From e6f83f69978a114203478144b065ff80e6757d81 Mon Sep 17 00:00:00 2001 From: Gerg-L Date: Mon, 6 Mar 2023 23:10:58 -0500 Subject: [PATCH] added sops for all three systems --- .sops.yaml | 20 ++++++++ flake.lock | 74 ++++++++++++++++++++++-------- flake.nix | 6 ++- modules/default.nix | 1 + modules/sops.nix | 22 +++++++++ systems/game-laptop/default.nix | 5 +- systems/game-laptop/secrets.yaml | 30 ++++++++++++ systems/gerg-desktop/default.nix | 11 +++-- systems/gerg-desktop/minecraft.nix | 4 +- systems/gerg-desktop/parrot.nix | 5 +- systems/gerg-desktop/secrets.yaml | 23 ++++++++++ systems/moms-laptop/default.nix | 4 +- systems/moms-laptop/secrets.yaml | 30 ++++++++++++ 13 files changed, 207 insertions(+), 28 deletions(-) create mode 100644 .sops.yaml create mode 100644 modules/sops.nix create mode 100644 systems/game-laptop/secrets.yaml create mode 100644 systems/gerg-desktop/secrets.yaml create mode 100644 systems/moms-laptop/secrets.yaml diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..01aa814 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,20 @@ +keys: + - &gerg-desktop age1xghz0ea7dap38fukk053nmse5gd0jhdn8gvsfpvs6sfmgg33m4gs606nx9 + - &moms-laptop age1ttk7swzzjed2sxpvwywazlhdmxnn4cc6d6fjw89fd7va447l6ypqlk6c70 + - &game-laptop age1ysqxltx69j4u7u0ur7qutnm24t5t23g5h6nxersytvfvk6dz2saqr6u5j2 +creation_rules: + - path_regex: systems/gerg-desktop/secrets.yaml$ + key_groups: + - age: + - *gerg-desktop + - path_regex: systems/moms-laptop/secrets.yaml$ + key_groups: + - age: + - *moms-laptop + - *gerg-desktop + - path_regex: systems/game-laptop/secrets.yaml$ + key_groups: + - age: + - *game-laptop + - *gerg-desktop + diff --git a/flake.lock b/flake.lock index 9ac1b56..47756c5 100644 --- a/flake.lock +++ b/flake.lock @@ -115,11 +115,11 @@ }, "master": { "locked": { - "lastModified": 1677796388, - "narHash": "sha256-QiguzS7fjRF4qvGIQLWbG6ZnYuRjNKDRR9EzBL5+WlM=", + "lastModified": 1678156552, + "narHash": "sha256-BbAweub9fa8rGGafWWTT+AxmNTEhtaxJy8/fsaS47iQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cfb7a2bc29d046f3ad6540cd7db9eed4eb6c7ad6", + "rev": "f378cf8113cbfe99df5c4d48961ad385c3399db8", "type": "github" }, "original": { @@ -180,11 +180,11 @@ "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1677783387, - "narHash": "sha256-x+tM5diVbfntHD7FTj/Dw01/hMY1NokcvkGez+OD8no=", + "lastModified": 1678111327, + "narHash": "sha256-KtJElK62t5jjSuCefvZhUKVh1EjlELfzXxw0ruwZMp8=", "owner": "NixOS", "repo": "nix", - "rev": "8730d3002f9834a1c9c45bc50fd4c46458ae6eef", + "rev": "02bf5219685fcbd762188fa39946495293e6ce5f", "type": "github" }, "original": { @@ -195,11 +195,11 @@ }, "nixlib": { "locked": { - "lastModified": 1636849918, - "narHash": "sha256-nzUK6dPcTmNVrgTAC1EOybSMsrcx+QrVPyqRdyKLkjA=", + "lastModified": 1677373009, + "narHash": "sha256-kxhz4QUP8tXa/yVSpEzDDZSEp9FvhzRqZzb+SeUaekw=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "28a5b0557f14124608db68d3ee1f77e9329e9dd5", + "rev": "c9d4f2476046c6a7a2ce3c2118c48455bf0272ea", "type": "github" }, "original": { @@ -216,11 +216,11 @@ ] }, "locked": { - "lastModified": 1676297861, - "narHash": "sha256-YECUmK34xzg0IERpnbCnaO6z6YgfecJlstMWX7dqOZ8=", + "lastModified": 1678111954, + "narHash": "sha256-qoDtI5CD1n+qMZ7sqj52AvspdQAF6FDrDloR/z4PrBM=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "1e0a05219f2a557d4622bc38f542abb360518795", + "rev": "2687393d340804f0c90b9e65681485f3d9e09a38", "type": "github" }, "original": { @@ -261,6 +261,22 @@ "type": "github" } }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1677948530, + "narHash": "sha256-BkQjq8AGHD55RJe4PUnrWRZZ8jS64p/k0bGDck5wKwY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d51554151a91cd4543a7620843cc378e3cbc767e", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_2": { "locked": { "lastModified": 1671983799, @@ -307,12 +323,34 @@ "nix": "nix", "nixos-generators": "nixos-generators", "nvim-flake": "nvim-flake", + "sops-nix": "sops-nix", "spicetify-nix": "spicetify-nix", "stable": "stable", "suckless": "suckless", "unstable": "unstable" } }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "unstable" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1677987270, + "narHash": "sha256-NRqhY8jbrmP1C6oiVqv1T0T1r560eo4ZpmEdHoQmKj4=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "7cff56b43952edc5a2c212076d5fc922f764240f", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, "spicetify-nix": { "inputs": { "nixpkgs": [ @@ -335,11 +373,11 @@ }, "stable": { "locked": { - "lastModified": 1677624842, - "narHash": "sha256-4DF9DbDuK4/+KYx0L6XcPBeDHUFVCtzok2fWtwXtb5w=", + "lastModified": 1678072060, + "narHash": "sha256-6a9Tbjhir5HxDx4uw0u6Z+LHUfYf7tsT9QxF9FN/32w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d70f5cd5c3bef45f7f52698f39e7cc7a89daa7f0", + "rev": "47c003416297e4d59a5e3e7a8b15cdbdf5110560", "type": "github" }, "original": { @@ -371,11 +409,11 @@ }, "unstable": { "locked": { - "lastModified": 1677587185, - "narHash": "sha256-zYT66MAYwctAQqI5VBw3LbBXiSKdB8vuMAqCGG8onbE=", + "lastModified": 1677932085, + "narHash": "sha256-+AB4dYllWig8iO6vAiGGYl0NEgmMgGHpy9gzWJ3322g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "68196a61c26748d3e53a6803de3d2f8c69f27831", + "rev": "3c5319ad3aa51551182ac82ea17ab1c6b0f0df89", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 72a4d95..d83c68b 100644 --- a/flake.nix +++ b/flake.nix @@ -11,6 +11,10 @@ url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "unstable"; }; + sops-nix = { + url = "github:Mic92/sops-nix"; + inputs.nixpkgs.follows = "unstable"; + }; #master branch of nix nix.url = "github:NixOS/nix"; @@ -109,7 +113,7 @@ formatter = pkgs.alejandra; devShells = rec { nix = pkgs.mkShell { - packages = with pkgs; [nil alejandra deadnix statix]; + packages = with pkgs; [sops nil alejandra deadnix statix]; }; rust = pkgs.mkShell { packages = with pkgs; [rust-analyzer rustc cargo rustfmt clippy]; diff --git a/modules/default.nix b/modules/default.nix index 9f33c64..87d55df 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -10,6 +10,7 @@ inputs: { (import ./nix.nix inputs) (import ./packages.nix inputs) (import ./shell.nix inputs) + (import ./sops.nix inputs) (import ./theming.nix inputs) (import ./unfree.nix inputs) (import ./X11.nix inputs) diff --git a/modules/sops.nix b/modules/sops.nix new file mode 100644 index 0000000..78a4622 --- /dev/null +++ b/modules/sops.nix @@ -0,0 +1,22 @@ +{sops-nix, ...}: { + pkgs, + settings, + self, + config, + ... +}: { + imports = [ + sops-nix.nixosModules.sops + ]; + environment.systemPackages = [ + pkgs.sops + ]; + sops = { + defaultSopsFile = "${self}/systems/${config.networking.hostName}/secrets.yaml"; + age = { + sshKeyPaths = ["/home/${settings.username}/.ssh/id_ed25519"]; + keyFile = "/home/${settings.username}/.config/sops/age/keys.txt"; + generateKey = true; + }; + }; +} diff --git a/systems/game-laptop/default.nix b/systems/game-laptop/default.nix index 6ce6f37..6619292 100644 --- a/systems/game-laptop/default.nix +++ b/systems/game-laptop/default.nix @@ -1,6 +1,7 @@ inputs: { pkgs, settings, + config, ... }: { imports = [ @@ -38,6 +39,8 @@ inputs: { hostName = "game-laptop"; networkmanager.enable = true; }; + #user managment + sops.secrets.root.neededForUsers = true; users = { mutableUsers = false; users = { @@ -56,7 +59,7 @@ inputs: { "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJWbwkFJmRBgyWyWU+w3ksZ+KuFw9uXJN3PwqqE7Z/i8 gerg@gerg-desktop" ]; - initialHashedPassword = "$6$hgiDFHEMVEA39Snj$Huxf2a/yd/gSO2ZwntxI5Z65c1kCf35lvbkA61knP5i5NLPuIy4cybBBv9lnd24LVR9sfi9Tss96VQdsGCQhq1"; + passwordFile = config.sops.secrets.root.path; }; }; }; diff --git a/systems/game-laptop/secrets.yaml b/systems/game-laptop/secrets.yaml new file mode 100644 index 0000000..44a2c94 --- /dev/null +++ b/systems/game-laptop/secrets.yaml @@ -0,0 +1,30 @@ +root: ENC[AES256_GCM,data:gfCCoKcYfjb1tLUSlvzpEwEvteSaW+Jn71Tox6iLZ/EO0Dyka7pCAQO6zZyiPOSxSsb8aPd3EcRdQntLkIO1SMI1CpNcmXGoDg==,iv:FuEj+M4A0YUS7CXV92HjdZ+DIeRUQQvBpSm2ZkG0d7A=,tag:03vDVAQaBhzBa2ft0Kik+g==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1ysqxltx69j4u7u0ur7qutnm24t5t23g5h6nxersytvfvk6dz2saqr6u5j2 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaWWYyVUtxaFFCWVNtdkhY + aitLQ21jd2tnK0dPVVlnKzRVMWw4aHN2cERvCllxSCs1Q25LZXF6OHdkSkJ1NXhE + MU8xdUh1dnAvanQ3b0pRV3VyZTNvNjgKLS0tIHhITlNzd3M0aGZxdVFJZDdUbnRL + SWJweXRzRWlRUGhERDQxbk9NZUtSOVkKjkO/WqgWXqZs8mgj/jpAon0xiVpCMJoN + NIFTMuuA998BwiAgCBxv9FojKPdQVj6GMT9Y4Er2azvBY2Q2opbdVg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1xghz0ea7dap38fukk053nmse5gd0jhdn8gvsfpvs6sfmgg33m4gs606nx9 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFZitENjgyZjhoTm56ZnVO + YTFLcjZud2o1ZzF6ZjVlemREUEhPMjczaFE4CnJ1Wi9nWUxnVVc0WUY4dFI1ZVQr + RWlvUWVPYkVNSVFiMEtGKzF4WVlvWmMKLS0tICtteUd1M2x1YzRVVDFrc2hhY29l + aEp6b0d4aDBiVVpJZVZuNjRzSHgyZEEKNi3jHZBXSm9pKc3yj8IEsqv/8D1porFD + q1kDWJPVz4193oE9e1SckpTCfMA562ryIK6jQIPMe8KnrOTsCiKRLg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-03-07T23:17:17Z" + mac: ENC[AES256_GCM,data:ESfsr7BftDPSEa+WRiX2bpH6AvFcAfWAVMSAODzjPxj5Z3ABxLxeSs8YMg0rdmgrAX+LCLigZ6iiYSQWIFlh4PSW/lBqgin+NUvacn6iYv8bC5AQBPv1S+qV2+jyzRM9kJex8kWvmUhxNxFqGsS9IK5xUijEOnNRGfgiuOkqzjc=,iv:afoaBSy81f1h849nVYZG4pNJXxSvLu0uIdfXEfP0HYw=,tag:HrHgbAbtYX4YwR7HGD2i5w==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/systems/gerg-desktop/default.nix b/systems/gerg-desktop/default.nix index 7cd35c4..a8e498b 100644 --- a/systems/gerg-desktop/default.nix +++ b/systems/gerg-desktop/default.nix @@ -2,6 +2,7 @@ inputs: { pkgs, settings, self, + config, ... }: { imports = [ @@ -13,8 +14,8 @@ inputs: { (import ./zfs inputs) (import ./minecraft.nix inputs) ]; - system.stateVersion = "23.05"; + system.stateVersion = "23.05"; localModules = { X11Programs = { sxhkd.enable = true; @@ -80,6 +81,10 @@ inputs: { firewall.enable = true; }; #user managment + sops.secrets = { + root.neededForUsers = true; + gerg.neededForUsers = true; + }; users = { mutableUsers = false; users = { @@ -92,7 +97,7 @@ inputs: { "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAuO/3IF+AjH8QjW4DAUV7mjlp2Mryd+1UnpAUofS2yA gerg@gerg-phone" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows" ]; - initialHashedPassword = "$6$hgiDFHEMVEA39Snj$Huxf2a/yd/gSO2ZwntxI5Z65c1kCf35lvbkA61knP5i5NLPuIy4cybBBv9lnd24LVR9sfi9Tss96VQdsGCQhq1"; + passwordFile = config.sops.secrets.gerg.path; }; "root" = { uid = 0; @@ -101,7 +106,7 @@ inputs: { "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAuO/3IF+AjH8QjW4DAUV7mjlp2Mryd+1UnpAUofS2yA gerg@gerg-phone" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows" ]; - initialHashedPassword = "$6$KV00qSRKyx1hpZjX$kwzWN4UuQxHSFwA4vYtRTcYecQyR.Qelvvcr90ZfZ4y.LISUcx2PDHH9/7REwsoAHD./KlAnwlsm1hxeLoGpl/"; + passwordFile = config.sops.secrets.root.path; }; }; }; diff --git a/systems/gerg-desktop/minecraft.nix b/systems/gerg-desktop/minecraft.nix index 64f2432..b89d8b2 100644 --- a/systems/gerg-desktop/minecraft.nix +++ b/systems/gerg-desktop/minecraft.nix @@ -4,9 +4,9 @@ _: {...}: { hostBridge = "bridge0"; localAddress = "192.168.1.10/24"; localAddress6 = "2605:59c8:252e:500:200:ff:fe00:10/64"; - bindMounts."/mnt/minecraft" = { + bindMounts."/persist/minecraft" = { mountPoint = "/minecraft"; - hostPath = "/mnt/minecraft"; + hostPath = "/persist/minecraft"; isReadOnly = false; }; config = {pkgs, ...}: let diff --git a/systems/gerg-desktop/parrot.nix b/systems/gerg-desktop/parrot.nix index 1edb339..a09aa62 100644 --- a/systems/gerg-desktop/parrot.nix +++ b/systems/gerg-desktop/parrot.nix @@ -1,6 +1,6 @@ _: { pkgs, - settings, + config, ... }: { #discord bot stuff @@ -12,9 +12,10 @@ _: { after = ["NetworkManager-wait-online.service"]; script = "parrot"; serviceConfig = { - EnvironmentFile = "/home/${settings.username}/saveme/.env"; + EnvironmentFile = config.sops.secrets.discordenv.path; Restart = "on-failure"; RestartSec = "30s"; }; }; + sops.secrets.discordenv = {}; } diff --git a/systems/gerg-desktop/secrets.yaml b/systems/gerg-desktop/secrets.yaml new file mode 100644 index 0000000..e15f33f --- /dev/null +++ b/systems/gerg-desktop/secrets.yaml @@ -0,0 +1,23 @@ +discordenv: ENC[AES256_GCM,data:2p39yDXSVpNlCpoffnG6HxHsRoBjPsC0r3QwCisKHbxXFi94poLEF1i4H56NNhRkIZdsJlOFFHgmQd6GGLilTzdGSbnDwFV1vbqKhG2XYuei0ES4W1juvuigycfnPLsk3ZQnq/+TL09WSyQk+tyLCcILUgqL8B75J34=,iv:4ClckaNwsLig1rt9WeagJDixD54SReLCfG4SHyAjs+I=,tag:xPhyzl9Q5kobuhSMAfkIcg==,type:str] +root: ENC[AES256_GCM,data:3gGH5gjXBvZwkGyDA+AoqBwIQtWNkfreH/42xvkZlB8wM9g/lpJCeQ6EG2dkJTUv10h6Ym9m8AeRB5dreCmUo4HG6wS8+A7HLg==,iv:sKVcxn3DpIuv2qEwIedGFLlatr1tMTRC0L+fr//0T0c=,tag:wDJz3jYLTN3L2o7ZHWepJg==,type:str] +gerg: ENC[AES256_GCM,data:0d+dAgbvaJ2X1QDSMteElbhJMy2lYcpOv0av+BBnIX7rrL8qZ/eGG9rrd9QXmEDIPxKyKwOcBbhYUaBsYHfwRRVP6LXH50V2eA==,iv:JzUNNL9m4hBrvFzSN6iQW/gmAiwvUbxOA73Q6TGPDb0=,tag:BclDA30EUFjpceopRN+nUg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1xghz0ea7dap38fukk053nmse5gd0jhdn8gvsfpvs6sfmgg33m4gs606nx9 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFSGc4emRNTlYvb293cUQw + ajRaNmg5U0xuWHkwR0ZVQ2YzNFZ1UXlVWHg4ClZEam12cUVMZ0pabWgxcUlmUHdw + TVlXOGlWcmZJSDdRQ3RtVnFMWWovZE0KLS0tIEExY3lISy92ODJ1TlNpUlNWbnRZ + aDhTUE96bUJHRUZ3N1NaWkhtbDhRVFEKYDGFkjPtHefXdAOxwUQjsoPXDIG/0uxL + lpTayh67qFmVsmWE8it6sPKgjNF1+UnP3aelAOOoa+53CePPrER5lw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-03-07T22:30:32Z" + mac: ENC[AES256_GCM,data:6MV0ATHKAcgm6jRZ7KiGQo8Y4xlTWMoyROqyLTy+a895o9H/K+x+X1eGdFFdcBxTvN90njz0Bh3/MjkzM36UKyYLSeXMSpDFKwVKgT6qK+rWyn3s+fIIZA3tiR//tRLqA04H0JaieMjVqK/ns7UQx92NU7bC3KTo0dKy26mWfWQ=,iv:XhSNXgmPV1bOXL8ZtppJ/nipIYOUElYbVuZ32/hsAIA=,tag:V3XM3sP9FtwKWZuYdoAmEQ==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/systems/moms-laptop/default.nix b/systems/moms-laptop/default.nix index 5cb363a..efd3ebf 100644 --- a/systems/moms-laptop/default.nix +++ b/systems/moms-laptop/default.nix @@ -1,6 +1,7 @@ inputs: { pkgs, settings, + config, ... }: { imports = [ @@ -34,6 +35,7 @@ inputs: { networkmanager.enable = true; }; boot.kernelPackages = pkgs.linuxPackages_latest; + sops.secrets.root.neededForUsers = true; users = { mutableUsers = false; users = { @@ -52,7 +54,7 @@ inputs: { "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpYY2uw0OH1Re+3BkYFlxn0O/D8ryqByJB/ljefooNc gerg@gerg-windows" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJWbwkFJmRBgyWyWU+w3ksZ+KuFw9uXJN3PwqqE7Z/i8 gerg@gerg-desktop" ]; - initialHashedPassword = "$6$hgiDFHEMVEA39Snj$Huxf2a/yd/gSO2ZwntxI5Z65c1kCf35lvbkA61knP5i5NLPuIy4cybBBv9lnd24LVR9sfi9Tss96VQdsGCQhq1"; + passwordFile = config.sops.secrets.root.path; }; }; }; diff --git a/systems/moms-laptop/secrets.yaml b/systems/moms-laptop/secrets.yaml new file mode 100644 index 0000000..13eedbe --- /dev/null +++ b/systems/moms-laptop/secrets.yaml @@ -0,0 +1,30 @@ +root: ENC[AES256_GCM,data:t/txu0G+jfcPAizbs/HuRYCXwGxa9z6F+zx0L/44Gw/8bdjJgNdD3LW3Mz9rezFPSUCK+IWLsqoeSUSsBZ2kMNn7V1sXcDduDw==,iv:ltGLcryejPNVq4eyl9ai6Se2Jhe+fRoC1s9lQCXPuk8=,tag:tArHrkX87TAV/3DzaJp8Tg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1ttk7swzzjed2sxpvwywazlhdmxnn4cc6d6fjw89fd7va447l6ypqlk6c70 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPOGhsSHNqejZqUXg5bEl4 + b2c2aWpDRUJ4cEpnYVNJV1l2U2IvTUp1L0NzCk9JZGVZN1RxZDUyOHIyakhxWVJQ + eml1anIzT0NwWEY4eHNFYnpCdHVxVjQKLS0tIEhQRW55bGZUeXc0eU11Lzg1eC9m + TDljQ25aSkg3cDFKRXZGcU9QUW91TVkKAepZUfIRS9oRqZRUIa+ylcgw1+JIQPkn + OfG/KsLYCEXw+IU+ICV6UbqppPlsXQHTxBsPOTIhlSxfUo4TfTJwFg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1xghz0ea7dap38fukk053nmse5gd0jhdn8gvsfpvs6sfmgg33m4gs606nx9 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1dTRTTVY1RUR4ZU80SXZJ + S2tWdm9odHAvaTFFSk82T1AyWUM5b3gybFJvClVyYzFjSEM3WEltanZpYTJCVEN0 + ZEUvbkhVU0NuMHA4a3FHdUhrSTA3MjAKLS0tIGc0ZkdrckpaSUdJMnk0Y3hWU3VU + MFRPWW5KUDNLeFVjNVNlOWY4Vk4xYkUK7z19g5H4ZvLoCme/gkNjQL2dRoHevDc3 + jS8zxW7a/c5UrE7FHbzt/zLkvaukosq9/wvuCUfliq6VTUvu3cEICg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2023-03-07T23:18:13Z" + mac: ENC[AES256_GCM,data:dX16i5ec8YDP6j6l0FWlvywTwtKAymC6g1P5c+ScudgSSY8+yiF9y7PdG6jfB99UIp3H8P9syJCO2B01QMwCYlMqFcKpbMgFxnDDdN7J/abbKFJrROdBs7aTRWT2973vl+qqPX7f739t6o/81Dq4R764egnUPrG52PfnB+7ly3k=,iv:U4YCEKI9MDhS3DH4Zv68ru+uElDNhWfoodZfIBhHEFU=,tag:P7lzkGTsqGkoZlZoJbTE7w==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3