diff --git a/baldur/configuration.nix b/baldur/configuration.nix index 553f368..8aa4105 100644 --- a/baldur/configuration.nix +++ b/baldur/configuration.nix @@ -159,40 +159,109 @@ shell = pkgs.zsh; }; + boot.kernel.sysctl = { + "net.ipv4.conf.all.forwarding" = true; + "net.ipv4.conf.default.forwarding" = true; + }; + + + services.dnsmasq = { + enable = true; + settings = { + server = [ "1.1.1.1" "8.8.8.8" ]; + interface = "wg0"; + }; + # extraConfig = '' + # interface=wg0 + # ''; + }; + networking = { firewall = { enable = true; allowPing = true; - allowedTCPPorts = [ 51235 80 443 ]; - # allowedUDPPorts = [ ]; + allowedTCPPorts = [ 80 443 53 ]; + allowedUDPPorts = [ 53 51820 ]; + # interfaces.ens3.allowedTCPPorts = [ 52123 53 ]; + # interfaces.ens3.allowedUDPPorts = [ 53 ]; # extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns''; }; + + nat = { + enable = true; + enableIPv6 = true; + externalInterface = "ens3"; + internalInterfaces = [ "wg0" ]; + }; + + # wireguard = { + # enable = true; + # interfaces.wg0 = { + # privateKeyFile = config.age.secrets.baldur_wg_priv.path; + # ips = [ "10.10.10.1/24" "fc10:10:10::1/64" ]; + # listenPort = 52123; + + # # # This allows the wireguard server to route your traffic to the internet and hence be like a VPN + # # postSetup = '' + # # ${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT + # # ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.10.10.1/24 -o ens3 -j MASQUERADE + # # ${pkgs.iptables}/bin/ip6tables -A FORWARD -i wg0 -j ACCEPT + # # ${pkgs.iptables}/bin/ip6tables -t nat -A POSTROUTING -s fc10:10:10::1/64 -o ens3 -j MASQUERADE + # # ''; + + # # # Undo the above + # # postShutdown = '' + # # ${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -j ACCEPT + # # ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.10.10.1/24 -o ens3 -j MASQUERADE + # # ${pkgs.iptables}/bin/ip6tables -D FORWARD -i wg0 -j ACCEPT + # # ${pkgs.iptables}/bin/ip6tables -t nat -D POSTROUTING -s fc10:10:10::1/64 -o ens3 -j MASQUERADE + # # ''; + + # peers = [ + # # { + # # # baldur + # # allowedIPs = [ "10.10.10.2/32" "fc10:10:10::2/128" ]; + # # publicKey = "K57ikgFSR1O0CXWBxfQEu7uxSOsp3ePj/NMRets5pVc="; + # # presharedKeyFile = config.age.secrets.baldur_wg_psk.path; + # # } + # { + # # odin + # allowedIPs = [ "10.10.10.2/32" "fc10:10:10::2/128" ]; + # publicKey = "LDBhvzeYmHJ0z5ch+N559GWjT3It1gZvGR/9WtCfURw="; + # # presharedKeyFile = config.age.secrets.odin_wg_psk.path; + # } + # ]; + # }; + # }; wg-quick.interfaces.wg0 = { - address = [ - "192.168.10.2/24" - ]; + address = [ "10.0.0.1/24" "fdc9:281f:04d7:9ee9::1/64" ]; + listenPort = 51820; + privateKeyFile = config.age.secrets.baldur_wg_priv.path; + + # This allows the wireguard server to route your traffic to the internet and hence be like a VPN + postUp = '' + ${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT + ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.0.0.1/24 -o ens3 -j MASQUERADE + ${pkgs.iptables}/bin/ip6tables -A FORWARD -i wg0 -j ACCEPT + ${pkgs.iptables}/bin/ip6tables -t nat -A POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o ens3 -j MASQUERADE + ''; + + # Undo the above + preDown = '' + ${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -j ACCEPT + ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.0.0.1/24 -o ens3 -j MASQUERADE + ${pkgs.iptables}/bin/ip6tables -D FORWARD -i wg0 -j ACCEPT + ${pkgs.iptables}/bin/ip6tables -t nat -D POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o ens3 -j MASQUERADE + ''; + peers = [ - { - # baldur - allowedIPs = [ - "192.168.10.1/24" - ]; - # endpoint = "demo.wireguard.io:12913"; - publicKey = "K57ikgFSR1O0CXWBxfQEu7uxSOsp3ePj/NMRets5pVc="; - # presharedKeyFile = config.age.secrets.baldur_wg_psk.path; - } { # odin - allowedIPs = [ - "192.168.10.1/24" - ]; - # endpoint = "demo.wireguard.io:12913"; - publicKey = "AY2kVl9Znp79wrgHjmTUX5aagJKay7barD4BcMir5SY="; - # presharedKeyFile = config.age.secrets.odin_wg_psk.path; + publicKey = "LDBhvzeYmHJ0z5ch+N559GWjT3It1gZvGR/9WtCfURw="; + presharedKeyFile = config.age.secrets.odin_wg_psk.path; + allowedIPs = [ "10.0.0.2/32" "fdc9:281f:04d7:9ee9::2/128" ]; } ]; - privateKeyFile = config.age.secrets."${config.networking.hostName}_wg_priv".path; - listenPort = 51235; }; }; diff --git a/odin/common_configuration.nix b/odin/common_configuration.nix index 19d0d0c..52826ef 100644 --- a/odin/common_configuration.nix +++ b/odin/common_configuration.nix @@ -41,6 +41,26 @@ with lib; { # firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # firewall.enable = false; + firewall.checkReversePath = false; + + wg-quick.interfaces = { + wg0 = { + autostart = false; + address = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64" ]; + dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ]; + privateKeyFile = config.age.secrets.odin_wg_priv.path; + + peers = [ + { + publicKey = "K57ikgFSR1O0CXWBxfQEu7uxSOsp3ePj/NMRets5pVc="; + presharedKeyFile = config.age.secrets.odin_wg_psk.path; + allowedIPs = [ "0.0.0.0/0" "::/0" ]; + endpoint = "baldur.bertof.net:51820"; + persistentKeepalive = 25; + } + ]; + }; + }; }; services.hardware.bolt.enable = true; diff --git a/secrets/baldur_wg_priv.age b/secrets/baldur_wg_priv.age index cc6012e..0587277 100644 --- a/secrets/baldur_wg_priv.age +++ b/secrets/baldur_wg_priv.age @@ -1,25 +1,27 @@ age-encryption.org/v1 --> ssh-ed25519 lC44xg eswmM0Q9AbLRCsQQq1ZlTnFzZAq4m3IjCBYy3GONuH4 -s/5WMKPYoW4oflZacxkkLkodch60wMbQdbKN9fIPkVw --> ssh-ed25519 2L7QNA dkOQottCMaLj1iQSCmiyZpwJdJC/erUNAzf1aXB7RGA -GEUo6TNwN1jJXBmuEy8iTN3xVYYa1vZJF+tFdz5sEZs --> ssh-ed25519 sNAOqA 0elrCKGKgQzyBd3mqVxTVq4bboiBJJKYi+UKNS5ZozA -K71ijRpi7hK2lqxjMF1LUKy0q83FbT1NovmDf+Kkk0Q --> ssh-ed25519 13iwjQ tyC3lOXD830cFLGHc/Ae4ZgF2HhHb7iTlbmPQoJ+HBE -EIgi/nWMEFYIFhxFiZXYFm53Vm/1pBhhRYdru790oiw --> ssh-ed25519 7MB20A +GrWTCkLWOa9uYnQZi4pgzLSJJiqKsZMX3Cq4ijlQBI -SxW5c3Txd/IaKelHc7VGgKnkqNVn8w1m+VyDqGTJYvk --> ssh-ed25519 IvyYug CycRY3+o7lg6UWNjwd+VLApOWH2Mktl7Ud+pBBzq3yw -3mF23XkJ+cCB9kMEWkF+oYBNOKIQcDvHJIQ0jo7gWcA --> ssh-ed25519 v7O/FA CFZvpkvFPOdw0ass4KPU+oLNUBAe3m2+9AAiHFA27Dc -IRONev1DEc+lD5kwveZdX/Ey8TlEQiATaiTDG5XjJUg --> ssh-ed25519 Wzv8ew GhGJdN18tBkCk/Q0zqrfwp6MJVNVx20+z/l03m9BbGg -IkE2gHSfeSUqB4vu0kXZPw3+bMYYc2KszChenmR8z18 --> ssh-ed25519 XgC3XA 1zEjnAUysdOuIm5dYKTwXD3sPDyLh8GWsonKxYw7hWo -/sxObfeZiZXTGQgx2tsga1ykuyweERwYkV7auvuR8bU --> ssh-ed25519 l795CA B3WcfrFFNXFQjPKZ5K4M/prj7RCKKPkP8ktZ0XVghBM -hQhG8C3xd7QR4Eev7X8S94d5buxaJYXtNpzzLfO9jeg --> vbUD;-grease Pu.[?[PM 2v0J'W_e EXW(UE -3VQcTpfcBjiL9iIK0MzJ5KAsg1p+ZX2hxfBwwrfY7Fsn72NeWH/MSxV3RRIUCOY ---- uooL6VvAvEpWbcnuq6gGDKpN0wOHympu0CVPZWyIddc -zc{g 3vRN("-jNc0z.c E4.آ~hwܪkБ7ٻX \ No newline at end of file +-> ssh-ed25519 lC44xg h0Z/EvkZ17aqQu8cqjBDDdrXdBH1k8hXKC9Ii4svGkI +86IeYO7LLAv39TFZxwGORYfwpcS66W/2u+5gzba3nic +-> ssh-ed25519 2L7QNA o41vbzjSTMjTW6mH4bqoMHY5ra8lxnAhuQy64f69L1Q +HGxg//jr06c8EihQ39qV3XfxcGxgPb1tPnPwwhqxUVE +-> ssh-ed25519 sNAOqA nY+ZqIv0j4B55XWaElHE28ug5+Wedg1EA3+a+MLiEhA ++OL9Kifz0RiUtiqvEd5M7efUWG/PJP/VgoPdGHPBUQo +-> ssh-ed25519 13iwjQ oSFqAYxDCeXP9mZoz7c5CnLYumJHoZtOmJpkQio87Eg +KKSN9FGS+hqHGc6t1CBj0e1M/hqyNGu73OUu4ZEYdCE +-> ssh-ed25519 7MB20A jII4JhzKeWGtC0aP5juMC7SgTc3GjmOqoJD+Ksle/xw +Tb0My897zy/xLLz565KYp+LaoiDveVydhrrJySbPtlQ +-> ssh-ed25519 IvyYug RlUAZCXrsnBROrRwPOgXQVqY8q4LDqqgWvZPsbbo9nE +yBxdspHy/mVVXC3WI/Pnoy7UA/DHzQgMiu4WkXybY4Q +-> ssh-ed25519 v7O/FA a/7GwdHIEYsvGrDbpT7s/zidqaIsms14sYhEiabG5RY +bwCiiHAVfUmrt61VbrZXPVsRf9LzgdiZaNjOGRveqU8 +-> ssh-ed25519 Wzv8ew eIzF4pa0+t2RcdGP/bU60FKPVj1KlAi5U0nqXIDsNEI +UYm8HG5I9lM4mD+jqbztio9x+m5QnOmISjduzlKtDRs +-> ssh-ed25519 XgC3XA 4+kbJbxKHpMcyr6A9r+44DrnvxUpgDaEF9RPa3JxIhY +Mey1lA6tHMs2G1FoLBcJ4PjgOz0YB9obmoqZF2TYXj8 +-> ssh-ed25519 l795CA Nviz4/yx5SmP0XFnvKCdzFZKG1BCpiVdAt7Z+5bDH0U +W0ZcHXefVkC+qlQSuwdlv8q+78SuyJ1r54p1gX6OlAQ +-> /%x]-grease 74x@ */qH$/LX j2Y] +ZtgMZTxVVEzFm8teWT72jQnw33w9EBRTB0bvOsNfZDEQTSMUoWhpLBUpBl4Auktn +OjDFJJw1cTNf7XwAJa75+fgKKYwa +--- DlH1MiEQB5kcPiSHdCLn9aoWp61S5Dur7OX9sqf2Th0 +6B۷xE((ii^? +w sLL3)K8|x{> G#3x=J \ No newline at end of file diff --git a/secrets/baldur_wg_psk.age b/secrets/baldur_wg_psk.age index 947f912..11a9864 100644 --- a/secrets/baldur_wg_psk.age +++ b/secrets/baldur_wg_psk.age @@ -1,25 +1,27 @@ age-encryption.org/v1 --> ssh-ed25519 lC44xg K4dWWJ1lPXfhlAIRAybZOkBQp/LRJxRGmbOy5jlvi1I -BX9GP/JpsDjoG+cxNDqpRn5KI/YUJbsOLXHTBDwyUjA --> ssh-ed25519 2L7QNA iXXL+Yb8hZvh3RYRDHtBUTtqHHY5oBKEtqmWhHlkt2o -0XgMpq6fHAYeusPS++Fc6HmFH28M3xNAY1N7ubaEHN0 --> ssh-ed25519 sNAOqA 9NOzTgetjETYpwKD4HruFt2zyrJ7fAcNn70Oq38N+Ww -qJUthhdhGxBZ5jxjh6LbDR7aO5EY0opS1Z56jZpG3jU --> ssh-ed25519 13iwjQ pPze3cWfSczM8n4WYY5CJcjIU/DGShpioJ9p885P7io -WuI/QZG7XTxP3BVo0wOACyKTtgRuLe9StVnherNethg --> ssh-ed25519 7MB20A vtho1nIxUgJaIMo2LMCn4rmTSR4yWlT9AxNJ/cDWOmI -TtaLb344pbQq9k29qFMM3ee3okePsQav+EUt4Q31OTY --> ssh-ed25519 IvyYug qKOrg57dpDecShTU2TMjMjrZCwXmpxGTiiexYujLPVE -hgTCdKOpyyHnPbV8eXXWskxd3nGFI/U2rHmhdudYuec --> ssh-ed25519 v7O/FA gQJcXXvDefLoFAjj3Vep4qiggkDX8/nCCQh2w6sS8Xs -B0BQZdQIc+hWMfNVz54tAdFCTjcLSw1t+htSwC5MKUg --> ssh-ed25519 Wzv8ew MdVlkPiVjagW9qgp6US0on0ctihFEtA0ISpHbf57i1k -83jmpZXFnyIY1tBKbgmfpA7inuPkhlTK3s43zASmwwI --> ssh-ed25519 XgC3XA BthsRj8+CBrTySpWVTfxbzpE5RqjUKGlYEWehRCOKm0 -0XtGkYD6e2t/bzpXgMeKiw5NwRPUZMZ0Hpwf4c90Nsk --> ssh-ed25519 l795CA SEp14FlOLzdCydp+1QEpbpbMuuzhM12ritcpZ4xDllg -FKKaCHlg74KBscVsH8E9H2KQyG2N9xxwp0oOG3oVTmU --> y[|Z-grease )j`~y"}, -AjmSyODTMq+EbK0kDQs+Yw ---- FxyOaPmh4fQDzD/XGykiw6PwySqaiwyvuo1YSN/ULaU -q,X֖yd߭7q2硰=Jԟ9U~x*EjgȷB V8 \ No newline at end of file +-> ssh-ed25519 lC44xg siyicGezmHp45yWb72O5RifDMUe8cnNR/8rlMqkRLmg +xA8vPnJazAWVVKJTzP2ngi/xHt/0V9n+9ijECsbXTgQ +-> ssh-ed25519 2L7QNA QcYCyrqUHqX5CE8KmVzMM+oaXOzCaEAyuy8JBYsJWwY +WljidAlaPXxrfsZKtmDi5iGNqOBs3Tm4hXPeJB99vos +-> ssh-ed25519 sNAOqA /vCQydAHoSTaWDbjP9/NmM+CkdUrtO/XJjPCoN21xmU +QsWk9YqL07P3UNkZt+5Xd4dZw7SENGOUAq/iHFee2nw +-> ssh-ed25519 13iwjQ oD0OpKZ+Vm0nWmworan8dWOAlUQsHDvpm3bqGrOxIQc +pJL9YhA3sXjo38fRvYraL/gLn1rgSKspMizDUuEChYk +-> ssh-ed25519 7MB20A 7kq62RnldRIwC16RKEIsSwPTbn6eH+3FtfmVJucnAyQ +EdyaTv+I+oA8/Y3RvaGTHwpLyzshfnVF4dq0nmo+IoU +-> ssh-ed25519 IvyYug BwwnIO+4eduO4rVu18pA1P3EWwA+9W0WtTlIGNlQ8EU +o++5xPZGMS3K1ACfwbbnQ9BVj8+GNRGFXsiIrWxz1hk +-> ssh-ed25519 v7O/FA MK70P0PK1SeatEb/xbK6wU/1cfiYF4zzYpBHHwx6t2k +y2iwBptLaMsNeRn00vuy2SfdQNRnXHTiBouZo5BBExs +-> ssh-ed25519 Wzv8ew N2K5VjuHs3/RvDkh9Hlrf+ZVfAAKNcLcQmp3k6Tym3U +9ghaa0D4Bpmzd9Yvx+Er3qYFGuC7TSgIirto0uKZRZA +-> ssh-ed25519 XgC3XA CtfNLoBAYMvcyt602EkEqPB4Fz3CRQG76JC0N/qtvFw +X60izqbZKHBqW0+L905eI3Ya6sKgHFU2HevkQfep4LQ +-> ssh-ed25519 l795CA F3NiNkDDNR3PTKnS5OwMLY7s+/3NGNYMS5kiQcV/mRI +8jVt29DIRitRGOFPUV9ncHeFmBJflUcE8g9EB1C0pOk +-> Vb6Y-grease lf +kGMEIpGP8XAGzA6XQgKWZ72fH+9KEjQs9zDiE+nAxJX9uQePckfa++O23ZAcfseA +Hrs6EFSwE+9UvhUHBY+/uuaxKhYGLG9p7ALhut+l +--- 9TLi7lo+ZYZtWSsjavBdUPkkEZF+j14+YJ8szI/Dp5U +i,wDɀBx`猖RtW& j6L D X=Nw30J +40RC \ No newline at end of file diff --git a/secrets/garage_rpc_secret.age b/secrets/garage_rpc_secret.age index a5628d9..884f70b 100644 Binary files a/secrets/garage_rpc_secret.age and b/secrets/garage_rpc_secret.age differ diff --git a/secrets/nextcloud_admin_secret.age b/secrets/nextcloud_admin_secret.age index 16b39d3..3fef73f 100644 --- a/secrets/nextcloud_admin_secret.age +++ b/secrets/nextcloud_admin_secret.age @@ -1,25 +1,25 @@ age-encryption.org/v1 --> ssh-ed25519 lC44xg 91Drbhm8rawrH1Tf4i6sY3b4dV22PUCkXasYJDjnVBk -JP/im4nu9fRvC6lBmuZqtjK/MONa0QSBX9Je3tcMZnY --> ssh-ed25519 2L7QNA p7gDPKqy1aSZo2l049BFUYzozamZe6xy0CZh8xeWBlo -xlC1v+bF9nJQkQ54ObXfi3Tvj3yVz4+JbHyxmIQGsDI --> ssh-ed25519 sNAOqA OsIskIft3nuF89TJ66Gsyj64oV2G5+JJhd0tFuFLsGI -YkMztKrO0OtEtCdqnhNe3YkX493l+jSJT+k9sbScMKE --> ssh-ed25519 13iwjQ 7PzPPgN6r8f/cUdSfTp5E9wWF1574yNwAtmuX5i3FxE -jfkjBP4GBmghOCaiQ6FGNaqoDvLlCt0Bbln4TxLNYiY --> ssh-ed25519 7MB20A Fwbdkqeecc6cI9EN67VWSlT0kE4/IJIiANX9dtM5pA4 -8vMUxIxzQEwn+IB0QP4wxdixOd5fnsSHzVn86yearVM --> ssh-ed25519 IvyYug OUah9hhgBilrcgdR/8u+POTWSwujWsp8AA+YiPmvFCs -arwEHcpNqCwswlob+KZlIdbmS5YHLfWUXKDfsWoU6dM --> ssh-ed25519 v7O/FA yq5SYgje+HOJwZ9/bKITPv244Ao3aZCsLNkUw+L3dkA -2pU1nqZgUTLypnpbJ1prR59rMyfBAHhgK+8ddxQjKMs --> ssh-ed25519 Wzv8ew y9fZuZAtknkDiZmXYn4ZWyDHoVZ3R9sm3vlzh4I7vhw -EJAnK5hjNK6Atz2VoQZeO/niZ6Coi3LywbGvxtqP3Bc --> ssh-ed25519 XgC3XA z2WuzBfJPnwKJOY+fkgLsOEIArIPgUFtD8O2mLGg0m0 -cK8bD/QqVNJerThnAqtn91Q96TaLsKYSTG4yDNDFKaY --> ssh-ed25519 l795CA tNto7MnYOtTlmjl/bhSZEcKDjqnn8ZlbW9BBQQDuAmA -43kE1/kjso/penSuM3MBSsURVG4rFJpsuCjxKJtWAHY --> ,|t-grease -KOs7pQc4KksrMBNIFip3hz44UmaNEB6K+N4wX2/Oz7ayTQr6vg ---- 1BqdPneo6efppGPNy9GpeWxCqXfDPsKwj15gUVWDY0k -99mʇR#[oQЀԸ=l mvǕeF{P!aE(d ssh-ed25519 lC44xg hgRWUZAWUYenogx8j3ihmAdlzn3jIguiuCLBSS8usRo +H9eaZBZmMbqvBUcM2gaCU/s0p5pd3crSYNmmBsQ07ig +-> ssh-ed25519 2L7QNA S1qNlCc2lsD+ZbqyFJzuX+M/PnIyuGbVYOnuoUJscWw +Q1lUu6IUBb29R2MonRuXCOfL2ABpm+VNa6d7R14U0xQ +-> ssh-ed25519 sNAOqA ysOne69AMx96VnpX+25myTQPe/MlEaVc9ki9CS3zHSA +rKBqGwHamQb0LEbO+3ZzwIB29s4G2oXuqNipJBaQEV4 +-> ssh-ed25519 13iwjQ C0G4NlBw2d/mRzx3wKL0zYMB+E2L/WDEdy+m98F5R3U +hvLV5TXiQGJLu/dWnU3S/157AD6b4YmswqAsZAQ/uSY +-> ssh-ed25519 7MB20A PPBm3aS2eN9oD8B2NlycSoBjcVvWAb0ouh83vfmksVo +rQ+TkOW4Tg1ZdvF0AtlFKrZN7AB2kPK55kMZJzTw1ic +-> ssh-ed25519 IvyYug NFudbv3ydIUIaHqjaOl+ex/DvY5FmEE7fmojBsD6SkM +h7Njl0B8thH2X0JlVoxj0yVP18Xxq1/UD0ktlNCmnVI +-> ssh-ed25519 v7O/FA hCzkPx6QmEr3dOQ0mBrpEU4aN8BXrEfNy8F76jP2wGQ +HmC5T2cnKDZZUnHMqDdydbpQHW+T7L1o00mxhNYCCJk +-> ssh-ed25519 Wzv8ew nB8Yx78CFxPc19J1lP6y0NpkPT1noU8gYtXyY6IUPxE +aGMKo06LGXRN8qMIMZdMmNUI+U6QkmqTzifx/OVTrXw +-> ssh-ed25519 XgC3XA Rd4aeSgVK0Zu1+lgL6OAlDv+GJtzx4XwWYb+HBbY5BE +uJnpQOuo+GbtCP1jVfCyfGfeGS4YD0kUseJfP/YYF3M +-> ssh-ed25519 l795CA vVo3ZA3YjOdinm9zfNYiqx1jIkJ3d6/PCffz24aBJGI +xwNj/848sktIKeElNyoQ89R9IxdAHnpPeOrZ8bUKI84 +-> R:[j4-grease u![ M |OD$ c +dtVFRIPWAomxbhiJ7J62wRAz7CgylRR4zmNPmIM1eeZoXG7CMg +--- hN2apSK9SGGUxwRDTto5B9X+Q+1q0zJdwxjRfHwBV+s +",-Ql 7\\ :l{/ϪB̋RT{#͘.]Ŧ$<]{&Tx \ No newline at end of file diff --git a/secrets/nextcloud_bucket_secret.age b/secrets/nextcloud_bucket_secret.age index d9833ce..7c9eabb 100644 Binary files a/secrets/nextcloud_bucket_secret.age and b/secrets/nextcloud_bucket_secret.age differ diff --git a/secrets/odin_wg_priv.age b/secrets/odin_wg_priv.age index 10d1712..94589d0 100644 Binary files a/secrets/odin_wg_priv.age and b/secrets/odin_wg_priv.age differ diff --git a/secrets/odin_wg_psk.age b/secrets/odin_wg_psk.age index f00b821..14dccdc 100644 --- a/secrets/odin_wg_psk.age +++ b/secrets/odin_wg_psk.age @@ -1,26 +1,25 @@ age-encryption.org/v1 --> ssh-ed25519 lC44xg mdip3HBP+qEHMNFgw+bCXJRr35yCxEqPg4V+pLdZMx0 -yMbZYirQlZMmr95StdYp/1wPjXaxjsNGX472ex3SMfc --> ssh-ed25519 2L7QNA r+tO1POIf8Ayi8PC37rLf0p7Y1O5z5CasCHkRK7BtGs -Ts/86q2fOA9BQyuKTUZ8eac39MnPQ3MJM9y2XXVV7RA --> ssh-ed25519 sNAOqA DLcdzGd38r3t4mLvbAFAD15evjuVVMlhgSD2md0HYRw -2B3LGMJWeVPhkPMmQx8A7aF5HUf6zRMMFG85GX/8e90 --> ssh-ed25519 13iwjQ jtSOmjgGcGh2XqIoc58J5cgcH5M1O1Z9ZJS0M3TFrgI -M9EJKUUWwayAYhhGysvpJ2LVWyedn1k0Q9hT5kEt5MQ --> ssh-ed25519 7MB20A kqYtQSu3sYRHi4bka/lXMimez0AFGFU5BqoFlGqKmjQ -Kmk3rIxRw8xeGtfC7cabLiP3DXGhd9oc7vwl/BUFvTQ --> ssh-ed25519 IvyYug gMJj5DWImX/iNW+cY39tE4UJUbQlUqfEl0hMQjcS6lQ -u3mqyt2QmhkrYWAL02b5Pv81tXAgDif1QRZJLc61Nvk --> ssh-ed25519 v7O/FA mzDFmhR9wPZT/Wj9Rra1d/8mIXMZfMqMKZ5Wroo9Ygc -Cz1il7hvvgJFqu4cqFSHbr3FpJAnMvE4RY2BTutXiqU --> ssh-ed25519 Wzv8ew qv3oQQMhCw2UnZm6GRE24OJ47N9h2wtO4ayM80it/io -oIg6KVKFY1bh4HJkj6bUhXq+ThO1kl2w02GhMqHjFz0 --> ssh-ed25519 XgC3XA P2CmO1HJLq3WzfKFv2gkgfyOQ89ks3Vjqv5lvUHRcDU -lNTqncVz7Eg2jVjzWGav50twa5XdN4oRhptjdGgUhrs --> ssh-ed25519 l795CA Kw1lASAR6zB25xmAzatCH1TvkEWWQtSwS8c9lvvcFAc -HTBNX95GqBFtXV6mgGCtfh1lXlMDdwNaIp8i60cOfnQ --> 0*Wg!:e-grease "7]bbwxk :0H<{U;0 vG -zh1b0AW0O2PICiREGYcbQ8/aktTtuGY6ppsGioeao53t ---- LoEv/DfNru/GjqqHLww788WIV5nvB7z5zAhByyRkKb8 -]vnDP+vBS5wy]Lf2u-sylsl:#] -dh)f޳[s-{pe! \ No newline at end of file +-> ssh-ed25519 lC44xg sxuYE9qrczPu9f7HguM6FS+24q+c6awYijsW75PaM1M +lyU5kWLbhh8DtYqOdAwhD6ichr8tXaojvaks8N7uoDQ +-> ssh-ed25519 2L7QNA FEhfHUdaVct+NguR2covi+uizBwJabG7Oi2Kx6XED3A +1Uge6BVi8Q9Wobg8mbCCg2QqtZFprbE2ucZM2qTz5Do +-> ssh-ed25519 sNAOqA RdSNYpDBjrdCdGbqviLC/3jNUpQlJVcVDJBZsYuSeGA +X+pXWiBGoaSbJx5IOS6TF+vbSunhsjViLk54os2Ry1c +-> ssh-ed25519 13iwjQ yD/1bxrjpl+U4x6EBz/BNZKwarc7O99VKN6CqD09CyE +2fCHX+tX4bbWgqEERk6SYl1Ati67q4AtwELJ7iyoKcI +-> ssh-ed25519 7MB20A 3sdcbYjpK8ySeMjz8pOLFIaWFemso5li9lGyTQHQpmU +9yTSX6juV9OBtWisz/q4cTDpRYJe2sUbqHutx1pOJN8 +-> ssh-ed25519 IvyYug Mv0oOpFUJOFLaPQbGju5JW4yRbLTonz31mLLk4GwYE0 +2Pof++UU99R229ovY+jouIr+Ty4u3ysw56iLC8+j2Bg +-> ssh-ed25519 v7O/FA 4GV/vYqiRqLSUvtg+IdmQCd7xXUuJH0wqEuPw+SC4QQ +hupPjtZWH1A88DMA+aw2DoyyHLPLzvHejA5ohqCje1s +-> ssh-ed25519 Wzv8ew O8GUxPSc8+CRD2so4nMsMbtjDa6QVnqSj+czUFcs3ww +KsTescNrPtapbAzgQ4cxXteyok8JG/fPYsbSnOysdL0 +-> ssh-ed25519 XgC3XA vNZvFuAycFWyiSpAyjQGfVH9Gz9OEL5AOqrZ3ChBv0E +IOOU/ru6k93kSpaHFjgPLyTViOcQQF5Hhe+Rx0u0t68 +-> ssh-ed25519 l795CA ukyFdc58fFZlyzT56cwuTq+yzD30/aUfrjIkcsqHlSA +hGru5mUwFbpAhgavMmm/fJmVzhDlhhi3HvPiSKPObRo +-> hD3?-grease + +--- IuZjNwhOjNv7HLoZy0MlS50zvRKTNSVM51/Qjdv4G70 +^k)=?"S|s7?uީa"N K+(h|ڢ+ eӌDŽ\@kT9U殩 \ No newline at end of file diff --git a/secrets/spotify_password.age b/secrets/spotify_password.age index c273dba..f9979ea 100644 --- a/secrets/spotify_password.age +++ b/secrets/spotify_password.age @@ -1,25 +1,26 @@ age-encryption.org/v1 --> ssh-ed25519 lC44xg fNZm17lZ7I9OF+9KzG5CkE20zykUWfNiVqfinwfaT1E -YIf4M7hFVDHxkdbgj9YIkjan31NV298Ne94/5mm+lVw --> ssh-ed25519 2L7QNA CVA8eZ1QVvcI7SF5Qf7UlG71NbNHZF0XzEPe7YsZFgw -9YX+T2GKTXbJNzSPLoXE27q4oV6LQ5HubgoCwKGxS4Y --> ssh-ed25519 sNAOqA lJ4QkGtqdcUn9ofknOG/HaCHm6Ya0ZD/UsV5o4GDVkE -RmKwFfLGnJmNcnC7fAF5BEHMYEjmW2PyUUpJIqtcRKQ --> ssh-ed25519 13iwjQ 1uvoQrLZ+DmBhHvei8rHTWsUkDnJVHq7IJQXeZ6Y/Dk -dwMrSGWryp5pw4bjHAJciVwq+HtrAbu3n/BqZdlfq2k --> ssh-ed25519 7MB20A Xmx38wKS0U/yHhCh30ovmik/9g0ryVLgg89DFx4bH1g -xzrwGBJrmK8e5jNGkDEQ3AxkJ7t7l6qMatSFHwP3i9c --> ssh-ed25519 IvyYug /Z3qxc0ETc8hjTYuRT8n0jm3ASLsHqWcDWmqHDiqY3w -8oNzoP8oe6EbxXoKRScpd9ioRMtux+a9wQXLuFO570I --> ssh-ed25519 v7O/FA R4o3qe/Hdr8NU5/Lh5XWI5PcwlAqQhEDxnLax8woc2A -yewsVadr1x6aOjodDC5AJiAaJ1UZErlwhJrgvKLy4UU --> ssh-ed25519 Wzv8ew G0eVpxoMIMQsGZw+bMYMHHs/zlLiYtfdLrMHZztIGWc -Pe8BgxqumkizijWUzX4pnnow5oZCQi7byRCd+qNIobI --> ssh-ed25519 XgC3XA MJWNf+zH+qO1F5uRI6nsEXbeE+8Yq+gSF2RFq0kF0Tg -Wfqs7UtrwBtCH8clxv44mAXaYCLVJTHSpsP1OD9Py2c --> ssh-ed25519 l795CA VRGxjEzDM3Wh6PVbl609EAopcPPc5k/74j7J14el1lY -YtjcGN40o4R3e5JGlD9Vtks5Aaa1SvjEW6yjQJeiX1A --> &-grease ~#1cr -D7H4Rvbgs/yp9b8X ---- uHnGjluN/BbsC3f0jQuq5SaOU2woJF+aQLBL6cKPlGk -Ģ I Y-_`Ċ܉8uO{h0 \ No newline at end of file +-> ssh-ed25519 lC44xg NIQkDcUuZvOwjoYDeS6nazRZRMEZzuBaMBkoFYP13hY +bI2U06gidJOPQlF/vEmUjAGPaYeNWhLb+yCh+sTitWU +-> ssh-ed25519 2L7QNA B/sm9v1N86NOsxLnhc+RVod7F/x4XG4XeDNZxDjfaUI +jbt3F/EK+cT457WIfPRK9YZHDFnUd9ZRAMmBJ35eQjk +-> ssh-ed25519 sNAOqA dHO1dOYZdSerazDq+QaS+SWHR4To47v/h2fcUC0oxXM +WOvcuwo+RzcwBa5dQu9IOk0aGcPxRK/FCb/mTuQoKxY +-> ssh-ed25519 13iwjQ GLj8P8yN9QazLvtTeV4uJOPY9m6G3IKZgLSz4qriaHg +BPQeyR2LG2Jrj4Rhmt1H2MAQR1VtYfQdouu2RX3+CZ8 +-> ssh-ed25519 7MB20A NOZeTcMvJXd65aKyl/kj3E9AzEmzrJgehIw6ubNMmiA +RCPIwXmO4Li+YTZ6dSpqZrYWuMwMwTT/6cRlX+Pirpo +-> ssh-ed25519 IvyYug /+DfO93aLrySU004zFMIOjy+DOIjf8iP8rExspblCD4 +RFHPk4sgHRrE047JQKR4ccBRx3ZfzvG9YrFg01EBcr4 +-> ssh-ed25519 v7O/FA 2vmbVPa4ZVZ5JXYt9pnNPpqLYf5kLHfW76MLsSOUGCs +uVCAaF3O9DIr7JUR8UN9LIZ1s2cva50BiokWbpiVYSI +-> ssh-ed25519 Wzv8ew v2MKEJwgcpNwDh9ppwaUck8tXpksr3QyLmwumwrfrx0 +3HB+QGjjQNAgT53Ft6QiiI1mimruZodu9LccT/Rf9hE +-> ssh-ed25519 XgC3XA agOnAlZ4mCfdE5OatNel1Htxioq6PZAWC2VLhLbuIzI +yYCMrxTgjtt/aXMbhwNlRRm/XWj8FnznWe/lwfvK3eo +-> ssh-ed25519 l795CA Zefi4AYzfEdbBFne59wKi8zS8R5j0BS9711UTp/AmVs +JbUX01jBByQihptYhcbT9Swg2pmj8rxuCJO0pQzvQaw +-> -3=CGi4-grease F SeK([U fUNnx-A nv +nSRW0O5NweyggNFkjRBItvvmfnL5e2AkYGgxfUTebQsayYlgRQp3h58LnQxcvxxs +utxluLJHJw +--- +DEy9ZdW46fBBq6B9BQyNt+cMaAD9xvoc5Z+HX2D4V0 +BG 1-T[XXavW#rIf3#qjj7 \ No newline at end of file