmtnYXB1RTMxc3FXTQotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgMi96OFRxcjNveUdoeVNtbnV6YnlOOS9TRGxGWWJRYjJDWXlB
R0Ixc1ZnbwpDOGVrQktzSWRETWErTDBOSHBsamlIeng2akJ0Ri8wcWZidTY0eUJV
cnlzCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBaYjRFZXdjcUdsZVBjYjY3bTMvRU1a
c05WY09kMUNCYjRtRGtYZG1iNjJzClRWUnVnQU56QWZOTkF6ODFvOTlnZkNUeWNC
OVB5bHBwVzRVK3BRdjRpa2MKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IHJGa1poNzR5
cTRpNStvd0N4N0lFS0tJYVB0UDZzSHVFM1FHOWtMVFNMaFUKK2pKNUFNNE55ZGJj
TWNBbzZNSnQ4eERHOWs3YnpQSDlwS2lzREVsQzhuSQotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgUEdobnlFUkNZRkliaVRJR0dHMDBDN1dLK3FaMFdwQ2gxUTIzWlZ4SkJ6
MApLbjk0QVVPbytHazNqL2o5RWM2clZzRzA4TkFDVHlPM3U1aE9EZUJ1VTJZCi0+
IEdFWn5dJCUtZ3JlYXNlCkpwUzlWd0VPNFp5QmFKWG5PUGF2NnpLQm1kODFJNXpN
NjBvCi0tLSB6cmJDT0lVZEFiZlBoQUd6NlZubU83QkNIRVlqSjhUZXRrUUFPVXMx
QVF3CqjMyxbHnczjBeKEemv2tEz9t9yDBYttGCcKCNfVKOpaKHMLcHU0ycC6dZbf
1d3fXDeAh/87g8RUSMpJfchDB6VpM8xXJgb/214VHDNyPBbNuzSrZvlA1ibwPWKh
U+XInONTk29sg7jHiJlgS6+9Y1aL1vXVOkdNMq718/lJBwSSu1+v
-----END AGE ENCRYPTED FILE-----

36
secrets/craige.age
View file

@ -1,36 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBhSE56
N3RlOElYWkJYbWE1MXBFV1lVcW9Cdk1Uc1huUmp5NU1ZNVJjOVJBCkNqai9UcDIx
RWxpaEZJQmlKamZTWVVyd3pBRUNCajhSR2M1Z05ja2QwMkUKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIE1DY1hwNmdzZDhqYzZ6Z1NpY0tBZmUyQ3ErdXBSa1ZUV29hci9i
VE5jbFUKbW1pSWc4d3p6S2F3dUFwb25wMHJsZzZYMzZUQjFrM2gwYTNSRlhKUHl3
WQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgeXlzbmllaUpzbWFoUnpkU1RwVDNkd3Fm
Y1p2VVIrRmdISFdsUllOaHYwWQo1ZTY0N0UzUjdVTWpKK0VIbXJJdC9QbCtaa2Fn
Qm54S1lxSVliYzdPWXNJCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyB0MncxeVdkdWZ0
MXhvVnhtTVFLVkw2d0gvb01yakx5ZGQ3c2ZKSU1mZ0RrCmZiYnQ1bFJMeUQweFpz
YzBtNUpSYWI0TW9oNzFRWWxVekFmcEEwRXk3bjQKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IHJZUXdMWktKNGdMb0t2ZWxkcE5CeWI2Y2xpaFBVNEFRQ2hlb0FxRzhla1kK
clg3cmpVSTJZQlU4aDhoWG1zNzRiR0tLTjI1VS94VkM3eVhUU3JRbmg3cwotPiBz
c2gtZWQyNTUxOSBQeEt3alEgSzd6TUp5ajA3enFxdnpuenl2TlJzSW02LzdJS3J3
a014NW9wWVNiZVB5ZwpacXNXQ3JHeHUxMVorN0xISFZRUm5RSXl4RlgyYWJLNlJN
TllKME0rZ2Z3Ci0+IHNzaC1lZDI1NTE5IEIzZFhTQSBTRXYrYk9FVGV5UkZUcmZ3
T1AvT2l1d0NmeUhJM25POVFFQVdXdk5NaGlZCi9xbkt5VHQ1V0gvMzVXZ25CNlYv
dDBpMURza3MxZzNyVm9VbWZYdnc2NkkKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnICtT
cG5uYWFtZUNYUkNpMlNyb1JkOVFkUDA4WERQaWQ0Z2JEOFBnOFdweHMKdGtxV3hV
ZUNTS2hpOU41NkVxMk5yUFdka0x1WlhSZ1RMMFNHd2lrTG5xYwotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgUm1uc2FJOUdKbHpkSXRvcHBINEU5QzQ5aWliYm42OFNZMWx4
OTRURGVSYwpJZVpoL09QcW9JZGJZc21BNUliVWVKQlMraXV3U05seTVQUUNJZ1lF
TjVNCi0+IHNzaC1lZDI1NTE5IHVsMGt4USAxWWhMK1lGUFhBanFMbEQwVTgreEcw
a2JJcVFla3ZmOHZJK1VPTFZuRkNBClB2ZDVBYTc4QWZnUDdEdFdOZkx6dnpRZTkx
MDlOZitJd0NZM2V2amNUcmsKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IHpiTGZmMFUy
MlZyZlJMa01GVmRsQ0hFRUxBWituMkE3S3RPRUJLdU1LbE0KN1M4RUJoVjVhZTRs
K1g2dGEzMjIyaWFEaHhIQ0tkSDFGMVd1WTh0Um1kZwotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgSkNsTUlxZ05jcmp5bDJhclhEVldjWXR2TWFreTdSSXl5MFNXMUNxWDJX
QQpHQ01ZLzRXUTNJTVJvK0dHNDZoTEtFaUpRRFoxUGFUampSRzREUzBtbU1BCi0+
IF5bSEdnXH0tZ3JlYXNlCjBmSlA2SHREd2cycEdsZGhIMVJhUDZ1dXVjYnI1eURL
dUVDcGlZb2ZwaFZPTUNZeFNXSC94OEtYc3pFN3RtZUsKUU1qS056SmVidHZ2c28w
Ci0tLSB4SEdpRXd0RUxmVm5lVXJaWWQwbFFNVlo0SGxBK25jaHg1Umt2K1dsL3VR
CrLdgAdAyLUrzRwPhN0rl5DD6Z97AYiH44VcKrqZzkZYbhTfhHEHE/LwJIePAOiO
WHEYkWQtMOfaz1t6Nwe/bjG1VLRkttWRQNKWEewxG5c5NppWcgDIrd05DDX6oiRi
/oGAp7PVaZwkvgOwAxtD5OS/jTT+BzV2yGCBoLNSuqxF9VCL1yYtYzllBQ==
-----END AGE ENCRYPTED FILE-----

37
secrets/fiona.age
View file

@ -1,37 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBqb2N3
cWFZNUpscUpmRm9oRTgwOWU4Mkhpcm1CdUQ2alB5RW1Ib2p5S21zCjJqQjhobFI0
MW9SeWJldWdiMjMvQWxDYkpBQ3VMUkFnT1N6M2ZkNEdGTFUKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIFlIZEFwSVFydytDNXIwdlFuNC9iWnFXOERhV3BNY3lxdzJmelU5
OGpRMDgKc3VGa3NBWFQ0UVR3WSs1TVBIQ3BQK0t1eU5FOTVpVnAvWjJpT2hoSGtN
TQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgbS8xemZwQVhnSXB4amdNQWsybUdTblI0
anYrWWltYnFTaEd0SGpxamlYMApTTXNwZ0E0RnV6NHVNalFGc3p0VDRFRXJEWW4r
ai94aHdyeGIwdzdHT293Ci0+IHNzaC1lZDI1NTE5IHU3WjNqdyBxSHZyTkdodWtl
dGdKemxTd3JEdzE1MFVVM1lsM2d3UE5JYkxsM1F3ZzBBCmNpN3FHaDlGOG1kSVFl
Y2NuN2NYajV4K2pWdDhMa2E3eTFWRmJacXo3UGcKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IHV3TzYzZnlvNFpBQVE5MzRpYlc5QmZUOHlYbGs1QXJZZE1VdkdLcloyVWMK
RTdDakloVzBnYkNNQU1FOGtCWnlkRUdjZVFtcEczNkRwN1VUcHhveVQvMAotPiBz
c2gtZWQyNTUxOSBQeEt3alEga0xYNjlOR2JmLzd3amcxQ1AwQ3VONXIySDNHNG51
cWlYMWNUd25mRVFtawpzdjRpR0pwN0QzOWdEeHFTYTJQdmc4YzlkMkhNUnBaL3l1
T0JoeFVMUHkwCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBvaE50ZjMvTTdDMUo5ODFn
M2tMcWtvb3VqbWNBNFh1NlhIaVVnUk42d2dzClVOSWw4YnB4eXI3cysvQ2ZTeFdK
dFR2d0EzR25DSDByaFRyZkJzblpwUDQKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIEla
QWcxUW90eHFkbUx5b2VpOTA3WXQ1Undud1ZBV3BOdWp4Yk1jV1UxU00KRzZpQWpF
Y0NOZDZYWE1uanFYMGU3YitVcUVhMG5rdkcySHU1NTB3bk5CMAotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgbkdKWlJDYXpVbmE0aGZrR0pQYnFFVFpsbzFaZm1rSU8rY2hP
aFBaU0FGSQp3V3gwQTdhZG5UVDhvc3hwZlZEaGtMc2U1ZGJsY2dvcE5GMi9MUnIx
c1MwCi0+IHNzaC1lZDI1NTE5IHVsMGt4USB5dTBSa3hVbmpBWEFyNDFvU3gxQlpE
c3krU1c1ZWVlY3FkbjREMzN0czFNClJKalV5VDdxbnErcENOWnFzSXkwajhKcmt6
QW5sdGtlTzZiR01sdkZEcUUKLT4gc3NoLWVkMjU1MTkgWnc1SGt3ICtsSHdFaGlP
Vyt6TWJ1Q2kyZDhmNUFQbnltcHdhaXh2NXM0dS9Bb2dwamcKcjg2VWZudGFvZDVK
M2pQSUtFdU03c1hWWWNqcXQzTDF5RHJVZ3lPVFNqVQotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgMEk0RGFQa2YvcHhRTklLSjBCaFEvb09seU9pMHVwMXhzL05HY2xhWTFt
QQpXdGNUeE5vbDNXb3FDVGxMdWt6MHpDVXQ2UWc2R1lzdnJvSEhLalRxMFRBCi0+
IENKKjlNTU5dLWdyZWFzZQpHT3BtNFJPdEdFdzhSbk9Ud1JjdmZmbEJIaFlYbkxz
N3VCMTYxbEhrN1VFckQ2ZDc3aUt5MEE0SU0vYTE3Nlg0CnI2UTljOGdiK0h0SEps
WmN1K0hqa2VUVnJxMk94Tm9ORVZ4ZTdqLzBidk5FNmh1OEFjblpTdwotLS0gYVQ2
dC85STBXYi9IRnFWVFdvTmRkUG15RjkwTkFnQlE4Ly9hVGk3TWp3NAo4cVH9Y1Kg
1Z1zTvAW9/e6QpBBUQo/9eoyXpwmCE1hLaowxGUf8gvsWAMbVQTdI8NsejCyM44A
l1+EhywFfBNQXGwnsBjPUdnenDcqNhdO2LHybqvvdhWOYC+J5JQjczxdZ7myLtP7
VKyEh2ac3E9d6OQqul5zaWfbiM2vcwf+0O1r04Gfvc7j
-----END AGE ENCRYPTED FILE-----

37
secrets/hamish.age
View file

@ -1,37 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBNZHA0
TisvQWwyUXJJU3JBd1pFeWZSVWNPYnBQNW5MMHN2ZUVCbWY1S3lrClBobFVsbFJj
QjNrQ3B4eUJBVTNrSUxYd0R5eXd1NUpkQ0R0Ymd2ajlPdFUKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIDFMY0tKRU1jazFscFRSdTlXMDBPdWpldVZIRjdiNGhBM2kzcGxx
UXNjbGcKZ2N1V0dWN21zZ0V2SUxMQUNJK0R1VlZCa0RKMVBLL0lhQjN1RXBEbXVN
QQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgb1RhSWtKTUJMVGpxSysvbExxRUY3bGg5
U3VvdHNOaWE0b2piYkcvdjBDawpiOC9LV2FldXQ4YkNRbjJqT25sdEpabG9TRHZV
cVVvZm1MVFR1QmZmVkdRCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBZUE9uYVg2WDg1
S0dtV3BFYmppbnZ3MklFRFFXdVlGZkpmUjg2d211RW1jClNad2VZU0REOTVrREJE
U0lGc1pUejBzRkFHL05HZ0k4czgvUTNWR3NaMXcKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IGR0ekF4L0FSaEVBR3BJVXFaQXZjNktHVmN6TWVXbWdkY0JBOWtGVzczd0EK
RjUyQTJrWVdsSXZUcTFFM0dzTW5HTHJxeUR3VDVnaXpHMWdTeHVXclhybwotPiBz
c2gtZWQyNTUxOSBQeEt3alEgWndrODAxRlE3cmxNL0ZtTW0zTlI3a0MvZncxZFE3
NS9xWWdMck9pbkF5UQoxRUZNUUZaMlI2bG1JNk5kTUd1WXhoZXNrcitlNThVeU90
K0ZvNEN2Y2RNCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBqNlF1akNrQ1o0UXdJeEc0
dkgrUXNuMHp5VUU1eXNJUytRY1VXdW9aTjBFCkl2dHFyNkF5ckdTU0IzVzF3bU91
eWhReElJaysxMXdsd0hFVHYwMk1qajQKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIGd5
eXlUMEpSZGRWb0Z4OVFFelN3YlB3dklqT0ZrMVcxMlE1Ulc4ZHkxbHcKOFZvd2I4
NUNHOTRrc1NWOGxzeTZhOFMxbUdpNklPNE43bFBMLzdxcVZHcwotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgUXR6dzlqaFhCS2FJSERndFJSaEkwRFIrMFpybnd5UTdaQUZM
cmQ1Q3ZSawp0T1ZnZGxIZ0V4QnFsTTB1V1NWNDdMajR6dEc5MmpVMThKSHNrMHVV
STFnCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBqV3hXSGlrRDBNdWhmTEZRN2NLQkNu
aWFOeERHNm5UWllqRVdFMnMwN2tVCkVQL2lCMXhCYTVpTWJydEJHZmd1UlJ0T3J4
Y3RLcGFqOVhuQTVncEc4QmMKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IGJrYlljWndR
aysyNVExcnZKY1V4OHVnSzhpNFYyWUJTZy8yb2NpVE1FMHMKbGFhQlBOanhUaVRT
L21UWjNTNUwvMnh5dnpsTWRGNWJnbERoZ0cxMXVKdwotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgb0RSWXhSYk1USjRLdk0xVndRWFNrVVZpVE1ldG5qQUNGWFd2ZFRkM3lR
WQphYkdyMjBlRkkxRUR5eEdxOE1SMHh5N1VQUHJmRFdKNHdrQUxWUWIzZ0ZFCi0+
IGA+TXxpRiFgLWdyZWFzZSAsIDZxfSVBeCA4fjZyCkFuYlBPWnQ1SDkwVFdiUFpr
ZC9MblJJSE0yRWRXQ1RuZFduMVoyU0cxRjh6UE5qWHpQeDNKY1FHKzJHUkcxcDAK
bVBXZmV6YWp3RFRaalkrT2JPcldaZ1NhNFljCi0tLSAxUUM4b0N4YTdMOW5rWWZ3
RUtNV3VBYWV4bENhbFJZS2ZMUzkveGtabUZ3Cs10FGWYdOYr63rRA2P7jM9HI/9a
t2gFVJyA+AC0hPl/pDVabyrF48d8lWzk1IwVe3jfP5QHZxhHwc9vuu0crw3EJAmK
Q+QgythEzjF0ftCosDXLg5J8A3lkPlAe+km6T294oFxTW8pG/h8tu4rKukJWnYSU
E09AHZ795YX07jKvrN/U11HRd8g=
-----END AGE ENCRYPTED FILE-----

37
secrets/logan.age
View file

@ -1,37 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBsSURv
VzMrb2x4ZHBEdjB2N01nZTBtTzlOOW9JYnpLZ0hhRHFJRmd2cFZRClFVaUtVTWFD
MWdtMTczcEhZSEVRK25aM1djN3p3MVlzSkp4UEFnOStxUkkKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIGRFeXkxMDhBYVFqNjdyLzRyQ0xHQWtib0JHbkZnK0R0ZTdVeHRm
T0l6azgKUWZobTdUYkphUmZBQWRocjhIcEF5eEk2amt4RDRxWjBFOFBjcWZ2dXQ1
bwotPiBzc2gtZWQyNTUxOSA5aEV5RFEgK21WdkxyQmNFeXhMUXF4SGhWczFqczRG
ZHR2ZlIzaDNvc2Yrd2FPOG5RWQp5YzNBTGlZcXZlZ2M0VmEvdkxRNzNVMXh5K3FV
Ny9pZmt4S0dIakd4S2c0Ci0+IHNzaC1lZDI1NTE5IHU3WjNqdyBDbHFFRTFDaGRi
MWxpbzFYa0tUTUsxWFJya3hGUjVVVTIwcEpxNFhyNWpNClUwV2pCRlhXNWhwM2pk
TWlTeTVrbS9lN2wyU2JTVnhUb094Tm9OQ1VCMDgKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IE1nL1ZaMzVZc1RHNXJycW0xaFBuVCtDS2YzRTVPYWZ2SUVpVmN3NVBBUU0K
TWc0Um4zNTcyaW5NUHRxS2dsZWNZa3FwWVVnSU9EVk9LNEVoUVN0SGg4ZwotPiBz
c2gtZWQyNTUxOSBQeEt3alEgemRWUm9LVEwvYkRtcHRjUzExeGZENHRUMWxGSkU0
TWE1NnkraStwa0REUQo3Q0ZtWk9UTmsxMG9aNE9uaVptd3htZ1FCQzFZM0d0Q1Bw
TVFoWGlaamVNCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBuSUVqVHlJTGVKSTlydGxN
eUZjS2tybjJ0Tkw1ajBoRkJSN3E4SnV4RnlBCldES1ZvT1VObDhnL0FHUUVreW9F
bTRCMCtES3NJbDRhRjE4ZFU2VDdHTDAKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIGh5
M3NBcFhpWXdjWklqNk1vMVZXRFMybDgzVTVXZE9uUDhMY3BQOXZIMVkKak5reisr
NkVqSFV1UFZVVWFxVmNBN2xGZ0F5RW10QmU1U05lNllHR21XdwotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgVzRWSFRCSitURWxEcW1Oa0ZXdkQ4SyswODM5cDVzWFpwT0hO
aGE3OXVVcwo4SFJsRGlGdWhEK0JUTlR0am0xVG1JcjR3Y2lJblVsTUJtWFFlZnVn
ajlNCi0+IHNzaC1lZDI1NTE5IHVsMGt4USB1L2d5SDJVTUp1Q01kYmE3M2wxc0JT
QzdtS0hOTlY2NUhHaFJHUU5HVGxNCkkxV0J0OC92TUNIMXh6aUJIMkxYc2x0bzF4
OGRNcDlneUdTWUR4TWdvbTQKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IC9XeWdBR1lB
RThIbytIK2pJUjl0Q1NyV1FETUtad1BPTzczVTVwK0pSQmMKUjJpRW12Z3hOQ1Js
V0h0bjg2UVhFbllTK3ZNOEZJVjlnS0d6bS96bUpMTQotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgVFFnMXBuVkMxOWxMaUJKMmRRQ2J1TXlhOHFITzF2ZlMwWUwwYjFzcFFo
dwpGdUJsdHhCSUplMTZnWkhPM1RBZWs3cmFiSlhhTnBBZlRTTGtiZWFjTEZJCi0+
IE93OCk9Ly1ncmVhc2UgalVrLFEmMSAwb09BMFEKZUV4YWZabnU4S2V6T3FyUUk5
bEZYU21WN2s5czA4WGg2T3V2dmM2bmE0QUMxbVNYNjlOcUVvTkJvZmY0V0libgp2
M1pOUnRVCi0tLSBXTEhsQmhlZCtwMVNyY0dadlcyKzV2U25sRWoxMzhEY1l5KzNS
cVVaVnJBCsyrUAefxlWiCVPCOzXHaPlmcXrvChiS7udyIfSXKaiN4N/dxW2Y1h/F
unCbKUkW/qGO8cqyHzbudwl72iwRK6aqqmRVkTk8wd6+0XeWdPmxJCR07AMe1DEx
afv5xFidKkuaiglMPxI6TCy+YVH+2BQPhkEquvSkhJjnWJXqj7S/KQ9+Fjlz/ZcQ
zR8=
-----END AGE ENCRYPTED FILE-----

35
secrets/nextcloud-adminpass.age
View file

@ -1,35 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBlK2lF
RHorTEwvNGIrQjA4YmlMM3U3UTV4WGZzZ1RvZHRKT0xhN0s1TVJRCmZaaithSTZZ
QmM0RHBkZHhYelZ5dHc4OXRNMkVGM1REcGVwbi9kaVJaUHcKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIGhmaGNtNDJKa2F2UWszOWZRNnpLVHpqNzZJdTkwMmZVeGtTVmpJ
YzdiUWMKT0ZtNWtidGE1UGJTTDd1R0RCNjh4aStDY09zMFZ4OGxiM1Z6RXozZDdD
SQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgL2hCQnFVU0VXd3NMVHpab0dWK1ZFWGFx
TTZ1UGVmSU9ZVlU4TCtWOWRYbwo2UmtKellzYnBuYUVYZnpxdUN6bHhRSkU1UW5Q
eFBhZVFZS2oxa0N1c29ZCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBTT0REVTFEdjVS
d0dyR0N6R3J4aU9CdkhzR043UHdidUFaNlh3aFNKSW1zCjFpM0FLS292eWJidy9N
UzBtQ3Z3cUpZYWtiZzhxbU1wS2ZNeE9hTWloUE0KLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IHB2RFNQYVNkdGRMUEJrZGI3bTUwTW1Wb28vV2xDamdtUGI0cnliWHUzajgK
L3RDeFBNcXk5Y2Jua1N4dGxmRktsSkFoOVowYUlVTndnbEdiNlgzRmtCdwotPiBz
c2gtZWQyNTUxOSBQeEt3alEgT3YxblhjMWphNFQzWmdhZjFhK0NZWUxsbC9PbWNt
Q1VFeTRVZU95eUJnUQpkQmRrQndoZWdBcWEvYURPR1FNWmdGcDJlc042QjF6VUNM
blR3Mm5BOGRFCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSA1Vk9ObVpqZFhwOXd6azJ2
UXd3STRkZzNlNXJ4VVhGNmM4a0x2ZkR1Q1FrCndaVmNqMWRYd21OVVkxMEhhSTdo
b21TYWFKL1dSczg2eU8wTi9FUE9kUkEKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIDNL
N1J5M2tYN3cwT1piMitpRnR3dU1RbDczSldObmZLbkRlTXRMcEd0MUEKSjlselpF
WnQzbXd3aXJDbUs0QzZ5d3UzSlp0cHlGRlpTYUhsdXhXSHVFNAotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgOXJGWDk2STBqaTFFbVRqMDFvVlh3NTJDemR3N1U0c0IrT2tx
aStraGJ3NApCSHFQZVlzbWtTdkFWbytnS1dyd2Y5LzJIakMrRDZQK2pwZWpEKzlk
bDdnCi0+IHNzaC1lZDI1NTE5IHVsMGt4USAwcmFsc0xIQzVObWNDeTU3YXVuVjd4
Yy9jRnZmT09DOHhnYlJIQUtOYnpnCkYrVzcrZkFsTURkUzlYbDhNR1hCZFFZaklH
blo0TytUcFBINTRqTE5JM28KLT4gc3NoLWVkMjU1MTkgWnc1SGt3IE9pN29ic0FI
TUJlT3o0cUs1YlNOUEdWcllWZmlrVGVFRG9TTzF3OHJwaE0KTzFhVEtxb0hmVXNG
R25lZVNKbkQ3TVhoRjlWR2JlQ016ZWVNVTZKSWlnSQotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgRC84ZDIyc3BId1NROVNodDNLNXJjaUN1ZDI3bTk4Q0lmelMzbUZHc1ds
awpzTjdqeXJwWTBRd2xlK3FrODVRZm9oZkdRMnJWUVgvL3luMXZEaExGYWxRCi0+
IEApTS1ncmVhc2UgQ1xxMyBeT1tDTnxPID0KWmVJdTR2all6K2t1TnZlLzhYYUtS
R1Y4YTFQb2RaZnlFQzEzT0JNMjU1VWhYYkxCVWg2K1M4RmJNUVNjUk0xMQpkckND
MzJrTXlPUjJhQUY1WFQ0UE1OaUdtRk52SmdrK0NNdU5adHkxCi0tLSA0TUU2L1J2
QkdRWmppaTI5L2twaGttUUlURE1MY3ZXVnVxZEVHNTJSK3BBCucjRXVgU2KZE8S3
P695DXvhJHlpWrKEvjZAooTzzW26s1Z2Yk4sclXQEOFQaXx+aBHkeovdxi/gUA==
-----END AGE ENCRYPTED FILE-----

35
secrets/nextcloud-dbpass.age
View file

@ -1,35 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBBZ2dt
WkdZWDlDNkRRZkZZL2J0aFRUZm1ZUnBDbUNqUVhEK1I2UVBPaWg4CmoxSDVVR3RP
WmoySkcrMHBkd0dnLzZNbTgvUDlLSnZTUzRmK0FqelJtOVEKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIFpzc0gvTHJUVmxLbGh5RnNWZGdtdGg2aWp3U2hncllPZm05Yi8x
YWpXeEUKM1lBMXluSDh3YXJYajlQUVJ6R3FqRWZ0UzYrNXJHd0VhUXRNVHJJK1Q0
NAotPiBzc2gtZWQyNTUxOSA5aEV5RFEgc2E0dHhWVXZUSVJSdGFrTXpxeFpHcU1u
Q2RRVXBnTHByZ2c1WlpIMTYxdwpWUkJUTWxEcGNGUGhnKzNVTk94OXN0YWRKTnJM
b3U4VFp6WEVsaXZ5d21vCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBOUFlRb3BXQ1Nu
dEhieTRwMW44NGRyVFhKVm9UNUtROWFDbWVsNWcwV2xvCnN6SzcvbWFoUWE5Mk01
ejRIU25QUTNXZWtERXJxSEpXMnV6MjJHVlVJTHcKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IEp3dEgwQkloS2c4dTBDZHdENGZvd3JwSG44aHUzdVkzMjg2SWo4SEFrRUEK
Tm1OakVtbDRLMDh6cCt4YmdxK25uaGV4UmhsWGI3MG9DOFo3bGdJNmx4WQotPiBz
c2gtZWQyNTUxOSBQeEt3alEgdWtKQVN6R2o3OXVXQTB3WWYxSWg1bmgxbnk3M1Ux
U001RGZqb2tYNjR4Zwp0MFFwVDBta2NXRmNpWlJKZSt2SXA1YVhiR1dHSWlaWFpn
TVIxck5pMjNnCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBWZGgyY0F1NjhQME5XNzdS
N0hwSmxZRnFkZmh4S0syMUdXaXhpYURMVGg0CkZpb3RvSExUNWJmVWtzL3krdzhB
U1RGVFM3SzlFengrTGFJUnBqYllTUlUKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIEtL
ZlAvM2xUTkQvTFExdmpIRWp0dDBrNjNnSitQaGFtSlVhQ0daVVJ0azgKamdJSzR0
WWxHOVVZYytkS29IbG1YY0hvdkZmTnhodXEyN3VPK0djcE1CSQotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgYmJwcHFpWmo5aXhBRjNlQnpCWUxlbStOMVA4WklqOVFpdW5X
QnNmOWl6SQpUS3l4WEsxaVo3ZjgzZmpQR0RuZ0ZoMVRzTmErZDB3L3ZESUdXS2s0
QWwwCi0+IHNzaC1lZDI1NTE5IHVsMGt4USA1ZmZiWnNTRUtwV2p5NGU2V1UwR1hG
OVdZTXAxc0dya0hXYVhjbVBzT1MwCmRzOGxzUGs4UkNSY3l5cTVZajdQV0liRjFF
UTZZaGtsdStqQ0RDdkhjOWMKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IGN4OGtraWJG
ZmVsdlJOdGJEY1JQWm1BeUtyMzJFeUxtTG1HN1JFZVRoaEkKclBYNms5ZDZFMzFw
ekxVdlVzd29JOERwY1NyV3RnN0xyZVFJTXdPZU5uRQotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgWXVLNE1UZGFXS2lsSXMxN2o4aXdaR2ZMY0kvTDUxN0NDSHRyandvUWFG
YwpwdnNwL01QR0VxTE9aOHkxV1VqTG56MFdxMDNEYkZFRW1VaVdnWGlRSjRBCi0+
IHc1dVV8Mn0tZ3JlYXNlIEpuNmsgclU5TQpRNVRsbmIxaU5CeVlWaDhiYnlkRzQ1
Y2lIR0l4eUFTNFFQdk5JekVFQ2N3Q0JJK2grK2IwN0M2Sy9LbUJKNHEzCmxyTHlU
VGZVbU1Edmx3QXFuR2s4VXBWcDdnazFVMVM3b0lKUmR6WQotLS0gR1k3QUFEN3JU
Z3M5RFNoeW5tRVU5U1Q3ODNKRzR0OUVHc3Z4OEN5OHNRawrkiowgC6QAagO6PpAG
1ZTfpxGEOWCMhBTN1v2TIiIGdGrTARto03jq1MocduDJQCcpZx8uGY9o0EA=
-----END AGE ENCRYPTED FILE-----

37
secrets/root-ops.age
View file

@ -1,37 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBKWHcv
a2NDQjdtZnE0TFpHSWR3dFdWeUpCd1A0LzlsZ1NudHN4dENTbmhvCmpvVjhCdXlH
citVTmlyZUh2UFl1OWQ2Y2d0L3dnTVNzNnFLekhqbnVUUkkKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIGR5ejRQYVRvSTB2TzA0cktYMU5sSlY5UXh5YkRpOTVDSWFoVmo5
c2hLRk0KaUFlbFd0V1FzaGNWbUhiT1R5MG0vUEJtaVN4MjJ6RWM5MndWRGlqaTI3
bwotPiBzc2gtZWQyNTUxOSA5aEV5RFEgbmQ5RjFNK2lPRHFaZjQrNTRrWGE1R2tM
aGIwazVRMHJWblZWMGQvbVBGYwpDU25rV2ZmZEQvUWFkSjlvTkNCK1hlYXUwRDE1
SUI4TzV5WmtJZXBpTFlJCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBvZDFncmtaOWFH
SW1veDY3Z1NOV3VGVDQ5dW1TeUdZMHE5cmp0S1JSUkQwCkpiWU91K0xGd0RYMXha
MVp2ZTcxOWszWDJ6Ui8xSG1mSnFmd3U5WWZEVmMKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IFZ2d1BhdFdjT0hFYWhjNDZnRXdHY1V6VStqWWxQQjlhNG95bVRPWGRqUXMK
bC9OWlExN0lDcHpkdXRHbVk1ZGlaQk9UNGpwdTVBVTNzbkJKN0d4ZlJVTQotPiBz
c2gtZWQyNTUxOSBQeEt3alEgSTkrQXFXdlJvcVlEOVlYZDBvZUF2bmgrR1FSUGJR
dTJSMWcrQ1ZXWG1nUQpFSldCdVFObXloTFMrUDQybjZzK3Jqck4yMUt6NGdLUEpp
VmZtR1VnaWRzCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBYdEY1YlV4djEvWmlCblpa
amdnRjk2VDdoN3BkemJVbldrMU9OeXk0Mnd3CnNsZ1BpWURyRHBSc2twblVmNE5v
QnM3UTJ4cDdwbjNHbi9pZ3FMdDFrMGcKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIFVs
S1Z0cFVZa1RaNEdrWWN1M1lhZUw4YXJoNWswNjNuWDc3Q0hRSFpTekkKUzkrSXRZ
LzNYS3pnMlBNcFprQjhxZjZqRUZYUE9NREJsdHdnczkyMEJSWQotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgSnhNNStteEpvZ0tFM3dLWDQxYk1xM1NMQnQvMTk2dWpzMFFs
dlMzcWVDSQpXcFZVRDArUUxWMHJoczJSNGFCOU9LZXlNQzFBQ3IxOFo1YmhVbHAy
cS9FCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBIVGpPSGFzb2dvZjVkL3JPSVVnVzdj
NTFTSmFaS25lNHJYY3BkeTBLY1JrClh1VGZtdHNwaHQ3UzJIbmhYdDhadWU0MU1N
VGtmQmFYMGZHTUpiQlYxSkEKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IDNlWmtZVjhk
VmVEUGxOY3ZaMHNhVVp3aUJzbE84alc3aTdYTSt3ZldjMU0KanZjMTVYNjNwazFr
N2xwampmaUJLSDVuTVBvNnBXektNU0JSbVZrN1RtNAotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgczdIZE9hSEt4eFJxTnV1d05qa0VVeUJRUE1PUWNMbnBPNW1Cb2RVQlFT
awo5UEFrdDg2cUZsMTI0b2FmYkd3TFQ1NjNYMHNkd3A5LzBxcjlNSERCUDJFCi0+
ID8tZ3JlYXNlIDs+XSkgPVp8TSMtIHQtVSBFal4vcFR9CnZCOWdjaEMwcURwaWJP
U0YvRUd5SGdBMDE4SnpXUEN3VU9aWWtFQTB1eCtmOEM3Q2p5YkVaQ3QvSXVXUSt1
YmsKUlV6Vy9VTVNqYkcxcXJSWkgzbnpidmx2clY2enRhLzF2MFZIdDhNbGtZZlU5
cWk0Ci0tLSBEdmRaQm9FVEhkQWFGZWtyYllOM3YvNGZJQnRvZWI3YjZkdlh6a3Ay
VUJ3Ckgtz/OSIjtMrLDB75AIG+NnhV4476zzaLynMBPtCbQD5/Are2hwwfv3War9
UKv7+MIb/VMLicfSQdooIN/ZutUo4QmaS/mrf72bGJqqplJaqLR8zc5rJZEyuDBj
5o8uY6IpJ7LEPm2FOAFcrMPHdSAS9y2+BpiPJfeF9vFgJ0IPZy26
-----END AGE ENCRYPTED FILE-----

37
secrets/root.age
View file

@ -1,37 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBscDBF
dmp4Ry9nV1Y2dWYvdjJtYnZNcmZhS2ZmQnB6ZWhvTUhrMGJPb0NVCitUUVJiRDlP
dzNjM01KK2w5blRHbExpU3k1Wm9mVDJ3N0dudVdQR3AxQkkKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIDhYRlpJZWREbDNSeldwbEM1ZXA2dUpMcDBJK3owdGpIWWlvT1Fa
TnJrbFUKQWMyY2dvUDJwUW50Wk1oSzNCTysvL2JPSDJ1V1dmSXRDRmRRK0R4OTVS
TQotPiBzc2gtZWQyNTUxOSA5aEV5RFEgbXVHNEg4c282dmRodEdheVdYVjAwb3Y5
VUU3R095aDBJaTlzdlhkYkpSOApFcDFhZmlwdjg2VFdiVGI1Y3ljOC8wWFVqbE5o
VWgxUmVReUZ0NHl2TGpNCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBpQ1pYNXJwZVpy
QXhBQ3dySXg3Y3IxYW1FWEl1eW5ISGtva2pEdEQzUUFRCi9DMWg3R2pwR3dXaWta
UHRhNFZHT2w1MXF5VFNJU3EzSU1nSHdjVG5YeFUKLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IE9iS2cxQUZucHorOVJTeGEwaFZxTDU2ZE0wdXd2Rk8yUmZ2amxEaGxMem8K
Qlg3T3Bqbkc5S21Nc20wMTBRZUlUeUJucHY5RWhWbFg1S2VEWGtnK09VMAotPiBz
c2gtZWQyNTUxOSBQeEt3alEgOUxZWCthUkxlaG5MYmRQbTRSSjFZNnI5TndBSmZs
VDFjOGxXZlZxZmltYwp6TnBFMFdNbXArdHBuZThxeWwweGtFZmR6eEx2YXZ4U3U0
bHpFODM2QmV3Ci0+IHNzaC1lZDI1NTE5IEIzZFhTQSBKVFVsbW5BV0lnM0ZkU2tC
U1VPbjRBY0M5ZW9TdEg1U2JtTHlGVjZ3TkFNCnNjRjFYMDBwSnBOMzZnSWhpSFF6
d3M1SHFVdzJGUGxEYU9zOU0zOElRc3cKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIGRa
T01iT3FKUzNBcU92MUJEOXBzN1RuWGdhLzlrWGZxUDUvQnM0eUFXdzAKV3Jlb1Zn
MndtZ3BXNUVpUHNnSXB5RFd3MXEwYnFIZ1c0NFVRdmJBUGpwMAotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgT0RnMi8zUkUyaGNFWjFFazd6OVJKbWN3bXJwZDYwUUc1a3B5
Q3krNEVqUQpRcEpCQWV2NWRVSURjR0szMmZzdEZoS0FXUC9uTmxuMmhJWnFZbDhZ
M1NVCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBaYURCWWl0czdtQ0VlbWlBellIQ0dy
amlSMEpjUXlMWHkvMm1YVGNHVUhvCmwxa2JOMktncTVNRTUvNVVkZksvOVp5TE8w
MnJKWUhwNm9wSGZxeklIbU0KLT4gc3NoLWVkMjU1MTkgWnc1SGt3IGowTGFsNUZN
ekY0Qmp0MDNHTG9xS2M5c3h1L2VtZnNkd0c2aXc2ejhtVjAKd2huNHRldE5BTkNV
dGVFMEFzMERlOHNFZXFKUWQzRXIrUXZYUm9YM2ZDawotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgTkQ5TGxvOGUveUwxb2Jua0xoMUFTSU9TMWMyUzFCRDJEWitBTERCOEpD
cwovRkNBYy9JQU1UclBUUjd2YkkrQTlDak1OSTRpM0ozWE5VbmE5Y3pNb0JFCi0+
IDtfZXAtZ3JlYXNlIGBpc21oYQpLcmd4OUVOMlJ1QXA2ZTJob0pUajFqWWphM1p5
TkFtN3QxUTB5K2g0QWFNNGlyblFUa2hmdVFsNHMxZG9GbllQCmIvcTlyd05tMmZj
c3lKeEVjZklCYUliM05CeDIKLS0tIDUyaUwxQytCTnN2c2lTNEdibUxVcFdqblN5
V1paV1Fyc1VQZDR0N0hZSTAK1B/SO9aHuG9iLuOJ6dar+tdeNznBZkRTZ9GoU1eT
TOEnE8+Iw+jy2egZsZM/g/dtwXdVQXQx3OhtgQnP2hnye84sTUqEGQvuZru1tJar
z7nXQcpShe+v5BclP9cQJSN9BgrXaamJP1IBdrZtNERBaMU7KQuBVSBZ789NUBbM
GaTRqoTaProG7Ex2XQ==
-----END AGE ENCRYPTED FILE-----

53
secrets/secrets.nix
View file

@ -1,53 +0,0 @@
# Used by ragenix nix only.
# Ensure that $RULES has been set via direnv
# Edit a key: `ragenix -i ~/.ssh/id_ed25519 -e secrets/someKey.age`
# run `ragenix -r -i /path/to/your/key` after modifying any keys below
#
# Re-keying is required after adding new hosts or keys:
# run `ragenix -r -i /path/to/your/key`
let
craige = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDtjE0YstRzlh+Zhlj03th9DYOkMqJ5xHUcderBq151K";
ops = [craige];
users = [craige];
airgead = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBanX/MOfoTT8Y/2x24yusGQzfxBqlaKxVbpNiqnAmKp";
brighde = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOxma18HaXAQlD33jR5iIolSI9p2hTDAMkw6rlQXHnl7";
ceitidh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGB8EUbqoarM4GmPgE2DBF4z/L6wVNc+lF27Z83XDUz";
cuallaidh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKfELhpKAIDCTFYrO4wXP9BrXsUlafcD5vELQwtF4LCl";
dionach = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPcLVq/vaqNz+SzTKHd2mlw+jEYG+JYdYP/1mwK6lF0J";
doilidh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIVqs/F41PYoOPtThVRhLFjl+g/sH4aKRxki0CkZxj/7";
eamhair = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMgjh98yNFdvLygrVdPaS8h6+1FoLRVCzzLbKr255zO0";
iolear-beag = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA/57dNKaPjljQz+xc299xmT+njVL6AqEGuKr3SrFrxT";
sanganto = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ2c9oj7yQLuIjQQR5fGV4FHPfhb4VpLnXeQJv15Hti+";
sercanto = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIMxMEwo3nv7yHQOQEUt2HZdgTBfe5Y7xa1kmvC9qjbi";
teintidh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFhe0W7iAe9E00IUDo83nOY4BKfyoLVQPKlT8EZPvdwx";
systems = [
airgead
brighde
ceitidh
cuallaidh
dionach
doilidh
eamhair
iolear-beag
sanganto
sercanto
teintidh
];
in {
"root-ops.age".publicKeys = ops ++ systems;
"craige-ops.age".publicKeys = [craige] ++ systems;
"root.age".publicKeys = ops ++ systems;
"craige.age".publicKeys = [craige] ++ systems;
"fiona.age".publicKeys = ops ++ systems;
"hamish.age".publicKeys = ops ++ systems;
"logan.age".publicKeys = ops ++ systems;
"xander.age".publicKeys = ops ++ systems;
"cardano/cardano-kes.age".publicKeys = ops ++ systems;
"cardano/cardano-vrf.age".publicKeys = ops ++ systems;
"cardano/cardano-opcert.age".publicKeys = ops ++ systems;
"coturn.age".publicKeys = ops ++ systems;
"nextcloud-dbpass.age".publicKeys = ops ++ systems;
"nextcloud-adminpass.age".publicKeys = ops ++ systems;
"tt-rss-dbpass.age".publicKeys = ops ++ systems;
}

35
secrets/tt-rss-dbpass.age
View file

@ -1,35 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBsTzdO
clFOUVMzRGlUTkF6eGo2djFOWHhpWkpacG5GbEFXZHNKSHBBREZvCnRvSEVqSUpF
Yk5zNDNkY21jejM1OFNxUTNGMEVtRnliNzZvZndyZnliWFkKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIFBVV1doL1JrVEY5L1JXRExSQ1o3ZHYvaFF5eFcxcHVERjNHWExW
VGc2Z0kKaitHRHZ0U0hOeUpJTHJaUStKTk9qbHo4aU9nOEJBMytrVUhDM1FNSTZz
dwotPiBzc2gtZWQyNTUxOSA5aEV5RFEgeDB1TmpjTmtzU1F6VjFBNUMxQWcxcFFV
MTA3d0huYlJ0Nk44Ym5Kd2JWMApDcE1GM1pKaW9TWW1Nd1QzclVlNHVDeGowVjhZ
T2F1NXZaUnQ4WWVHbVhZCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBNVXhYMW1DTXl1
QmJ0dGN6UDRzb0cxeXdMN21VdzJuekZmOGZwQmIxb1dBCi81ZC9TM3ZOcEdrMVpG
NzFKWlFOeVFkVHk0MVBBNS9ZMlVkK1RML3poZG8KLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IFRvS0FUUStKdmRXbkRhemdwM2NKSUw3dmtKZkZ3Vk1VbllEZGpVOVVKUjAK
b1dnLzBEZGdSY0V4a05xVzJSYXdCTUdvVm9TL2ZjdGJwQ3lmc01hdEVQcwotPiBz
c2gtZWQyNTUxOSBQeEt3alEgb1ptc1J5ZWFsTEFETFdDbVVvZGhoRzZDaW9JYlE0
MnFoWHh1bG5aVGxrUQpvWVcwWDBvenZJYjMzUFNBV2kxWjAwa0xjT1gzYWx2K0pq
SlpzYnVqYytjCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSA0K09ISzNlVVY1RzlyMWJU
ZHVRZWV5QmV6WmNmeVMrUnA1MlNjWU83OUhnClI2Z1U0cG1udC9JUGQ2Tk9YZ3Z4
azB3Mk02U0tPVUZaajJya1F4Q2twdjgKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIHJF
dDU4RUxiYlNJMUtLdFJDbU1JUzE5R1U0dkIwRE9TdFNwRDh6TWRiMWcKY1pqdFlK
WC9EMFZJUkJxdit0cUJvMU5kNldmQlk2N3BmMnJWbGpGYThsWQotPiBzc2gtZWQy
NTUxOSAwZHBkZ1Ega0ppUFQvLytEQnZ6VEJ0QWZFc1J3R1RUNS9jQ3FSODhhazhn
N3NHUThuQQptYWtKdk9pd00zMkk0VWRXbUZGN0ZnNjBWMUorZkdOaWRjeVFGa3NX
RXdJCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBkWkFXN25SeU1sMWJTVS9Bc0JJdzkw
MVRkekIwaVFCOTB0cVREc2dWSFVFCkNxMmF4Vk01L2N5R0haQ2Z6cjdQdHRzTHEx
VHZKbGpGQ2pZUmRhdVpGTmsKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IEZZV0plaWpJ
bnFqVStFK2dNV25ZYUtRa0Q5RDQwckZQQXlYbEFEaUQ1RWMKekFjNDZRaC9TTHpQ
OEJ6bU5tYXhXTktmMUJsMXRlZ0dUSEthcWVteDU5bwotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgZ3liVlF5M0pKMVExTzVjWVBjWUFIQjZaUE9ISmJXQUo0ay9HSjEydXdS
Zwo1cFEyMFBCWGd3NnR1Q1ZORnhnMmJWQXkzcDlRQVRnRjJWZUFjd2x4WFVZCi0+
IDFfTGpoM20tZ3JlYXNlIHFDUzF4Un4KZ0RKV29ZY2UxQ0dFTERGdU1TQk9pWEF2
aHVtUUwzd2p6c1dKRzFKekNyTno4Z202Z2RkS2JhdnF2N0tHUWZJWgowalNzN3pE
NzdtQ09zWDRwYzU5b0VaemFUUGljUncKLS0tIHdXNWhtWi83QnQ5bXFNZXp0MFR3
UkI2TTlMd1lSS0toRnFwYWg1UHUyVmcK4yZHPD4ymOHd8MKfXFnyndhFbZrMdIIl
+nmCeTJWL6oVaf2fXnE39io5AuRD8TkQGpg5VvkJwvPZ
-----END AGE ENCRYPTED FILE-----

35
secrets/xander.age
View file

@ -1,35 +0,0 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEZCOVgxUSBSUU9Y
YVJBbDlYR1hDNDdJUVFRYUpYTlBjaVZlazV6bUlPa1UvLzV3TjBJClpneEZsVEc1
K0lFd21HUjJUSnBmdy9OSmNMUzBtcHRlTTRwZUtNZVV2ZVEKLT4gc3NoLWVkMjU1
MTkgSk00dDZBIDhYaTd3dFNDUTJvWmcxSks0aWZIeThhdU9XT3ovelBqQnZNcXF4
MWR1bjAKVHBVdEdZeU5uNy9yQndUeHp5RUxDTkhPSHBoby9LaDBVRjVFNnhzWUlO
dwotPiBzc2gtZWQyNTUxOSA5aEV5RFEgdTJvQW1LUGY4NU1kNmVYZ1hXN3pIRXRE
cytyMWdoTHZqdEJDcnZCN1B5Ywo4UnNKdCtXQStSSWxmRnl6eldmZEd3cm9DNUNF
S1VJenNFUVRCZ3RzUE1RCi0+IHNzaC1lZDI1NTE5IHU3WjNqdyBQQ1BmMnlVK3pt
c1F5MTJQRGs3cHBkWUtwTUtRWDB4MVBJVlZuRkhSMTFnCnBPaXpJMk1zSFpIVGMx
NUdFT2VyUUEzeXpxR2pnSXk2bDZjb2ZZV3pqbk0KLT4gc3NoLWVkMjU1MTkgV2c5
M3J3IEhvalpnQk52M3ROd0FhWEErRVVtYTNaM0YySU42WTdzTGFtK1RkalRzdzgK
WEpaVzNKSVpKdVIyZy9vL2YvTXlMcXhXaVZ4VGZrZEpaejJnK0RidG5McwotPiBz
c2gtZWQyNTUxOSBQeEt3alEgU3ptQXdZdlVzdUJST3hXTGpEMG1vSzR5S3Uzd2Jw
R0VpdVlnR3N6WHlTTQpMcE8wZ0EvVFZ2TTF0N01PVkl2WEFJY3lIN1NuUGtDOTZi
a0xlMFhvb0FJCi0+IHNzaC1lZDI1NTE5IEIzZFhTQSBSdTdHWkJCb2ZkY0tyYzEy
aU13UWk5RGV5MDRIWGwyOXBQcmlKV0R1U1JjCm1ueVV5WmVKMVU2cklaa0IxUCtI
NmRYeTVkTklNanJtbFpVWGE3ZVFIeVkKLT4gc3NoLWVkMjU1MTkgUWZwS1ZnIE80
aGVQZUs0VzVTaHBqNnRwa3NhU3FjNkxqMHczbEdQcXlXWkhuTDVrUlUKSlRDTXM3
QXY3V3FLUmlSOUYwdHdyc0sveDMzVUpQbTVueER5U21iU04xYwotPiBzc2gtZWQy
NTUxOSAwZHBkZ1EgWUxWZ0cyV0daK1lPUE93VzFEVFFnbGw4aUpXS1hOQUtQcXJT
cDBaVVFYMApwUCtpRTdpTzlta1hmQmZYdDlheEczeWU4WFcwWDdkZ1lvUkU2NFQ5
a2tBCi0+IHNzaC1lZDI1NTE5IHVsMGt4USBlSzlYSS9XeHAvOVZ5a0FBV3ZkZGlK
QVREVExRR2NWWjFZVUk0cnF1UERBCmRNN3Y4TTVwRDNVQWFRMGNJcmN1QjZmOGZZ
QVJRQTZmT0RrYzhYUVJ2TWcKLT4gc3NoLWVkMjU1MTkgWnc1SGt3IEkrazBzeUdt
bVh4N3BuWGlzSWgzRm9yeVF1QkJTQWV5RVFhbTgydUVQU2MKR3V6VVRWbGtmdC9q
cE4waHgzeERNSzBaeVlpdS94eEdzSzhvazExWjlVOAotPiBzc2gtZWQyNTUxOSB6
RzMrMXcgZ0IzcnVDQmlPM1VuRU1IQmVINUdSM3lnWFMxbmJNaXpsVndVMlRyT1RS
SQpZN2RURklHUnE4dm8rdUNFbndWRkdvSFRhSDFJTHAxY1NTUXZxS01xSERzCi0+
IEMtZ3JlYXNlIFhRISJPIGIrNUEgVlg0L0kKZWZ4UjNaYnQxcnNZZldqQm1BCi0t
LSArUFpsNkdqLzVHVjRTcVRBR0NxTS8xTGVxVis4cGdRdFJYUW5aeitIeG9zCpKQ
++U8BCnn//2Q4nIzSEVU1E+jjVXGWXGX4LoU7KFEnjEifotQ126GxH1SQqzhYGZW
96Frfo7HFFmM1i9dkiq0Yw2mNZkL9rTjbdIKA+oseKQKJN+HDb08HY1oKfJoCAmT
YotZp05aO2hJYEFkNCVl8mOIyXSExNGJdSvqFS/kRcphX36T2Q==
-----END AGE ENCRYPTED FILE-----

25
shell.nix
View file

@ -1,25 +0,0 @@
{
pkgs ? import <nixpkgs> {},
colmena,
deploymentName,
mkShell,
nix,
nix_path,
ragenix,
}:
with pkgs;
mkShell {
buildInputs = [
alejandra # The Uncompromising Nix Code Formatter
colmena # Simple, stateless NixOS deployment tool
nix # Powerful package manager, makes packaging reliable & reproducible
nixops_unstable_minimal # work around for issue #127423
ragenix # CLI management of secrets encrypted via existing SSH keys
tea # Gitea official CLI client
treefmt # one CLI to format the code tree
];
shellHook = ''
export NIX_PATH=${nix_path}
export NIXOPS_DEPLOYMENT=${deploymentName}
'';
}