Enable Authelia auth for Hedgedoc

This commit is contained in:
Pim Kunis 2025-02-09 00:23:12 +01:00
parent c69d909b2f
commit 9838069c4c
5 changed files with 45 additions and 8 deletions

View file

@ -63,6 +63,10 @@
key = "freshrss_client_secret"; key = "freshrss_client_secret";
path = "freshrss_client_secret"; path = "freshrss_client_secret";
} }
{
key = "hedgedoc_client_secret";
path = "hedgedoc_client_secret";
}
]; ];
configMap = { configMap = {
@ -94,6 +98,17 @@
token_endpoint_auth_method = "client_secret_basic"; token_endpoint_auth_method = "client_secret_basic";
consent_mode = "implicit"; consent_mode = "implicit";
} }
{
client_id = "ZZI33JnLIuGk58HPkN_YEfETxNTz-1Mq--YPu9Sa6Y39BwykY0GDmxBVn1w9X70fIHT09xHq";
client_name = "HedgeDoc";
client_secret.path = "/secrets/authelia/hedgedoc_client_secret";
public = false;
authorization_policy = "two_factor";
redirect_uris = ["https://md.kun.is/auth/oauth2/callback"];
scopes = ["openid" "profile" "email" "groups"];
userinfo_signed_response_alg = "none";
token_endpoint_auth_method = "client_secret_post";
}
]; ];
}; };
@ -186,7 +201,8 @@
oidc_hmac_secret = "ref+sops://secrets.yml#/authelia/oidc/hmac_secret"; oidc_hmac_secret = "ref+sops://secrets.yml#/authelia/oidc/hmac_secret";
oidc_jwk_rs256_private = "ref+sops://secrets.yml#/authelia/oidc/jwk_rs256/private"; oidc_jwk_rs256_private = "ref+sops://secrets.yml#/authelia/oidc/jwk_rs256/private";
oidc_jwk_rs256_public = "ref+sops://secrets.yml#/authelia/oidc/jwk_rs256/public"; oidc_jwk_rs256_public = "ref+sops://secrets.yml#/authelia/oidc/jwk_rs256/public";
freshrss_client_secret = "ref+sops://secrets.yml#/authelia/oidc/freshrss_client_secret"; freshrss_client_secret = "ref+sops://secrets.yml#/freshrss/oidc/client_secret/digest";
hedgedoc_client_secret = "ref+sops://secrets.yml#/hedgedoc/oidc/client_secret/digest";
}; };
}; };
}; };

View file

@ -39,8 +39,8 @@
OIDC_ENABLED.value = "1"; OIDC_ENABLED.value = "1";
OIDC_PROVIDER_METADATA_URL.value = "https://auth.kun.is/.well-known/openid-configuration"; OIDC_PROVIDER_METADATA_URL.value = "https://auth.kun.is/.well-known/openid-configuration";
OIDC_CLIENT_ID.value = "HDp48U5TaX-3gWKNEfHx5ea2C7gfaQm-OsSWREq4WTzln56IBGy.rT61lq9rF-LTZFlWOd44"; OIDC_CLIENT_ID.value = "HDp48U5TaX-3gWKNEfHx5ea2C7gfaQm-OsSWREq4WTzln56IBGy.rT61lq9rF-LTZFlWOd44";
OIDC_CLIENT_SECRET.value = "ref+sops://secrets.yml#/authelia/oidc/freshrss_client_secret"; OIDC_CLIENT_SECRET.value = "ref+sops://secrets.yml#/freshrss/oidc/client_secret/password";
OIDC_CLIENT_CRYPTO_KEY.value = "ref+sops://secrets.yml#/freshrss/oidc_crypto_key"; OIDC_CLIENT_CRYPTO_KEY.value = "ref+sops://secrets.yml#/freshrss/oidc/crypto_key";
OIDC_REMOTE_USER_CLAIM.value = "preferred_username"; OIDC_REMOTE_USER_CLAIM.value = "preferred_username";
OIDC_SCOPES.value = "openid groups email profile"; OIDC_SCOPES.value = "openid groups email profile";
OIDC_X_FORWARDED_HEADERS.value = "X-Forwarded-Host X-Forwarded-Port X-Forwarded-Proto"; OIDC_X_FORWARDED_HEADERS.value = "X-Forwarded-Host X-Forwarded-Port X-Forwarded-Proto";

View file

@ -54,6 +54,19 @@
CMD_PROTOCOL_USESSL.value = "true"; CMD_PROTOCOL_USESSL.value = "true";
CMD_CSP_ENABLE.value = "false"; CMD_CSP_ENABLE.value = "false";
CMD_OAUTH2_PROVIDERNAME.value = "Authelia";
CMD_OAUTH2_AUTHORIZATION_URL.value = "https://auth.kun.is/api/oidc/authorization";
CMD_OAUTH2_TOKEN_URL.value = "https://auth.kun.is/api/oidc/token";
CMD_OAUTH2_USER_PROFILE_URL.value = "https://auth.kun.is/api/oidc/userinfo";
CMD_OAUTH2_CLIENT_ID.value = "ZZI33JnLIuGk58HPkN_YEfETxNTz-1Mq--YPu9Sa6Y39BwykY0GDmxBVn1w9X70fIHT09xHq";
CMD_OAUTH2_CLIENT_SECRET.value = "ref+sops://secrets.yml#/hedgedoc/oidc/client_secret/password";
CMD_OAUTH2_SCOPE.value = "openid email profile groups";
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR.value = "preferred_username";
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR.value = "name";
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR.value = "email";
CMD_OAUTH2_ROLES_CLAIM.value = "groups";
CMD_OAUTH2_ACCESS_ROLE.value = "hedgedoc";
CMD_DB_URL.valueFrom.secretKeyRef = { CMD_DB_URL.valueFrom.secretKeyRef = {
name = "hedgedoc"; name = "hedgedoc";
key = "databaseURL"; key = "databaseURL";

View file

@ -70,6 +70,7 @@
spec.forwardAuth = { spec.forwardAuth = {
address = "http://authelia.authelia.svc.cluster.local/api/authz/forward-auth"; address = "http://authelia.authelia.svc.cluster.local/api/authz/forward-auth";
authResponseHeaders = [ authResponseHeaders = [
"Remote-User" "Remote-User"
"Remote-Groups" "Remote-Groups"

View file

@ -1,12 +1,20 @@
freshrss: freshrss:
password: ENC[AES256_GCM,data:ECDPrW+VgO8PY9p2fLIreRETNiRL5ZGnu/PMC7aNj8KaWfyNYL+l3w==,iv:srR/r1EtOpC/CKKrCDKcTLVdMFPAYIJIB1CCg8mS0UU=,tag:YN4PqR5uvPkVskpJWD+91g==,type:str] password: ENC[AES256_GCM,data:ECDPrW+VgO8PY9p2fLIreRETNiRL5ZGnu/PMC7aNj8KaWfyNYL+l3w==,iv:srR/r1EtOpC/CKKrCDKcTLVdMFPAYIJIB1CCg8mS0UU=,tag:YN4PqR5uvPkVskpJWD+91g==,type:str]
oidc_crypto_key: ENC[AES256_GCM,data:+RX1P6PmMuyBeSFlwAChM9tX/JMda4DrQ7JH7Z+tbzXRuRb4nTMR6G7cINeQFah4W30VwdxBqbpRsCdfjR1FrkcwsG1ioDRpuma5VTaHp3TyLZvBWZ/BCi7G+d89qJmymaPGclES2j9YHWRobr7jcFIuiJD/t3jQ/T8iwt72jiY=,iv:lawZnDO7JH2P3jViaFzVzJZFp0e/Ym4/169AsvHg2+0=,tag:SO33RifFpLRXqXFpLQczjw==,type:str] oidc:
client_secret:
password: ENC[AES256_GCM,data:wlMJwiqCxUFqSVRGZvVkMtcRHW+r74EwpMtIAD499qnmJADsK1jPFsLuAODZ4QsklxWdWDqfNsk7T5FMZ+e61947fEp+QzGC,iv:qDEjlk5sywrMEIXQr8daVntYdTQ5M3KrtCpIHIgLy4U=,tag:QWGI0zISqE6kDR5n3IxQDg==,type:str]
digest: ENC[AES256_GCM,data:8uw5mg6VIERkb96FiJ7CuutUqWfcFk9qDA8w+8e8DBWRlegrfmvHKyg6tfUP6JKc6I1OkzuPMiSHweNJghMY5oH0eJWxU9F9YCtxjW3iJINUYF3tq2phO1kk3LEbjdnmglFMajHz2c8d4NkQ6iAfWziOaTieCN88yvnAACYnBBiU/yA=,iv:rQMDRDavPSHA8rcfJ/iijsMhGFYfcrQfOv6JF4iPbMA=,tag:tDM3+NquRN0Y6Kq9yyTSYA==,type:str]
crypto_key: ENC[AES256_GCM,data:AKEX6F1rAwapjvzz5JSyBbvDxSl4vjeOIKzH13/CMK1QGT5AzhEawpYb1j95/QVREt1M8bKulFpHHZIn8WuFZbdChgA/PMXssd5yznEMVY/qmymGqDOLe0CFv75zRG4c6RTuc0/U33Ez2tSi+DgKtLHpU9MZlgLFXIS4aCb0p0A=,iv:VhWgEzq8gqNDJPP/akmv6c/kuKHH4cv6yT9Mz47bTf4=,tag:b8DviZh9I5ZOFXpEFCU6GQ==,type:str]
pihole: pihole:
password: ENC[AES256_GCM,data:MA60825Tl6aYEFVoPgo8k5Vjb9zmIxtPLJriQV1B3P1bOKu1KK7vxQ==,iv:RGZHox8CbJiEEEjMo2k/tNbtjCPy/QY7vOuMN/YNZcg=,tag:yphrq03IKpXM/tSDBLeSgA==,type:str] password: ENC[AES256_GCM,data:MA60825Tl6aYEFVoPgo8k5Vjb9zmIxtPLJriQV1B3P1bOKu1KK7vxQ==,iv:RGZHox8CbJiEEEjMo2k/tNbtjCPy/QY7vOuMN/YNZcg=,tag:yphrq03IKpXM/tSDBLeSgA==,type:str]
hedgedoc: hedgedoc:
databaseURL: ENC[AES256_GCM,data:6+IV4TaClIGE1XVkUf7JwXzqx3EvWiIKFx9X5x7QKvQKC7bIieD1ADVeAMQmiQfibnH/YV5TgjNY8Ft+3eX881c3yD+2j7mM+O1fX6taK/BCokDnqhIwTN2qxHsu+mrPcM/Pgg5Zqy8HvUgX8jM=,iv:bCwuNk5CVgK2T5IgLebcKwxwloi6FkWMWhnxwJek1GM=,tag:UDQ0KmRDVlDh35Fjm6eaAA==,type:str] databaseURL: ENC[AES256_GCM,data:6+IV4TaClIGE1XVkUf7JwXzqx3EvWiIKFx9X5x7QKvQKC7bIieD1ADVeAMQmiQfibnH/YV5TgjNY8Ft+3eX881c3yD+2j7mM+O1fX6taK/BCokDnqhIwTN2qxHsu+mrPcM/Pgg5Zqy8HvUgX8jM=,iv:bCwuNk5CVgK2T5IgLebcKwxwloi6FkWMWhnxwJek1GM=,tag:UDQ0KmRDVlDh35Fjm6eaAA==,type:str]
sessionSecret: ENC[AES256_GCM,data:7FdRjAShjjue1fFwizCgK+94mkbT4ohAPxdyn/8Z8/f2nvGWPZHO/hGexOixbRGLPewJSaMunTMeJL+IzFlGlg==,iv:iz7640b8Mlb6mNps20b+TbphWDEFUbKwKNUXc0kR5NY=,tag:fdEr1tbes1h8VCA/q+0sOw==,type:str] sessionSecret: ENC[AES256_GCM,data:7FdRjAShjjue1fFwizCgK+94mkbT4ohAPxdyn/8Z8/f2nvGWPZHO/hGexOixbRGLPewJSaMunTMeJL+IzFlGlg==,iv:iz7640b8Mlb6mNps20b+TbphWDEFUbKwKNUXc0kR5NY=,tag:fdEr1tbes1h8VCA/q+0sOw==,type:str]
databasePassword: ENC[AES256_GCM,data:wdRhCluNx2IzgDqouAoIcG6yOWwNLOaEkpqgYEeFvJDZsMC8OUuV7Q==,iv:Csut0c+LRKWD2b4uVuQpGnwwVqnGT6Sk6T/ODlH57Bk=,tag:7bS6a18GyRifq2D6cIheaw==,type:str] databasePassword: ENC[AES256_GCM,data:wdRhCluNx2IzgDqouAoIcG6yOWwNLOaEkpqgYEeFvJDZsMC8OUuV7Q==,iv:Csut0c+LRKWD2b4uVuQpGnwwVqnGT6Sk6T/ODlH57Bk=,tag:7bS6a18GyRifq2D6cIheaw==,type:str]
oidc:
client_secret:
password: ENC[AES256_GCM,data:rLkMFkEzCF3+ejGAUliaBMpfOrxL5b3pJVvkblEFIvHupmr9DTS71L4T6/oo616E4IoCuZxqKh0FxhdWZRM4KrEk5YZMbgp9,iv:TbySrCTY+Kps4v/q5maQglm4aOzuUPch2ECBHPp4FYc=,tag:mz71m6JqIemVCypf93hkBQ==,type:str]
digest: ENC[AES256_GCM,data:m+abt7SEXZoeOA+ioB3BmiWN09CDpCWdZ5eNRhShvuUJW7rjbSJAQ2NTZkMTnFoNv6PO6rSUD6lmStFfO/mqVUFvWXBBDMK3xK+ILcgDoZZ1Pnmr19noqTL5OxyYLAtUHRNOohsUBYlZKyv2lFNQlqxk6kOi+fUPitmmsO6BO1nrq2s=,iv:CmC0JLXuT9O29Rtu7Pp8i0h/SyaEAT0bsXQb2LRFAkk=,tag:/IL39BCMuw+bqxv2OaNwhw==,type:str]
nextcloud: nextcloud:
databasePassword: ENC[AES256_GCM,data:jRLgW96FnMEpU0T5z/iQOX/CgjpH2ZykZGd1qGFHK8o=,iv:YrY9IsrlCaiQ8BFYqu+UnOxnvvB/JN4iYfy3vMa3wcw=,tag:41iWc4iVqjdUr02O5CLu7g==,type:str] databasePassword: ENC[AES256_GCM,data:jRLgW96FnMEpU0T5z/iQOX/CgjpH2ZykZGd1qGFHK8o=,iv:YrY9IsrlCaiQ8BFYqu+UnOxnvvB/JN4iYfy3vMa3wcw=,tag:41iWc4iVqjdUr02O5CLu7g==,type:str]
paperless: paperless:
@ -37,11 +45,10 @@ authelia:
smtpPassword: ENC[AES256_GCM,data:Zd2F237gWaL555lf022zjr7VHVcAFUyFxg==,iv:ka8YuGFclNrWV1U0g2ERypiKy6rN5ppPIVlsjBqkFrI=,tag:e+5fO6VR1z1cqYTXJ6Yo+Q==,type:str] smtpPassword: ENC[AES256_GCM,data:Zd2F237gWaL555lf022zjr7VHVcAFUyFxg==,iv:ka8YuGFclNrWV1U0g2ERypiKy6rN5ppPIVlsjBqkFrI=,tag:e+5fO6VR1z1cqYTXJ6Yo+Q==,type:str]
oidc: oidc:
hmac_secret: ENC[AES256_GCM,data:4SDX5lopMeomhkMpkei6Qu6S+BBhFGCZswBfOtfWNSzv3qAEme9h3wQeIQ2W18J84RwprTpDZdkk++bbAYoch2iZF1yEV+8XBcmVcg4q+s5isn0lAaTDhHHCZ6Cci8KuyYy5/tcMDgF61oM5H0g7nGv7rhPD8clDubZwAvEDf7g=,iv:S7cCKyWbB4QaqGYsrp9JavKBAMxnfzhnl5bMRyq4TT4=,tag:S2+NglxgDsi4ivvR2FYjsQ==,type:str] hmac_secret: ENC[AES256_GCM,data:4SDX5lopMeomhkMpkei6Qu6S+BBhFGCZswBfOtfWNSzv3qAEme9h3wQeIQ2W18J84RwprTpDZdkk++bbAYoch2iZF1yEV+8XBcmVcg4q+s5isn0lAaTDhHHCZ6Cci8KuyYy5/tcMDgF61oM5H0g7nGv7rhPD8clDubZwAvEDf7g=,iv:S7cCKyWbB4QaqGYsrp9JavKBAMxnfzhnl5bMRyq4TT4=,tag:S2+NglxgDsi4ivvR2FYjsQ==,type:str]
freshrss_client_secret: ENC[AES256_GCM,data:TLCQaJ8FZX9fVErXE84akyRE0ZWPJBiAxKjdpr4eXClxECGUQZO0Vu07dwj0mzRUiMMpNthBibxNeOGnE147Fht1tET3EuEe,iv:F0iZpzJyZvYjNlxMFeVzLlquWqsV3J0M1eTr0oNn+QQ=,tag:6eD4AUc7VK6aBGUr/Oe0lQ==,type:str]
jwk_rs256: jwk_rs256:
private: ENC[AES256_GCM,data:WaTdMntWZF40pBOsHpKlQAcsVoceQDKkPlNbkwlPjY231cZSgHYw2u3V89BHx1p3LT4OUAEQvBcQ3c8sJbRYHTo7wXVYTwMrWL+KIu5AOp1pqHWESJrxO/12tgITcM5xJx+zwAoc/85l0LK3EIXYayEYe6ISNjx13K3YaSuD74iEXrNtWuvqwvbT9zNtYg8gb+l1FEW+TwS6wdzWyglfZl4erOQXb1a373qRdTz5m71MEPY8nJPS948nxO5M1DgJ8eqyztVdHY+z3X40vsDv3anSApeBNe/jexUVGBmuRtOhoAbirbNo7F8tjbI1qVy1lw0YNiaXAyH/BY2EtcSb9bU/VqCRdLteZnSed4LFrCIFt9mYoAWPX4GjXanfshNUaqM0IEFVjH7cXzf4rKql9VnxvCufupIGKhcOkAuxFtuOPL9q3RVT4CkarhmgDpKKjUlyAHRAvLH2F2l+K6zwEengiYDXkyBzd393Gsee6ML30X/MRSwd1TBqKZ1VInpk3bn/GwVMipywiYsviLE6JW+IcRJiHCI3bbch2aRsq9MP8AE9qornqC9nt6DQKnOr2HvEAjTHGvmiJN2nKaRU/B6T5xmH9nsdZ3CTsmTIkWBi/Fa8th9DvT8UrQe4LiQ8t6/6TrhgZ+QCjgwp59B2dwrPnT7oY8B0o5O0k/06HnsaG0YxyEM2JgVBer0K4BzUAoap4S8YGj88oPVlSHV3ks7qjx8J+pytNmyND3O1CzKUuluTjCLoowyDx9OA8AcfxVCva6BI6EqJEVU0eqlo146kdgERPR4U6TgCAU6uk4rb+SQgwN6brd15AezRKUW9iDbr4hoxCA0XNTzcDLJKKFFU2ZlHdvs9WTif7gmVwAsogy31xWyKdTdSCoUME4mAKeHM2o763UICjL4HO6drMn16G5yA0anxkctVJqWKcpLrD9rVCC30bbFy8u3H1Icfzf2dZxbTLCbJVn5i39I9AqehIOapD7SwN3pyXwicfnr6h1prGKdHQ0cXjlwCiiP7lSBLP+Q4DwjoSVF/Iei4DcFQoHqSpGreGeP5yRNiRe8HEp63yQXFM/l6PMIVZw+0q/VDb5sEUZ6XItAi/UL3CqY1WI5SVvbeuxbKivuxRcspiFRHB9aXS2eG8hx/Oq9OFvPq3eAQ7xtZLw5oMAFgED4epZl3mAaYz8n5m2i2J8QujxP1POqotkeA1uQFelQL1xMUdpIg41mRNch0M3H50fcgR5dJ3k41NAJTCi5B+X9lFVoo/ByLvX4hkmx4YeZ5VPW6hVLiZMcdA+RluBWVAShYXBBg5rV3ak/G8Lj9P/cc1Tg32Qr1m9h3Tl4Q8AEmWBABRXYcZ526fMFdTQa0SkdvO3jp6Zt/6TObygSyOrOjBIgXye4BAT3zuyNK07Z1gOP1X0rE23T50S5A4KCI59QCs+szugk9umUbqeZF3DKj1oiVq1f5I1m2zbBuWq6vi6kH7eD7eSnTqpIuYeOsuWlREvsNHfXOA7lrURy+yLheKYuIRqx+5TKJaapgMkagw5nQ74RAvEJgAPHJaKYt5YJklMSxTkUR6FlvZNq2salMpM+mGrtH9l1tEVUbKh6QAyG4EkUbnFmT3orCgBJJFh+HXMpb6pwVL06+/0sSvgBI1ZBfbGYWk//RKSHbVzOi1UXyW1izeLgSwKNc/ZUCDnZ0hrBafQn3S8Ap+5j9h++fdH9NwfQyGV7GuTMYBkCtG3+l9+iitFWPUnZ2PvNypi4kJX31XlSyR/JoQfvFNm3nWw1pdLJRF7shqYxbSuGx/Fz02zocEvNNu5NBp5+0nPXIWp5PoRHqWHXI6TvNduji0/ycKjLhtpnFV3NhhWq0no5fKo+t4seoQ88oFzbH0wVXnLRALPq6yZ1kzbWhGp5RLmtixEMXcAwuw2Ewol2BhIf2+5o7d7ndgmZ6lOM4LzApumzS0m3z91XQ1keqHZUWA0XdCekIucNrhw4uVIWg228G5IWjI1QuL6c9zeIHl8NvSCzC7lJLXR6NiCzFvVH92krQ91yiEsSvg3+8MkU+6mlLiCvbl98WVMcQ6Ig9Hh+p1ALSuUDDqOK8k4ja3sblwjDE1vQhacm9gaCjYfID+UFpbJ1FLwdOiBrcUu3jSnN2zBViWjH48xnM7kvxliDRbAElyMPylD2wE6Gce/nyueSAktsfPzt3GnHzspfuoDokJ2pss+8u/x/5whe+xkMMEhExWJWTe4WiwYxyM7dIX8JLJBqQ+T3pUQLMYwECHvPstLiQjpWy,iv:cZQEw3E1Kq+Qg1ZB0gwMW87NG1z/tGDnQOpRiCsdpUs=,tag:N/JqLdXIwCerHynMhmvhug==,type:str] private: ENC[AES256_GCM,data:WaTdMntWZF40pBOsHpKlQAcsVoceQDKkPlNbkwlPjY231cZSgHYw2u3V89BHx1p3LT4OUAEQvBcQ3c8sJbRYHTo7wXVYTwMrWL+KIu5AOp1pqHWESJrxO/12tgITcM5xJx+zwAoc/85l0LK3EIXYayEYe6ISNjx13K3YaSuD74iEXrNtWuvqwvbT9zNtYg8gb+l1FEW+TwS6wdzWyglfZl4erOQXb1a373qRdTz5m71MEPY8nJPS948nxO5M1DgJ8eqyztVdHY+z3X40vsDv3anSApeBNe/jexUVGBmuRtOhoAbirbNo7F8tjbI1qVy1lw0YNiaXAyH/BY2EtcSb9bU/VqCRdLteZnSed4LFrCIFt9mYoAWPX4GjXanfshNUaqM0IEFVjH7cXzf4rKql9VnxvCufupIGKhcOkAuxFtuOPL9q3RVT4CkarhmgDpKKjUlyAHRAvLH2F2l+K6zwEengiYDXkyBzd393Gsee6ML30X/MRSwd1TBqKZ1VInpk3bn/GwVMipywiYsviLE6JW+IcRJiHCI3bbch2aRsq9MP8AE9qornqC9nt6DQKnOr2HvEAjTHGvmiJN2nKaRU/B6T5xmH9nsdZ3CTsmTIkWBi/Fa8th9DvT8UrQe4LiQ8t6/6TrhgZ+QCjgwp59B2dwrPnT7oY8B0o5O0k/06HnsaG0YxyEM2JgVBer0K4BzUAoap4S8YGj88oPVlSHV3ks7qjx8J+pytNmyND3O1CzKUuluTjCLoowyDx9OA8AcfxVCva6BI6EqJEVU0eqlo146kdgERPR4U6TgCAU6uk4rb+SQgwN6brd15AezRKUW9iDbr4hoxCA0XNTzcDLJKKFFU2ZlHdvs9WTif7gmVwAsogy31xWyKdTdSCoUME4mAKeHM2o763UICjL4HO6drMn16G5yA0anxkctVJqWKcpLrD9rVCC30bbFy8u3H1Icfzf2dZxbTLCbJVn5i39I9AqehIOapD7SwN3pyXwicfnr6h1prGKdHQ0cXjlwCiiP7lSBLP+Q4DwjoSVF/Iei4DcFQoHqSpGreGeP5yRNiRe8HEp63yQXFM/l6PMIVZw+0q/VDb5sEUZ6XItAi/UL3CqY1WI5SVvbeuxbKivuxRcspiFRHB9aXS2eG8hx/Oq9OFvPq3eAQ7xtZLw5oMAFgED4epZl3mAaYz8n5m2i2J8QujxP1POqotkeA1uQFelQL1xMUdpIg41mRNch0M3H50fcgR5dJ3k41NAJTCi5B+X9lFVoo/ByLvX4hkmx4YeZ5VPW6hVLiZMcdA+RluBWVAShYXBBg5rV3ak/G8Lj9P/cc1Tg32Qr1m9h3Tl4Q8AEmWBABRXYcZ526fMFdTQa0SkdvO3jp6Zt/6TObygSyOrOjBIgXye4BAT3zuyNK07Z1gOP1X0rE23T50S5A4KCI59QCs+szugk9umUbqeZF3DKj1oiVq1f5I1m2zbBuWq6vi6kH7eD7eSnTqpIuYeOsuWlREvsNHfXOA7lrURy+yLheKYuIRqx+5TKJaapgMkagw5nQ74RAvEJgAPHJaKYt5YJklMSxTkUR6FlvZNq2salMpM+mGrtH9l1tEVUbKh6QAyG4EkUbnFmT3orCgBJJFh+HXMpb6pwVL06+/0sSvgBI1ZBfbGYWk//RKSHbVzOi1UXyW1izeLgSwKNc/ZUCDnZ0hrBafQn3S8Ap+5j9h++fdH9NwfQyGV7GuTMYBkCtG3+l9+iitFWPUnZ2PvNypi4kJX31XlSyR/JoQfvFNm3nWw1pdLJRF7shqYxbSuGx/Fz02zocEvNNu5NBp5+0nPXIWp5PoRHqWHXI6TvNduji0/ycKjLhtpnFV3NhhWq0no5fKo+t4seoQ88oFzbH0wVXnLRALPq6yZ1kzbWhGp5RLmtixEMXcAwuw2Ewol2BhIf2+5o7d7ndgmZ6lOM4LzApumzS0m3z91XQ1keqHZUWA0XdCekIucNrhw4uVIWg228G5IWjI1QuL6c9zeIHl8NvSCzC7lJLXR6NiCzFvVH92krQ91yiEsSvg3+8MkU+6mlLiCvbl98WVMcQ6Ig9Hh+p1ALSuUDDqOK8k4ja3sblwjDE1vQhacm9gaCjYfID+UFpbJ1FLwdOiBrcUu3jSnN2zBViWjH48xnM7kvxliDRbAElyMPylD2wE6Gce/nyueSAktsfPzt3GnHzspfuoDokJ2pss+8u/x/5whe+xkMMEhExWJWTe4WiwYxyM7dIX8JLJBqQ+T3pUQLMYwECHvPstLiQjpWy,iv:cZQEw3E1Kq+Qg1ZB0gwMW87NG1z/tGDnQOpRiCsdpUs=,tag:N/JqLdXIwCerHynMhmvhug==,type:str]
public: ENC[AES256_GCM,data:TivRCWgU3skYJbDopZAdSAZBi7OhgzLjOLi0f8bUN3hEfDS9Bqbo3ZirepWkxDZcEBJH9ut/rAwumWGedU6C71eFtOpC/++c/++VILmWGM2BDUvlUaksaWZE0sNQRZxXmHFd5Fnxq13vVhs0i5Grdu6WG6wdq9dD9iFooLqee5KT6z33lD9THitecYiGf4hccVfJXKriNmNfmFkyv2KMaDNBwgSHtAsXSbYoHOpIz68SzS3KrngSIAvavfSSsW1RXDXvf/3aB94lPtizCZVtKZ+JcHYg3xPesXdwwA6h7A5W7rfJoAQdiDGQJMb4hFhtjhaBGmiUAv5JwRvvEAhQIrVtPmkO9ibir3yDDrcwNXuJDgHrcd0rpSjYWyAM1pgzXiWAiLzhh/AcL+l2xV286XRDwm1xxoPNdGdmOYkiN2AZre8CoR1aFkIP+T479rkOylJq14RzSQAbJ8AaZ6dK2mFxKYFyVpW0aMjEoo9Yqd4IFZpMWIlVALeh3+bpqgtCCkBYq3MX3J0FJ6vL4LUV5855GUrP4CJhSSCAnKaiXKnps2TrHN8Kp1dqtnv1ihq8fwVoSgqiISN4xY8VXsW/IjJYcQ==,iv:o8F7qgHLWhWXEOOSzum+Qore2tGSraqmC1VMWtpaj0I=,tag:Kn5myis0OwoCMa+8yhssPg==,type:str] public: ENC[AES256_GCM,data:TivRCWgU3skYJbDopZAdSAZBi7OhgzLjOLi0f8bUN3hEfDS9Bqbo3ZirepWkxDZcEBJH9ut/rAwumWGedU6C71eFtOpC/++c/++VILmWGM2BDUvlUaksaWZE0sNQRZxXmHFd5Fnxq13vVhs0i5Grdu6WG6wdq9dD9iFooLqee5KT6z33lD9THitecYiGf4hccVfJXKriNmNfmFkyv2KMaDNBwgSHtAsXSbYoHOpIz68SzS3KrngSIAvavfSSsW1RXDXvf/3aB94lPtizCZVtKZ+JcHYg3xPesXdwwA6h7A5W7rfJoAQdiDGQJMb4hFhtjhaBGmiUAv5JwRvvEAhQIrVtPmkO9ibir3yDDrcwNXuJDgHrcd0rpSjYWyAM1pgzXiWAiLzhh/AcL+l2xV286XRDwm1xxoPNdGdmOYkiN2AZre8CoR1aFkIP+T479rkOylJq14RzSQAbJ8AaZ6dK2mFxKYFyVpW0aMjEoo9Yqd4IFZpMWIlVALeh3+bpqgtCCkBYq3MX3J0FJ6vL4LUV5855GUrP4CJhSSCAnKaiXKnps2TrHN8Kp1dqtnv1ihq8fwVoSgqiISN4xY8VXsW/IjJYcQ==,iv:o8F7qgHLWhWXEOOSzum+Qore2tGSraqmC1VMWtpaj0I=,tag:Kn5myis0OwoCMa+8yhssPg==,type:str]
users: ENC[AES256_GCM,data:Az1vmno1PPpFAqIpZKiMtdAP5TqgoCSzu+x2P3eI2h4C+FPbdRjQrnybpLdKRmaQaVvfGS8p4+RbM8jF1H4sSgAZRcBQIzanWtW4fl+KK4aHxPmRIbH75bGUGnSK8u94jCYMotll5tpMbkR+st6xEkh+IkPz+CSIopZ1o6VeFu9od7qJ2LBwnl+FzZp3XFoLXHLNFf4J01gUwtlxvbLHOD5tFxOFHXDi/CKsYJOBr3m9wUoHKGwaeuYpNfy+3C5dcwf0eiXOkxYyjwjlxQ0MumcyzSdVBCTWJRRTwFa1akw6P/sl0Cdw/9GL83zBGLSfFK+DaIaHzG+h51KcELj9lVbNHPbC1UwRnwy0SdxYXiPz7Y8R9J/u5wI5eyyimDtJp83+c4eqOO7+animxUJ8EIuKEiUPMr5mQg0KtK5P3jTu/wZuGgxdqi1nR44+UHKmWrD62qDwjcjv60RDlQxcm4dBOL3wCaV7V8K5UBF0UhiyA2/N0XFHLnibQ1LS/vRfgXjrsjZ6JYzVeY7mDCGa0Kb4NkJJLeMvEEmwsw9sGst9um1w7AQevQPowBST4nkRVdb12JGWrq4S77gDa19Qbm2a0z5XvwvEq1C/47OOEDoSFh/uY2Ycn8tOIZw7S53h5z++cAVKBgYAFVI0fw==,iv:9hm49dFfD6O0YV5YdyXqyiU1vjSHNuH4/+JcXiN+PWI=,tag:jM6atf1M0cgDcAiFOd626Q==,type:str] users: ENC[AES256_GCM,data:XPnB3wFj8rDPaq8bfgsnDiNmaA+GE6tguPqtnPxfHhM2gVUatnyP5RLIrBxQTUja8w70NBHPQMPEFh3TydBDlWI8tvV8mid1iu7/pRgb6u+LtVSPtrqkSkQBponsxTsila1uvyYLITaB6pI2w0ijcWx3enu1W/a5ssgBQUNVqKfftAF9tB/W0Jhn6m4U9KfB1NbR708eO1LcGHVlqgCs4u9FwR9FEWHDDGgwDjeDQ5w+w9NMAbg7YfwmPgMv3VwRqpie0AE5jj+qtpnAZCpKJK/AzWN7T++TXg6IywPSk/4thFDtLsgke0gtNOMS2DlCRZ7LqdyzwuhQMVX5YbmmQdk5+z4fYKYgWGT8L9ABA6fl/LeMygJVM9cNOl1VGT7SsTBj5WdrU3gR6n0UCybLIyOIA7q+0mT1RR7sKJ1OFKz6bappzIn2Y1UREGTvz63Quw1Kgbciq5WRag4WFVRuq89JKYD8Y9bkWfHgF5L1kCzep79CvB9uxnO+wXwbtxsSEyxllQIDuVMejdVV/l9FPjhgWPe3ho1Eh78nTibNo0cEijvf5ub6MKPelpMvEhEU4J2OH5AJjixqM3RyxO6IKAKx4gg6bm0nUgKPa+7jZ+mZ4xj7AyDh3v8t8C0GOJZSbdtD54YzBjkWLu9I+OhErQQUfgKB5DTDUF+RogkH9LAWn9C2,iv:3lY+ghmpQrKME8xa264RqFR4BzhY4MvcbTwwXmsaf0k=,tag:EmrYcmWBH1zrLDBFgTp25g==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -66,8 +73,8 @@ sops:
azR0UkJyL0RwUVk4ZzdkSWptcDlWVjAK5FU9B5TBSnV3azO4eCv13T6i3dGGuI68 azR0UkJyL0RwUVk4ZzdkSWptcDlWVjAK5FU9B5TBSnV3azO4eCv13T6i3dGGuI68
UgBrVEb1/Fv+4XTjeSEhpiOaH8sNWYoNa3Aa7uTZYlHDRWga2GC7zw== UgBrVEb1/Fv+4XTjeSEhpiOaH8sNWYoNa3Aa7uTZYlHDRWga2GC7zw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-02-08T11:58:45Z" lastmodified: "2025-02-08T22:34:17Z"
mac: ENC[AES256_GCM,data:ZHE9vdafH6oQnwHJb1p9FRBKB3Q5V6UK+6kiRt96p82aWG/PYtlxxt/Fc9pdgItSN4iVma8sDSs+IRpS5qUvRE5H71fqNDpGE7gfKn3QbK/GRN1WJv4P0Dg3tghFw+oqQ8hqPffGM2UurYlax9T2TnUEyZw8VdDMaTrGbQrjjQ8=,iv:iErbT0QSfgGFVNbz/QBqqZQbEJcfPn3t5QIGEWQgRx8=,tag:xJsYBMoGmxF26c7Rewtvlg==,type:str] mac: ENC[AES256_GCM,data:i9suj/TCZdqZW3KxU8Ye3qZnGwIlHFJ4FvsuEhNlq5llC7H/eRnYW8bkZkg2848CRasaco+0eimMcJc2vD7YFO8AuVxIEFr2U2MXP+9tRKPrWd5bae7X2wJo+C1AYCpjpllFlS/T50wSKM7y4ugJtKIibJs/Q3YB3D8D6hfB884=,iv:wdqVREuVVEUBwEKNQBAl0kHUhF+KNDzOPVbo9xfDHDU=,tag:++8BJRRk0xCGezS+RTPc3g==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.2 version: 3.9.2