diff --git a/.sops.yaml b/.sops.yaml index 1a955ff..5096862 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -6,6 +6,7 @@ keys: - &gamepc_pim age1qlldg2c6kptvnmvlkpf9pae3wnczk6eklcmwdvnzyvvnur3aqdcq3c3trt - &warwick_root age1th8rdw4fs3vmgy9gzc0k9xy88tddjj4vasepckfx9h4nlzsg3q3q4cjgwu - &niels age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga + - &atlas_root age1unkshctcpucc298kmw9a0qzvtjzgdnjytrxr5p750dv0z95feymqpn68qf creation_rules: - path_regex: secrets/sue/colmena.yaml @@ -32,10 +33,25 @@ creation_rules: - *sue_pim - *sue_root - *niels - - path_regex: secrets/servers.sops.yaml + - path_regex: secrets/servers.yaml key_groups: - age: - *warwick_root + - *atlas_root + - *sue_pim + - *sue_root + - *niels + - path_regex: secrets/atlas/colmena.yaml + key_groups: + - age: + - *atlas_root + - *sue_pim + - *sue_root + - *niels + - path_regex: secrets/kubernetes.yaml + key_groups: + - age: + - *atlas_root - *sue_pim - *sue_root - *niels diff --git a/colmena.nix b/colmena.nix index 68dbbf1..0da4348 100644 --- a/colmena.nix +++ b/colmena.nix @@ -35,6 +35,13 @@ inputs @ { ./nixos ]; }; + + atlas = { + imports = [ + (import ./machines).atlas.nixosModule + ./nixos + ]; + }; }; colmenaHive = colmena.lib.makeHive self.outputs.colmena; diff --git a/flake.lock b/flake.lock index 8913b76..aad8398 100644 --- a/flake.lock +++ b/flake.lock @@ -238,6 +238,38 @@ } }, "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_6": { "flake": false, "locked": { "lastModified": 1717312683, @@ -253,7 +285,7 @@ "type": "github" } }, - "flake-compat_5": { + "flake-compat_7": { "flake": false, "locked": { "lastModified": 1673956053, @@ -290,6 +322,27 @@ "type": "github" } }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "nix-snapshotter", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1704152458, + "narHash": "sha256-DS+dGw7SKygIWf9w4eNBUZsK+4Ug27NwEWmn2tnbycg=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "88a2cd8166694ba0b6cb374700799cec53aef527", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "locked": { "lastModified": 1659877975, @@ -325,7 +378,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1681202837, @@ -444,6 +497,27 @@ "type": "github" } }, + "globset": { + "inputs": { + "nixpkgs-lib": [ + "nix-snapshotter", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729844927, + "narHash": "sha256-nBkQx23jgpGPk3aU2KcqJCoYvzjsKEjWBePmc2z8N3k=", + "owner": "pdtpartners", + "repo": "globset", + "rev": "eb9d9e64b7ab0a64c34ba4a5a990b66506401c35", + "type": "github" + }, + "original": { + "owner": "pdtpartners", + "repo": "globset", + "type": "github" + } + }, "gnome-shell": { "flake": false, "locked": { @@ -503,10 +577,33 @@ "type": "github" } }, + "kubenix": { + "inputs": { + "flake-compat": "flake-compat_3", + "nixpkgs": [ + "nixpkgs-unstable" + ], + "systems": "systems_2", + "treefmt": "treefmt" + }, + "locked": { + "lastModified": 1717788185, + "narHash": "sha256-Uc6QSQqJa2lyv/1W4StwoKrjtq7cFjlKNhdrtanToGo=", + "owner": "pizzapim", + "repo": "kubenix", + "rev": "a9590abe23a2f7577bc3271d90955e9ccc2923fe", + "type": "github" + }, + "original": { + "owner": "pizzapim", + "repo": "kubenix", + "type": "github" + } + }, "lanzaboote": { "inputs": { "crane": "crane", - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_4", "flake-parts": "flake-parts", "flake-utils": "flake-utils_3", "nixpkgs": [ @@ -571,6 +668,50 @@ "type": "github" } }, + "nix-snapshotter": { + "inputs": { + "flake-compat": "flake-compat_5", + "flake-parts": "flake-parts_2", + "globset": "globset", + "nixpkgs": [ + "nixpkgs-unstable" + ] + }, + "locked": { + "lastModified": 1730022297, + "narHash": "sha256-eVMEONp3yqu0gy0RtOSEpOAueXuQsGQVqac3qCJixMU=", + "owner": "pdtpartners", + "repo": "nix-snapshotter", + "rev": "c738f1a16a8612dfc474a4424bacff7e89369ca3", + "type": "github" + }, + "original": { + "owner": "pdtpartners", + "repo": "nix-snapshotter", + "type": "github" + } + }, + "nixng": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1726571270, + "narHash": "sha256-LEug48WOL+mmFYtKM57e/oudgjBk2Km5zIP3p27hF8I=", + "owner": "pizzapim", + "repo": "NixNG", + "rev": "9538892da603608f0176d07d33b1265e038c0adf", + "type": "github" + }, + "original": { + "owner": "pizzapim", + "ref": "dnsmasq", + "repo": "NixNG", + "type": "github" + } + }, "nixos-artwork": { "flake": false, "locked": { @@ -589,7 +730,7 @@ }, "nixos-cosmic": { "inputs": { - "flake-compat": "flake-compat_4", + "flake-compat": "flake-compat_6", "nixpkgs": "nixpkgs_2", "nixpkgs-stable": [ "nixpkgs-unstable" @@ -822,8 +963,11 @@ "flake-utils": "flake-utils_2", "git-hooks": "git-hooks", "home-manager": "home-manager", + "kubenix": "kubenix", "lanzaboote": "lanzaboote", "nix-index-database": "nix-index-database", + "nix-snapshotter": "nix-snapshotter", + "nixng": "nixng", "nixos-artwork": "nixos-artwork", "nixos-cosmic": "nixos-cosmic", "nixos-facter-modules": "nixos-facter-modules", @@ -927,12 +1071,12 @@ "base16-kitty": "base16-kitty", "base16-tmux": "base16-tmux", "base16-vim": "base16-vim", - "flake-compat": "flake-compat_5", + "flake-compat": "flake-compat_7", "flake-utils": "flake-utils_4", "gnome-shell": "gnome-shell", "home-manager": "home-manager_2", "nixpkgs": "nixpkgs_4", - "systems": "systems_3" + "systems": "systems_4" }, "locked": { "lastModified": 1726497442, @@ -974,9 +1118,8 @@ "type": "github" }, "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" + "id": "systems", + "type": "indirect" } }, "systems_3": { @@ -994,6 +1137,42 @@ "type": "github" } }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt": { + "inputs": { + "nixpkgs": [ + "kubenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1688026376, + "narHash": "sha256-qJmkr9BWDpqblk4E9/rCsAEl39y2n4Ycw6KRopvpUcY=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "df3f32b0cc253dfc7009b7317e8f0e7ccd70b1cf", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "treefmt-nix": { "inputs": { "nixpkgs": "nixpkgs_5" diff --git a/flake.nix b/flake.nix index 0f7851c..8533eaa 100644 --- a/flake.nix +++ b/flake.nix @@ -52,6 +52,21 @@ url = "github:lilyinstarlight/nixos-cosmic"; inputs.nixpkgs-stable.follows = "nixpkgs-unstable"; }; + + nix-snapshotter = { + url = "github:pdtpartners/nix-snapshotter"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; + }; + + kubenix = { + url = "github:pizzapim/kubenix"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; + }; + + nixng = { + url = "github:pizzapim/NixNG/dnsmasq"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = inputs @ { diff --git a/machines/atlas/configuration.nix b/machines/atlas/configuration.nix new file mode 100644 index 0000000..63c3b20 --- /dev/null +++ b/machines/atlas/configuration.nix @@ -0,0 +1,124 @@ +{config, ...}: { + config = { + facter.reportPath = ./facter.json; + networking.hostName = "atlas"; + system.stateVersion = "23.05"; + users.users.root.openssh.authorizedKeys.keys = config.pim.ssh.keys.pim ++ config.pim.ssh.keys.niels; + sops.age.keyFile = "/root/.config/sops/age/keys.txt"; + + deployment = { + targetHost = "atlas"; + targetUser = "root"; + tags = ["server"]; + }; + + pim = { + sops-nix.usersWithSopsKeys = ["root"]; + + k3s = { + enable = true; + serverAddr = "https://jefke.dmz:6443"; + }; + }; + + disko.devices = { + disk = { + nvme = { + device = "/dev/nvme0n1"; + type = "disk"; + + content = { + type = "gpt"; + + partitions = { + boot = { + type = "EF00"; + size = "500M"; + + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + + pv_os = { + size = "79G"; + + content = { + type = "lvm_pv"; + vg = "vg_os"; + }; + }; + + pv_nvme_extra = { + size = "100%"; + + content = { + type = "lvm_pv"; + vg = "vg_data"; + }; + }; + }; + }; + }; + + sata = { + device = "/dev/sda"; + type = "disk"; + + content = { + type = "gpt"; + + partitions.pv_sata = { + size = "100%"; + + content = { + type = "lvm_pv"; + vg = "vg_data"; + }; + }; + }; + }; + }; + + lvm_vg = { + vg_os = { + type = "lvm_vg"; + + lvs = { + root = { + size = "75G"; + + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = ["defaults"]; + }; + }; + + swap = { + size = "100%FREE"; + content.type = "swap"; + }; + }; + }; + + vg_data = { + type = "lvm_vg"; + + lvs.longhorn = { + size = "100%FREE"; + + content = { + type = "filesystem"; + format = "xfs"; + mountpoint = "/mnt/longhorn"; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/atlas/facter.json b/machines/atlas/facter.json new file mode 100644 index 0000000..200d9bd --- /dev/null +++ b/machines/atlas/facter.json @@ -0,0 +1,3758 @@ +{ + "version": 1, + "system": "x86_64-linux", + "virtualisation": "none", + "hardware": { + "bios": { + "apm_info": { + "supported": false, + "enabled": false, + "version": 0, + "sub_version": 0, + "bios_flags": 0 + }, + "vbe_info": { + "version": 0, + "video_memory": 0 + }, + "pnp": false, + "pnp_id": 0, + "lba_support": false, + "low_memory_size": 0, + "smbios_version": 770 + }, + "bluetooth": [ + { + "index": 45, + "attached_to": 46, + "bus_type": { + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "name": "Bluetooth Device", + "value": 277 + }, + "vendor": { + "value": 32903 + }, + "device": { + "value": 2727 + }, + "revision": { + "name": "0.01", + "value": 0 + }, + "model": "Bluetooth Device", + "sysfs_id": "/devices/pci0000:00/0000:00:15.0/usb1/1-3/1-3:1.0", + "sysfs_bus_id": "1-3:1.0", + "resources": [ + { + "type": "baud", + "speed": 12000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "name": "wireless", + "value": 224 + }, + "device_subclass": { + "name": "audio", + "value": 1 + }, + "device_protocol": 1, + "interface_class": { + "name": "wireless", + "value": 224 + }, + "interface_subclass": { + "name": "audio", + "value": 1 + }, + "interface_protocol": 1, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "btusb", + "driver_module": "btusb", + "drivers": [ + "btusb" + ], + "driver_modules": [ + "btusb" + ], + "module_alias": "usb:v8087p0AA7d0001dcE0dsc01dp01icE0isc01ip01in00" + }, + { + "index": 47, + "attached_to": 46, + "bus_type": { + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "name": "Bluetooth Device", + "value": 277 + }, + "vendor": { + "value": 32903 + }, + "device": { + "value": 2727 + }, + "revision": { + "name": "0.01", + "value": 0 + }, + "model": "Bluetooth Device", + "sysfs_id": "/devices/pci0000:00/0000:00:15.0/usb1/1-3/1-3:1.1", + "sysfs_bus_id": "1-3:1.1", + "resources": [ + { + "type": "baud", + "speed": 12000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "name": "wireless", + "value": 224 + }, + "device_subclass": { + "name": "audio", + "value": 1 + }, + "device_protocol": 1, + "interface_class": { + "name": "wireless", + "value": 224 + }, + "interface_subclass": { + "name": "audio", + "value": 1 + }, + "interface_protocol": 1, + "interface_number": 1, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "btusb", + "driver_module": "btusb", + "drivers": [ + "btusb" + ], + "driver_modules": [ + "btusb" + ], + "module_alias": "usb:v8087p0AA7d0001dcE0dsc01dp01icE0isc01ip01in01" + } + ], + "bridge": [ + { + "index": 10, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "name": "ISA bridge", + "value": 1 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12776 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel ISA bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.0", + "sysfs_bus_id": "0000:00:1f.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d000031E8sv00001458sd00001000bc06sc01i00", + "label": "Onboard - Other" + }, + { + "index": 11, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 19 + }, + "base_class": { + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12762 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 243 + }, + "model": "Intel PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:13.2", + "sysfs_bus_id": "0000:00:13.2", + "resources": [ + { + "type": "irq", + "base": 123, + "triggered": 0, + "enabled": true + } + ], + "detail": { + "function": 2, + "command": 1031, + "header_type": 1, + "secondary_bus": 2, + "irq": 123, + "prog_if": 0 + }, + "driver": "pcieport", + "drivers": [ + "pcieport" + ], + "module_alias": "pci:v00008086d000031DAsv00001458sd00001000bc06sc04i00" + }, + { + "index": 13, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 19 + }, + "base_class": { + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12760 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 243 + }, + "model": "Intel PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:13.0", + "sysfs_bus_id": "0000:00:13.0", + "resources": [ + { + "type": "irq", + "base": 122, + "triggered": 0, + "enabled": true + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 1, + "secondary_bus": 1, + "irq": 122, + "prog_if": 0 + }, + "driver": "pcieport", + "drivers": [ + "pcieport" + ], + "module_alias": "pci:v00008086d000031D8sv00001458sd00001000bc06sc04i00" + }, + { + "index": 17, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "name": "Host bridge", + "value": 0 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12784 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel Host bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:00.0", + "sysfs_bus_id": "0000:00:00.0", + "detail": { + "function": 0, + "command": 7, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d000031F0sv00001458sd00001000bc06sc00i00", + "label": "Onboard - Other" + }, + { + "index": 20, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 19 + }, + "base_class": { + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12763 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 243 + }, + "model": "Intel PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:13.3", + "sysfs_bus_id": "0000:00:13.3", + "resources": [ + { + "type": "irq", + "base": 124, + "triggered": 0, + "enabled": true + } + ], + "detail": { + "function": 3, + "command": 1031, + "header_type": 1, + "secondary_bus": 3, + "irq": 124, + "prog_if": 0 + }, + "driver": "pcieport", + "drivers": [ + "pcieport" + ], + "module_alias": "pci:v00008086d000031DBsv00001458sd00001000bc06sc04i00" + } + ], + "cpu": [ + { + "architecture": "x86_64", + "vendor_name": "GenuineIntel", + "family": 6, + "model": 122, + "stepping": 1, + "features": [ + "fpu", + "vme", + "de", + "pse", + "tsc", + "msr", + "pae", + "mce", + "cx8", + "apic", + "sep", + "mtrr", + "pge", + "mca", + "cmov", + "pat", + "pse36", + "clflush", + "dts", + "acpi", + "mmx", + "fxsr", + "sse", + "sse2", + "ss", + "ht", + "tm", + "pbe", + "syscall", + "nx", + "pdpe1gb", + "rdtscp", + "lm", + "constant_tsc", + "art", + "arch_perfmon", + "pebs", + "bts", + "rep_good", + "nopl", + "xtopology", + "nonstop_tsc", + "cpuid", + "aperfmperf", + "tsc_known_freq", + "pni", + "pclmulqdq", + "dtes64", + "monitor", + "ds_cpl", + "vmx", + "est", + "tm2", + "ssse3", + "sdbg", + "cx16", + "xtpr", + "pdcm", + "sse4_1", + "sse4_2", + "x2apic", + "movbe", + "popcnt", + "tsc_deadline_timer", + "aes", + "xsave", + "rdrand", + "lahf_lm", + "3dnowprefetch", + "cpuid_fault", + "cat_l2", + "pti", + "cdp_l2", + "ssbd", + "ibrs", + "ibpb", + "stibp", + "ibrs_enhanced", + "tpr_shadow", + "flexpriority", + "ept", + "vpid", + "ept_ad", + "fsgsbase", + "tsc_adjust", + "smep", + "erms", + "mpx", + "rdt_a", + "rdseed", + "smap", + "clflushopt", + "intel_pt", + "sha_ni", + "xsaveopt", + "xsavec", + "xgetbv1", + "xsaves", + "dtherm", + "ida", + "arat", + "pln", + "pts", + "vnmi", + "umip", + "rdpid", + "md_clear", + "arch_capabilities" + ], + "bugs": [ + "cpu_meltdown", + "spectre_v1", + "spectre_v2", + "spec_store_bypass", + "rfds", + "bhi" + ], + "bogo": 2995.2, + "cache": 4096, + "units": 64, + "physical_id": 0, + "siblings": 4, + "cores": 4, + "fpu": true, + "fpu_exception": true, + "cpuid_level": 24, + "write_protect": false, + "clflush_size": 64, + "cache_alignment": 64, + "address_sizes": { + "physical": 39, + "virtual": 48 + } + } + ], + "disk": [ + { + "index": 25, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 7, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "VIRTUAL-DISK", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "serial": "beaf61", + "model": "IET VIRTUAL-DISK", + "sysfs_id": "/class/block/sdf", + "sysfs_bus_id": "7:0:0:1", + "sysfs_device_link": "/devices/platform/host7/session47/target7:0:0/7:0:0:1", + "unix_device_name": "/dev/sdf", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 80, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/62", + "/dev/disk/by-id/scsi-360000000000000000e00000000060001", + "/dev/disk/by-id/wwn-0x60000000000000000e00000000060001", + "/dev/disk/by-path/ip-10.42.1.180:3260-iscsi-iqn.2019-10.io.longhorn:pvc-9a1d2ca8-edce-416c-b41b-42bcd3380887-lun-1", + "/dev/disk/by-uuid/35036532-23d4-4038-bfe6-15a86e793ed5", + "/dev/sdf" + ], + "unix_device_name2": "/dev/sg14", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 14, + "range": 1 + }, + "resources": [ + { + "type": "disk_geo", + "cylinders": 1018, + "heads": 166, + "sectors": 62, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 10485760, + "value_2": 512 + } + ], + "driver": "sd", + "driver_module": "sd_mod", + "drivers": [ + "sd" + ], + "driver_modules": [ + "sd_mod" + ] + }, + { + "index": 26, + "attached_to": 14, + "bus_type": { + "name": "NVME", + "value": 150 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "value": 9798 + }, + "sub_vendor": { + "value": 9798 + }, + "device": { + "name": "KINGSTON SNV2S1000G", + "value": 20503 + }, + "sub_device": { + "value": 20503 + }, + "serial": "50026B7784EB3FFB", + "model": "KINGSTON SNV2S1000G", + "sysfs_id": "/class/block/nvme0n1", + "sysfs_bus_id": "nvme0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:13.0/0000:01:00.0/nvme/nvme0", + "unix_device_name": "/dev/nvme0n1", + "unix_device_number": { + "type": 98, + "major": 259, + "minor": 0, + "range": 0 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/1", + "/dev/disk/by-id/nvme-KINGSTON_SNV2S1000G_50026B7784EB3FFB", + "/dev/disk/by-id/nvme-KINGSTON_SNV2S1000G_50026B7784EB3FFB_1", + "/dev/disk/by-id/nvme-eui.00000000000000000026b7784eb3ffb5", + "/dev/disk/by-path/pci-0000:01:00.0-nvme-1", + "/dev/nvme0n1" + ], + "resources": [ + { + "type": "disk_geo", + "cylinders": 953869, + "heads": 64, + "sectors": 32, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 1953525168, + "value_2": 512 + } + ], + "driver": "nvme", + "driver_module": "nvme", + "drivers": [ + "nvme" + ], + "driver_modules": [ + "nvme" + ] + }, + { + "index": 27, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 5, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "VIRTUAL-DISK", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "serial": "beaf41", + "model": "IET VIRTUAL-DISK", + "sysfs_id": "/class/block/sdd", + "sysfs_bus_id": "5:0:0:1", + "sysfs_device_link": "/devices/platform/host5/session46/target5:0:0/5:0:0:1", + "unix_device_name": "/dev/sdd", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 48, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/61", + "/dev/disk/by-id/scsi-360000000000000000e00000000040001", + "/dev/disk/by-id/wwn-0x60000000000000000e00000000040001", + "/dev/disk/by-path/ip-10.42.1.180:3260-iscsi-iqn.2019-10.io.longhorn:radicale-lun-1", + "/dev/disk/by-uuid/6378cbe8-6c3e-4a9c-8397-9530d32668fb", + "/dev/sdd" + ], + "unix_device_name2": "/dev/sg12", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 12, + "range": 1 + }, + "resources": [ + { + "type": "disk_geo", + "cylinders": 1008, + "heads": 7, + "sectors": 58, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 409600, + "value_2": 512 + } + ], + "driver": "sd", + "driver_module": "sd_mod", + "drivers": [ + "sd" + ], + "driver_modules": [ + "sd_mod" + ] + }, + { + "index": 28, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 3, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "VIRTUAL-DISK", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "serial": "beaf31", + "model": "IET VIRTUAL-DISK", + "sysfs_id": "/class/block/sdb", + "sysfs_bus_id": "3:0:0:1", + "sysfs_device_link": "/devices/platform/host3/session31/target3:0:0/3:0:0:1", + "unix_device_name": "/dev/sdb", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 16, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/46", + "/dev/disk/by-id/scsi-360000000000000000e00000000030001", + "/dev/disk/by-id/wwn-0x60000000000000000e00000000030001", + "/dev/disk/by-path/ip-10.42.1.148:3260-iscsi-iqn.2019-10.io.longhorn:freshrss-lun-1", + "/dev/disk/by-uuid/dd58e1cc-0b35-43e8-b267-c899b93bfb58", + "/dev/sdb" + ], + "unix_device_name2": "/dev/sg4", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 4, + "range": 1 + }, + "resources": [ + { + "type": "disk_geo", + "cylinders": 1011, + "heads": 34, + "sectors": 61, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 2097152, + "value_2": 512 + } + ], + "driver": "sd", + "driver_module": "sd_mod", + "drivers": [ + "sd" + ], + "driver_modules": [ + "sd_mod" + ] + }, + { + "index": 29, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 11, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "VIRTUAL-DISK", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "serial": "beaf51", + "model": "IET VIRTUAL-DISK", + "sysfs_id": "/class/block/sdk", + "sysfs_bus_id": "11:0:0:1", + "sysfs_device_link": "/devices/platform/host11/session45/target11:0:0/11:0:0:1", + "unix_device_name": "/dev/sdk", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 160, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/60", + "/dev/disk/by-id/scsi-360000000000000000e00000000050001", + "/dev/disk/by-id/wwn-0x60000000000000000e00000000050001", + "/dev/disk/by-path/ip-10.42.1.180:3260-iscsi-iqn.2019-10.io.longhorn:atuin-db-lun-1", + "/dev/disk/by-uuid/2f56d1b7-45ad-4a6f-b1f7-fcfa01ef03af", + "/dev/sdk" + ], + "unix_device_name2": "/dev/sg10", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 10, + "range": 1 + }, + "resources": [ + { + "type": "disk_geo", + "cylinders": 1024, + "heads": 10, + "sectors": 60, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 614400, + "value_2": 512 + } + ], + "driver": "sd", + "driver_module": "sd_mod", + "drivers": [ + "sd" + ], + "driver_modules": [ + "sd_mod" + ] + }, + { + "index": 30, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 2, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "VIRTUAL-DISK", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "serial": "beaf21", + "model": "IET VIRTUAL-DISK", + "sysfs_id": "/class/block/sdi", + "sysfs_bus_id": "2:0:0:1", + "sysfs_device_link": "/devices/platform/host2/session37/target2:0:0/2:0:0:1", + "unix_device_name": "/dev/sdi", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 128, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/52", + "/dev/disk/by-path/ip-10.42.1.180:3260-iscsi-iqn.2019-10.io.longhorn:attic-lun-1", + "/dev/disk/by-uuid/bd47a75f-71d2-4e73-85e1-65997fcef2c2", + "/dev/sdi" + ], + "unix_device_name2": "/dev/sg6", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 6, + "range": 1 + }, + "resources": [ + { + "type": "disk_geo", + "cylinders": 15360, + "heads": 64, + "sectors": 32, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 31457280, + "value_2": 512 + } + ], + "driver": "sd", + "driver_module": "sd_mod", + "drivers": [ + "sd" + ], + "driver_modules": [ + "sd_mod" + ] + }, + { + "index": 31, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 8, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "VIRTUAL-DISK", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "serial": "beaf11", + "model": "IET VIRTUAL-DISK", + "sysfs_id": "/class/block/sdg", + "sysfs_bus_id": "8:0:0:1", + "sysfs_device_link": "/devices/platform/host8/session48/target8:0:0/8:0:0:1", + "unix_device_name": "/dev/sdg", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 96, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/63", + "/dev/disk/by-id/scsi-360000000000000000e00000000010001", + "/dev/disk/by-id/wwn-0x60000000000000000e00000000010001", + "/dev/disk/by-path/ip-10.42.1.5:3260-iscsi-iqn.2019-10.io.longhorn:prowlarr-lun-1", + "/dev/disk/by-uuid/485930ae-2fe2-4470-b99a-dc61a93d921c", + "/dev/sdg" + ], + "unix_device_name2": "/dev/sg16", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 16, + "range": 1 + }, + "resources": [ + { + "type": "disk_geo", + "cylinders": 1024, + "heads": 5, + "sectors": 60, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 307200, + "value_2": 512 + } + ], + "driver": "sd", + "driver_module": "sd_mod", + "drivers": [ + "sd" + ], + "driver_modules": [ + "sd_mod" + ] + }, + { + "index": 32, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 6, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "VIRTUAL-DISK", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "serial": "beaf11", + "model": "IET VIRTUAL-DISK", + "sysfs_id": "/class/block/sde", + "sysfs_bus_id": "6:0:0:1", + "sysfs_device_link": "/devices/platform/host6/session42/target6:0:0/6:0:0:1", + "unix_device_name": "/dev/sde", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 64, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/57", + "/dev/disk/by-path/ip-10.42.1.180:3260-iscsi-iqn.2019-10.io.longhorn:forgejo-lun-1", + "/dev/disk/by-uuid/0448fef2-ca9e-4a75-9d21-e148e3e9fe34", + "/dev/sde" + ], + "unix_device_name2": "/dev/sg8", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 8, + "range": 1 + }, + "resources": [ + { + "type": "disk_geo", + "cylinders": 20480, + "heads": 64, + "sectors": 32, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 41943040, + "value_2": 512 + } + ], + "driver": "sd", + "driver_module": "sd_mod", + "drivers": [ + "sd" + ], + "driver_modules": [ + "sd_mod" + ] + }, + { + "index": 33, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 4, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "VIRTUAL-DISK", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "serial": "beaf21", + "model": "IET VIRTUAL-DISK", + "sysfs_id": "/class/block/sdc", + "sysfs_bus_id": "4:0:0:1", + "sysfs_device_link": "/devices/platform/host4/session29/target4:0:0/4:0:0:1", + "unix_device_name": "/dev/sdc", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 32, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/44", + "/dev/disk/by-path/ip-10.42.1.148:3260-iscsi-iqn.2019-10.io.longhorn:atuin-lun-1", + "/dev/disk/by-uuid/f4def3ee-1977-48a5-8c34-badb13c8e3b1", + "/dev/sdc" + ], + "unix_device_name2": "/dev/sg2", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 2, + "range": 1 + }, + "resources": [ + { + "type": "disk_geo", + "cylinders": 1024, + "heads": 10, + "sectors": 60, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 614400, + "value_2": 512 + } + ], + "driver": "sd", + "driver_module": "sd_mod", + "drivers": [ + "sd" + ], + "driver_modules": [ + "sd_mod" + ] + }, + { + "index": 34, + "attached_to": 18, + "bus_type": { + "name": "IDE", + "value": 133 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "Hitachi", + "value": 0 + }, + "device": { + "name": "HTS72755", + "value": 0 + }, + "revision": { + "name": "A0E0", + "value": 0 + }, + "serial": "J33B0084GPB4PB", + "model": "Hitachi HTS72755", + "sysfs_id": "/class/block/sda", + "sysfs_bus_id": "0:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:12.0/ata1/host0/target0:0:0/0:0:0:0", + "unix_device_name": "/dev/sda", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 0, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/2", + "/dev/disk/by-id/ata-Hitachi_HTS727550A9E364_J33B0084GPB4PB", + "/dev/disk/by-id/wwn-0x5000cca68cc9b5a7", + "/dev/disk/by-path/pci-0000:00:12.0-ata-1", + "/dev/disk/by-path/pci-0000:00:12.0-ata-1.0", + "/dev/sda" + ], + "resources": [ + { + "type": "disk_geo", + "cylinders": 60801, + "heads": 255, + "sectors": 63, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 976773168, + "value_2": 512 + } + ], + "driver": "ahci", + "driver_module": "ahci", + "drivers": [ + "ahci", + "sd" + ], + "driver_modules": [ + "ahci", + "sd_mod" + ] + }, + { + "index": 35, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 9, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Disk", + "value": 0 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "VIRTUAL-DISK", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "serial": "beaf21", + "model": "IET VIRTUAL-DISK", + "sysfs_id": "/class/block/sdh", + "sysfs_bus_id": "9:0:0:1", + "sysfs_device_link": "/devices/platform/host9/session50/target9:0:0/9:0:0:1", + "unix_device_name": "/dev/sdh", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 112, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-diskseq/65", + "/dev/disk/by-id/scsi-360000000000000000e00000000020001", + "/dev/disk/by-id/wwn-0x60000000000000000e00000000020001", + "/dev/disk/by-path/ip-10.42.1.5:3260-iscsi-iqn.2019-10.io.longhorn:paperless-data-lun-1", + "/dev/disk/by-uuid/682d7efc-356e-4180-aff9-e5e6a7792702", + "/dev/sdh" + ], + "unix_device_name2": "/dev/sg18", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 18, + "range": 1 + }, + "resources": [ + { + "type": "disk_geo", + "cylinders": 10240, + "heads": 64, + "sectors": 32, + "size": 0, + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 20971520, + "value_2": 512 + } + ], + "driver": "sd", + "driver_module": "sd_mod", + "drivers": [ + "sd" + ], + "driver_modules": [ + "sd_mod" + ] + } + ], + "graphics_card": [ + { + "index": 23, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "name": "Display controller", + "value": 3 + }, + "sub_class": { + "name": "VGA compatible controller", + "value": 0 + }, + "pci_interface": { + "name": "VGA", + "value": 0 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12677 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel VGA compatible controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0", + "sysfs_bus_id": "0000:00:02.0", + "resources": [ + { + "type": "io", + "base": 61440, + "range": 64, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 134, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2415919104, + "range": 268435456, + "enabled": true, + "access": "read_only", + "prefetch": "no" + }, + { + "type": "mem", + "base": 2684354560, + "range": 16777216, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 786432, + "range": 131072, + "enabled": false, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 134, + "prog_if": 0 + }, + "driver": "i915", + "driver_module": "i915", + "drivers": [ + "i915" + ], + "driver_modules": [ + "i915" + ], + "module_alias": "pci:v00008086d00003185sv00001458sd00001000bc03sc00i00", + "label": "Onboard - Video" + } + ], + "hub": [ + { + "index": 46, + "attached_to": 21, + "bus_type": { + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "name": "Hub", + "value": 266 + }, + "vendor": { + "name": "Linux 6.6.43 xhci-hcd", + "value": 7531 + }, + "device": { + "name": "xHCI Host Controller", + "value": 2 + }, + "revision": { + "name": "6.06", + "value": 0 + }, + "serial": "0000:00:15.0", + "model": "Linux 6.6.43 xhci-hcd xHCI Host Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:15.0/usb1/1-0:1.0", + "sysfs_bus_id": "1-0:1.0", + "resources": [ + { + "type": "baud", + "speed": 480000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "name": "hub", + "value": 9 + }, + "device_subclass": { + "name": "per_interface", + "value": 0 + }, + "device_protocol": 1, + "interface_class": { + "name": "hub", + "value": 9 + }, + "interface_subclass": { + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "hub", + "drivers": [ + "hub" + ], + "module_alias": "usb:v1D6Bp0002d0606dc09dsc00dp01ic09isc00ip00in00" + }, + { + "index": 48, + "attached_to": 21, + "bus_type": { + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "name": "Hub", + "value": 266 + }, + "vendor": { + "name": "Linux 6.6.43 xhci-hcd", + "value": 7531 + }, + "device": { + "name": "xHCI Host Controller", + "value": 3 + }, + "revision": { + "name": "6.06", + "value": 0 + }, + "serial": "0000:00:15.0", + "model": "Linux 6.6.43 xhci-hcd xHCI Host Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:15.0/usb2/2-0:1.0", + "sysfs_bus_id": "2-0:1.0", + "detail": { + "device_class": { + "name": "hub", + "value": 9 + }, + "device_subclass": { + "name": "per_interface", + "value": 0 + }, + "device_protocol": 3, + "interface_class": { + "name": "hub", + "value": 9 + }, + "interface_subclass": { + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "hub", + "drivers": [ + "hub" + ], + "module_alias": "usb:v1D6Bp0003d0606dc09dsc00dp03ic09isc00ip00in00" + } + ], + "memory": [ + { + "index": 7, + "attached_to": 0, + "base_class": { + "name": "Internally Used Class", + "value": 257 + }, + "sub_class": { + "name": "Main Memory", + "value": 2 + }, + "model": "Main Memory", + "resources": [ + { + "type": "mem", + "base": 0, + "range": 25008361472, + "enabled": true, + "access": "read_write", + "prefetch": "unknown" + }, + { + "type": "phys_mem", + "range": 25769803776 + } + ] + } + ], + "network_controller": [ + { + "index": 8, + "attached_to": 20, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 3, + "number": 0 + }, + "base_class": { + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "name": "Ethernet controller", + "value": 0 + }, + "vendor": { + "value": 4332 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 33128 + }, + "sub_device": { + "value": 57344 + }, + "revision": { + "value": 21 + }, + "model": "Ethernet controller", + "sysfs_id": "/devices/pci0000:00/0000:00:13.3/0000:03:00.0", + "sysfs_bus_id": "0000:03:00.0", + "unix_device_name": "enp3s0", + "unix_device_names": [ + "enp3s0" + ], + "resources": [ + { + "type": "hwaddr", + "address": 100 + }, + { + "type": "io", + "base": 57344, + "range": 256, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 21, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2701131776, + "range": 16384, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 2701148160, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "phwaddr", + "address": 100 + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 21, + "prog_if": 0 + }, + "driver": "r8169", + "driver_module": "r8169", + "drivers": [ + "r8169" + ], + "driver_modules": [ + "r8169" + ], + "module_alias": "pci:v000010ECd00008168sv00001458sd0000E000bc02sc00i00" + }, + { + "index": 12, + "attached_to": 11, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 2, + "number": 0 + }, + "base_class": { + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "name": "Network controller", + "value": 128 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "device": { + "value": 9467 + }, + "sub_device": { + "value": 8464 + }, + "revision": { + "value": 16 + }, + "model": "Intel Network controller", + "sysfs_id": "/devices/pci0000:00/0000:00:13.2/0000:02:00.0", + "sysfs_bus_id": "0000:02:00.0", + "resources": [ + { + "type": "irq", + "base": 20, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2702180352, + "range": 8192, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 2, + "header_type": 0, + "secondary_bus": 0, + "irq": 20, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d000024FBsv00008086sd00002110bc02sc80i00", + "label": "Onboard - RTK Ethernet" + } + ], + "network_interface": [ + { + "index": 59, + "attached_to": 0, + "base_class": { + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "name": "Loopback", + "value": 0 + }, + "model": "Loopback network interface", + "sysfs_id": "/class/net/lo", + "unix_device_name": "lo", + "unix_device_names": [ + "lo" + ] + }, + { + "index": 90, + "attached_to": 8, + "base_class": { + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "name": "Ethernet", + "value": 1 + }, + "model": "Ethernet network interface", + "sysfs_id": "/class/net/enp3s0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:13.3/0000:03:00.0", + "unix_device_name": "enp3s0", + "unix_device_names": [ + "enp3s0" + ], + "resources": [ + { + "type": "hwaddr", + "address": 100 + }, + { + "type": "phwaddr", + "address": 100 + } + ], + "driver": "r8169", + "driver_module": "r8169", + "drivers": [ + "r8169" + ], + "driver_modules": [ + "r8169" + ] + } + ], + "storage_controller": [ + { + "index": 14, + "attached_to": 13, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 1, + "number": 0 + }, + "base_class": { + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "value": 8 + }, + "pci_interface": { + "value": 2 + }, + "vendor": { + "value": 9798 + }, + "sub_vendor": { + "value": 9798 + }, + "device": { + "value": 20503 + }, + "sub_device": { + "value": 20503 + }, + "revision": { + "value": 3 + }, + "model": "Mass storage controller", + "sysfs_id": "/devices/pci0000:00/0000:00:13.0/0000:01:00.0", + "sysfs_bus_id": "0000:01:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2703228928, + "range": 16384, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1030, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 2 + }, + "driver": "nvme", + "driver_module": "nvme", + "drivers": [ + "nvme" + ], + "driver_modules": [ + "nvme" + ], + "module_alias": "pci:v00002646d00005017sv00002646sd00005017bc01sc08i02" + }, + { + "index": 18, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 18 + }, + "base_class": { + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "value": 6 + }, + "pci_interface": { + "value": 1 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12771 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel Mass storage controller", + "sysfs_id": "/devices/pci0000:00/0000:00:12.0", + "sysfs_bus_id": "0000:00:12.0", + "resources": [ + { + "type": "io", + "base": 61536, + "range": 32, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 61568, + "range": 4, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 61584, + "range": 8, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 131, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2704343040, + "range": 8192, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 2704371712, + "range": 2048, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 2704375808, + "range": 256, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1031, + "header_type": 0, + "secondary_bus": 0, + "irq": 131, + "prog_if": 1 + }, + "driver": "ahci", + "driver_module": "ahci", + "drivers": [ + "ahci" + ], + "driver_modules": [ + "ahci" + ], + "module_alias": "pci:v00008086d000031E3sv00001458sd00001000bc01sc06i01", + "label": "Onboard - SATA" + } + ], + "system": { + "form_factor": "desktop" + }, + "unknown": [ + { + "index": 9, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 28 + }, + "base_class": { + "name": "Generic system peripheral", + "value": 8 + }, + "sub_class": { + "value": 5 + }, + "pci_interface": { + "value": 1 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12748 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel Generic system peripheral", + "sysfs_id": "/devices/pci0000:00/0000:00:1c.0", + "sysfs_bus_id": "0000:00:1c.0", + "resources": [ + { + "type": "irq", + "base": 39, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2704363520, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 2704367616, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 6, + "header_type": 0, + "secondary_bus": 0, + "irq": 39, + "prog_if": 1 + }, + "driver": "sdhci-pci", + "driver_module": "sdhci_pci", + "drivers": [ + "sdhci-pci" + ], + "driver_modules": [ + "sdhci_pci" + ], + "module_alias": "pci:v00008086d000031CCsv00001458sd00001000bc08sc05i01", + "label": "Onboard - Other" + }, + { + "index": 15, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 30 + }, + "base_class": { + "name": "Generic system peripheral", + "value": 8 + }, + "sub_class": { + "value": 5 + }, + "pci_interface": { + "value": 1 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12752 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel Generic system peripheral", + "sysfs_id": "/devices/pci0000:00/0000:00:1e.0", + "sysfs_bus_id": "0000:00:1e.0", + "resources": [ + { + "type": "irq", + "base": 42, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2704355328, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 2704359424, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 6, + "header_type": 0, + "secondary_bus": 0, + "irq": 42, + "prog_if": 1 + }, + "driver": "sdhci-pci", + "driver_module": "sdhci_pci", + "drivers": [ + "sdhci-pci" + ], + "driver_modules": [ + "sdhci_pci" + ], + "module_alias": "pci:v00008086d000031D0sv00001458sd00001000bc08sc05i01", + "label": "Onboard - Other" + }, + { + "index": 16, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 15 + }, + "base_class": { + "name": "Communication controller", + "value": 7 + }, + "sub_class": { + "name": "Communication controller", + "value": 128 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12698 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel Communication controller", + "sysfs_id": "/devices/pci0000:00/0000:00:0f.0", + "sysfs_bus_id": "0000:00:0f.0", + "resources": [ + { + "type": "irq", + "base": 132, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2704379904, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1030, + "header_type": 0, + "secondary_bus": 0, + "irq": 132, + "prog_if": 0 + }, + "driver": "mei_me", + "driver_module": "mei_me", + "drivers": [ + "mei_me" + ], + "driver_modules": [ + "mei_me" + ], + "module_alias": "pci:v00008086d0000319Asv00001458sd00001000bc07sc80i00", + "label": "Onboard - Other" + }, + { + "index": 19, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "name": "Serial bus controller", + "value": 12 + }, + "sub_class": { + "name": "SMBus", + "value": 5 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12756 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel SMBus", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.1", + "sysfs_bus_id": "0000:00:1f.1", + "resources": [ + { + "type": "io", + "base": 61504, + "range": 32, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 20, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2704351232, + "range": 256, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 1, + "command": 3, + "header_type": 0, + "secondary_bus": 0, + "irq": 20, + "prog_if": 0 + }, + "driver": "i801_smbus", + "driver_module": "i2c_i801", + "drivers": [ + "i801_smbus" + ], + "driver_modules": [ + "i2c_i801" + ], + "module_alias": "pci:v00008086d000031D4sv00001458sd00001000bc0Csc05i00", + "label": "Onboard - Other" + }, + { + "index": 22, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "name": "Generic system peripheral", + "value": 8 + }, + "sub_class": { + "name": "System peripheral", + "value": 128 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12688 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel System peripheral", + "sysfs_id": "/devices/pci0000:00/0000:00:00.3", + "sysfs_bus_id": "0000:00:00.3", + "resources": [ + { + "type": "irq", + "base": 23, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2704384000, + "range": 4096, + "enabled": false, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 3, + "command": 0, + "header_type": 0, + "secondary_bus": 0, + "irq": 23, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d00003190sv00001458sd00001000bc08sc80i00", + "label": "Onboard - Other" + }, + { + "index": 24, + "attached_to": 0, + "base_class": { + "name": "Communication controller", + "value": 7 + }, + "sub_class": { + "name": "Serial controller", + "value": 0 + }, + "pci_interface": { + "name": "16550", + "value": 2 + }, + "device": { + "name": "16550A", + "value": 0 + }, + "model": "16550A", + "unix_device_name": "/dev/ttyS0", + "unix_device_names": [ + "/dev/ttyS0" + ], + "resources": [ + { + "type": "io", + "base": 1016, + "range": 0, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 4, + "triggered": 0, + "enabled": true + } + ] + }, + { + "index": 36, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 11, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Storage Device", + "value": 128 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "Controller", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "model": "IET Controller", + "sysfs_id": "/class/scsi_generic/sg9", + "sysfs_bus_id": "11:0:0:0", + "unix_device_name": "/dev/sg9", + "unix_device_number": { + "type": 99, + "major": 21, + "minor": 9, + "range": 1 + }, + "unix_device_names": [ + "/dev/sg9" + ] + }, + { + "index": 37, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 6, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Storage Device", + "value": 128 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "Controller", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "model": "IET Controller", + "sysfs_id": "/class/scsi_generic/sg7", + "sysfs_bus_id": "6:0:0:0", + "unix_device_name": "/dev/sg7", + "unix_device_number": { + "type": 99, + "major": 21, + "minor": 7, + "range": 1 + }, + "unix_device_names": [ + "/dev/sg7" + ] + }, + { + "index": 38, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 9, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Storage Device", + "value": 128 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "Controller", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "model": "IET Controller", + "sysfs_id": "/class/scsi_generic/sg17", + "sysfs_bus_id": "9:0:0:0", + "unix_device_name": "/dev/sg17", + "unix_device_number": { + "type": 99, + "major": 21, + "minor": 17, + "range": 1 + }, + "unix_device_names": [ + "/dev/sg17" + ] + }, + { + "index": 39, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 2, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Storage Device", + "value": 128 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "Controller", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "model": "IET Controller", + "sysfs_id": "/class/scsi_generic/sg5", + "sysfs_bus_id": "2:0:0:0", + "unix_device_name": "/dev/sg5", + "unix_device_number": { + "type": 99, + "major": 21, + "minor": 5, + "range": 1 + }, + "unix_device_names": [ + "/dev/sg5" + ] + }, + { + "index": 40, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 8, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Storage Device", + "value": 128 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "Controller", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "model": "IET Controller", + "sysfs_id": "/class/scsi_generic/sg15", + "sysfs_bus_id": "8:0:0:0", + "unix_device_name": "/dev/sg15", + "unix_device_number": { + "type": 99, + "major": 21, + "minor": 15, + "range": 1 + }, + "unix_device_names": [ + "/dev/sg15" + ] + }, + { + "index": 41, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 3, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Storage Device", + "value": 128 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "Controller", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "model": "IET Controller", + "sysfs_id": "/class/scsi_generic/sg3", + "sysfs_bus_id": "3:0:0:0", + "unix_device_name": "/dev/sg3", + "unix_device_number": { + "type": 99, + "major": 21, + "minor": 3, + "range": 1 + }, + "unix_device_names": [ + "/dev/sg3" + ] + }, + { + "index": 42, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 7, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Storage Device", + "value": 128 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "Controller", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "model": "IET Controller", + "sysfs_id": "/class/scsi_generic/sg13", + "sysfs_bus_id": "7:0:0:0", + "unix_device_name": "/dev/sg13", + "unix_device_number": { + "type": 99, + "major": 21, + "minor": 13, + "range": 1 + }, + "unix_device_names": [ + "/dev/sg13" + ] + }, + { + "index": 43, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 4, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Storage Device", + "value": 128 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "Controller", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "model": "IET Controller", + "sysfs_id": "/class/scsi_generic/sg1", + "sysfs_bus_id": "4:0:0:0", + "unix_device_name": "/dev/sg1", + "unix_device_number": { + "type": 99, + "major": 21, + "minor": 1, + "range": 1 + }, + "unix_device_names": [ + "/dev/sg1" + ] + }, + { + "index": 44, + "attached_to": 0, + "bus_type": { + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 5, + "number": 0 + }, + "base_class": { + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "name": "Storage Device", + "value": 128 + }, + "vendor": { + "name": "IET", + "value": 0 + }, + "device": { + "name": "Controller", + "value": 0 + }, + "revision": { + "name": "0001", + "value": 0 + }, + "model": "IET Controller", + "sysfs_id": "/class/scsi_generic/sg11", + "sysfs_bus_id": "5:0:0:0", + "unix_device_name": "/dev/sg11", + "unix_device_number": { + "type": 99, + "major": 21, + "minor": 11, + "range": 1 + }, + "unix_device_names": [ + "/dev/sg11" + ] + } + ], + "usb_controller": [ + { + "index": 21, + "attached_to": 0, + "bus_type": { + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 21 + }, + "base_class": { + "name": "Serial bus controller", + "value": 12 + }, + "sub_class": { + "name": "USB Controller", + "value": 3 + }, + "pci_interface": { + "value": 48 + }, + "vendor": { + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "value": 5208 + }, + "device": { + "value": 12712 + }, + "sub_device": { + "value": 4096 + }, + "revision": { + "value": 3 + }, + "model": "Intel USB Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:15.0", + "sysfs_bus_id": "0000:00:15.0", + "resources": [ + { + "type": "irq", + "base": 125, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 2704277504, + "range": 65536, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1030, + "header_type": 0, + "secondary_bus": 0, + "irq": 125, + "prog_if": 48 + }, + "driver": "xhci_hcd", + "driver_module": "xhci_pci", + "drivers": [ + "xhci_hcd" + ], + "driver_modules": [ + "xhci_pci" + ], + "module_alias": "pci:v00008086d000031A8sv00001458sd00001000bc0Csc03i30", + "label": "Onboard - Other" + } + ] + }, + "smbios": { + "bios": { + "handle": 0, + "vendor": "American Megatrends Inc.", + "version": "F8", + "date": "12/13/2019", + "features": [ + "PCI supported", + "BIOS flashable", + "BIOS shadowing allowed", + "CD boot supported", + "Selectable boot supported", + "BIOS ROM socketed", + "EDD spec supported", + "1.2MB Floppy supported", + "720kB Floppy supported", + "2.88MB Floppy supported", + "Print Screen supported", + "8042 Keyboard Services supported", + "Serial Services supported", + "Printer Services supported", + "ACPI supported", + "USB Legacy supported", + "BIOS Boot Spec supported" + ], + "start_address": "0xf0000", + "rom_size": 6291456 + }, + "board": { + "handle": 2, + "manufacturer": "GIGABYTE", + "product": "MZGLKAP-00", + "version": "1.x", + "board_type": { + "name": "Motherboard", + "value": 10 + }, + "features": [ + "Hosting Board", + "Replaceable" + ], + "location": "Default string", + "chassis": 3 + }, + "cache": [ + { + "handle": 47, + "socket": "CPU Internal L1", + "size_max": 224, + "size_current": 224, + "speed": 0, + "mode": { + "name": "Write Back", + "value": 1 + }, + "enabled": true, + "location": { + "name": "Internal", + "value": 0 + }, + "socketed": false, + "level": 0, + "ecc": { + "name": "Parity", + "value": 4 + }, + "cache_type": { + "name": "Other", + "value": 1 + }, + "associativity": { + "name": "Other", + "value": 1 + }, + "sram_type_current": [ + "Synchronous" + ], + "sram_type_supported": [ + "Synchronous" + ] + }, + { + "handle": 48, + "socket": "CPU Internal L2", + "size_max": 4096, + "size_current": 4096, + "speed": 0, + "mode": { + "name": "Write Back", + "value": 1 + }, + "enabled": true, + "location": { + "name": "Internal", + "value": 0 + }, + "socketed": false, + "level": 1, + "ecc": { + "name": "Single-bit", + "value": 5 + }, + "cache_type": { + "name": "Unified", + "value": 5 + }, + "associativity": { + "name": "16-way Set-Associative", + "value": 8 + }, + "sram_type_current": [ + "Synchronous" + ], + "sram_type_supported": [ + "Synchronous" + ] + } + ], + "chassis": { + "handle": 3, + "manufacturer": "Default string", + "version": "Default string", + "chassis_type": { + "name": "Desktop", + "value": 3 + }, + "lock_present": false, + "bootup_state": { + "name": "Safe", + "value": 3 + }, + "power_state": { + "name": "Safe", + "value": 3 + }, + "thermal_state": { + "name": "Safe", + "value": 3 + }, + "security_state": { + "name": "None", + "value": 3 + }, + "oem": "0x0" + }, + "config": { + "handle": 34, + "options": [ + "Default string" + ] + }, + "language": [ + { + "handle": 63, + "languages": [ + "en|US|iso8859-1" + ] + } + ], + "memory_array": [ + { + "handle": 35, + "location": { + "name": "Motherboard", + "value": 3 + }, + "usage": { + "name": "System memory", + "value": 3 + }, + "ecc": { + "name": "None", + "value": 3 + }, + "max_size": 33554432, + "error_handle": 65534, + "slots": 2 + } + ], + "memory_array_mapped_address": [ + { + "handle": 36, + "array_handle": 35, + "start_address": 0, + "end_address": 25769803776, + "part_width": 2 + } + ], + "memory_device": [ + { + "handle": 37, + "location": "A1_DIMM0", + "bank_location": "A1_BANK0", + "manufacturer": "Crucial", + "part_number": "CT16G4SFD824A.M16F", + "array_handle": 35, + "error_handle": 65534, + "width": 64, + "ecc_bits": 0, + "size": 16777216, + "form_factor": { + "name": "SODIMM", + "value": 13 + }, + "set": 0, + "memory_type": { + "name": "Other", + "value": 26 + }, + "memory_type_details": [ + "Synchronous" + ], + "speed": 2400 + }, + { + "handle": 39, + "location": "A1_DIMM1", + "bank_location": "A1_BANK1", + "manufacturer": "Crucial", + "part_number": "CT8G4SFS824A.M8FJ", + "array_handle": 35, + "error_handle": 65534, + "width": 64, + "ecc_bits": 0, + "size": 8388608, + "form_factor": { + "name": "SODIMM", + "value": 13 + }, + "set": 0, + "memory_type": { + "name": "Other", + "value": 26 + }, + "memory_type_details": [ + "Synchronous" + ], + "speed": 2400 + } + ], + "memory_device_mapped_address": [ + { + "handle": 38, + "memory_device_handle": 37, + "array_map_handle": 36, + "start_address": 0, + "end_address": 17179869184, + "row_position": 255, + "interleave_position": 1, + "interleave_depth": 2 + }, + { + "handle": 40, + "memory_device_handle": 39, + "array_map_handle": 36, + "start_address": 17179869184, + "end_address": 25769803776, + "row_position": 255, + "interleave_position": 2, + "interleave_depth": 2 + } + ], + "onboard": [ + { + "handle": 32, + "devices": [ + { + "name": "To Be Filled By O.E.M.", + "type": { + "name": "Video", + "value": 3 + }, + "enabled": true + } + ] + } + ], + "port_connector": [ + { + "handle": 8, + "port_type": { + "name": "Mouse Port", + "value": 14 + }, + "internal_reference_designator": "J1A1", + "external_connector_type": { + "name": "PS/2", + "value": 15 + }, + "external_reference_designator": "PS2Mouse" + }, + { + "handle": 9, + "port_type": { + "name": "Keyboard Port", + "value": 13 + }, + "internal_reference_designator": "J1A1", + "external_connector_type": { + "name": "PS/2", + "value": 15 + }, + "external_reference_designator": "Keyboard" + }, + { + "handle": 10, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J2A1", + "external_connector_type": { + "name": "Mini-Centronics Type-14", + "value": 29 + }, + "external_reference_designator": "TV Out" + }, + { + "handle": 11, + "port_type": { + "name": "Serial Port 16550A Compatible", + "value": 9 + }, + "internal_reference_designator": "J2A2A", + "external_connector_type": { + "name": "DB-9 pin male", + "value": 8 + }, + "external_reference_designator": "COM A" + }, + { + "handle": 12, + "port_type": { + "name": "Video Port", + "value": 28 + }, + "internal_reference_designator": "J2A2B", + "external_connector_type": { + "name": "DB-15 pin female", + "value": 7 + }, + "external_reference_designator": "Video" + }, + { + "handle": 13, + "port_type": { + "name": "USB", + "value": 16 + }, + "internal_reference_designator": "J3A1", + "external_connector_type": { + "name": "Access Bus [USB]", + "value": 18 + }, + "external_reference_designator": "USB1" + }, + { + "handle": 14, + "port_type": { + "name": "USB", + "value": 16 + }, + "internal_reference_designator": "J3A1", + "external_connector_type": { + "name": "Access Bus [USB]", + "value": 18 + }, + "external_reference_designator": "USB2" + }, + { + "handle": 15, + "port_type": { + "name": "USB", + "value": 16 + }, + "internal_reference_designator": "J3A1", + "external_connector_type": { + "name": "Access Bus [USB]", + "value": 18 + }, + "external_reference_designator": "USB3" + }, + { + "handle": 16, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J9A1 - TPM HDR" + }, + { + "handle": 17, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J9C1 - PCIE DOCKING CONN" + }, + { + "handle": 18, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J2B3 - CPU FAN" + }, + { + "handle": 19, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J6C2 - EXT HDMI" + }, + { + "handle": 20, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J3C1 - GMCH FAN" + }, + { + "handle": 21, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J1D1 - ITP" + }, + { + "handle": 22, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J9E2 - MDC INTPSR" + }, + { + "handle": 23, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J9E4 - MDC INTPSR" + }, + { + "handle": 24, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J9E3 - LPC HOT DOCKING" + }, + { + "handle": 25, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J9E1 - SCAN MATRIX" + }, + { + "handle": 26, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J9G1 - LPC SIDE BAND" + }, + { + "handle": 27, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J8F1 - UNIFIED" + }, + { + "handle": 28, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J6F1 - LVDS" + }, + { + "handle": 29, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J2F1 - LAI FAN" + }, + { + "handle": 30, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J2G1 - GFX VID" + }, + { + "handle": 31, + "port_type": { + "name": "Other", + "value": 255 + }, + "internal_connector_type": { + "name": "Other", + "value": 255 + }, + "internal_reference_designator": "J1G6 - AC JACK" + } + ], + "processor": [ + { + "handle": 49, + "socket": "SOCKET 0", + "socket_type": { + "name": "Other", + "value": 1 + }, + "socket_populated": true, + "manufacturer": "Intel", + "version": "Intel(R) Celeron(R) J4105 CPU @ 1.50GHz", + "part": "Fill By OEM", + "processor_type": { + "name": "CPU", + "value": 3 + }, + "processor_family": { + "name": "Celeron", + "value": 15 + }, + "processor_status": { + "name": "Enabled", + "value": 1 + }, + "clock_ext": 100, + "clock_max": 2700, + "cache_handle_l1": 47, + "cache_handle_l2": 48, + "cache_handle_l3": 0 + } + ], + "slot": [ + { + "handle": 64, + "designation": "J7H1", + "slot_type": { + "name": "Other", + "value": 174 + }, + "bus_width": { + "name": "Other", + "value": 10 + }, + "usage": { + "name": "In Use", + "value": 4 + }, + "length": { + "name": "Short", + "value": 3 + }, + "id": 0, + "features": [ + "3.3 V", + "Shared", + "PME#" + ] + }, + { + "handle": 65, + "designation": "J8H1", + "slot_type": { + "name": "Other", + "value": 173 + }, + "bus_width": { + "name": "Other", + "value": 9 + }, + "usage": { + "name": "Available", + "value": 3 + }, + "length": { + "name": "Short", + "value": 3 + }, + "id": 1, + "features": [ + "3.3 V", + "Shared", + "PME#" + ] + } + ], + "system": { + "handle": 1, + "manufacturer": "GIGABYTE", + "product": "MZGLKAP-00", + "version": "1.x", + "wake_up": { + "name": "Power Switch", + "value": 6 + } + } + } +} diff --git a/machines/default.nix b/machines/default.nix index 49813b0..71eaff9 100644 --- a/machines/default.nix +++ b/machines/default.nix @@ -13,4 +13,9 @@ system = "aarch64-linux"; nixosModule = import ./warwick/configuration.nix; }; + + atlas = { + system = "x86_64-linux"; + nixosModule = import ./atlas/configuration.nix; + }; } diff --git a/machines/warwick/configuration.nix b/machines/warwick/configuration.nix index f7fd098..d867b03 100644 --- a/machines/warwick/configuration.nix +++ b/machines/warwick/configuration.nix @@ -29,6 +29,7 @@ buildOnTarget = true; }; + boot.loader.systemd-boot.enable = lib.mkForce false; users.users.root.openssh.authorizedKeys.keys = config.pim.ssh.keys.pim ++ config.pim.ssh.keys.niels; sops.age.keyFile = "/root/.config/sops/age/keys.txt"; diff --git a/nixos/default.nix b/nixos/default.nix index 552bd0d..51138cb 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -12,6 +12,7 @@ inputs.nixos-facter-modules.nixosModules.facter inputs.disko.nixosModules.disko inputs.sops-nix.nixosModules.sops + inputs.nix-snapshotter.nixosModules.nix-snapshotter ./lanzaboote.nix ./tidal.nix ./stylix.nix @@ -23,6 +24,7 @@ ./desktop.nix ./server.nix ./prometheus.nix + ./k3s ]; options = { diff --git a/nixos/k3s/bootstrap.nix b/nixos/k3s/bootstrap.nix new file mode 100644 index 0000000..e49770b --- /dev/null +++ b/nixos/k3s/bootstrap.nix @@ -0,0 +1,20 @@ +{kubenix, ...}: { + imports = [kubenix.modules.k8s]; + kubernetes.resources.clusterRoleBindings.cluster-admins = { + roleRef = { + apiGroup = "rbac.authorization.k8s.io"; + kind = "ClusterRole"; + name = "cluster-admin"; + }; + subjects = [ + { + kind = "User"; + name = "pim"; + } + { + kind = "User"; + name = "niels"; + } + ]; + }; +} diff --git a/nixos/k3s/default.nix b/nixos/k3s/default.nix new file mode 100644 index 0000000..17ae76b --- /dev/null +++ b/nixos/k3s/default.nix @@ -0,0 +1,213 @@ +{ + self, + inputs, + pkgs, + lib, + config, + ... +}: let + cfg = config.pim.k3s; +in { + options.pim.k3s = { + enable = lib.mkOption { + default = false; + type = lib.types.bool; + description = '' + Whether to run k3s on this server. + ''; + }; + + role = lib.mkOption { + default = "server"; + type = lib.types.str; + description = '' + Whether to run k3s as a server or an agent. + ''; + }; + + clusterInit = lib.mkOption { + default = false; + type = lib.types.bool; + description = '' + Whether this node should initialize the K8s cluster. + ''; + }; + + serverAddr = lib.mkOption { + default = null; + type = with lib.types; nullOr str; + description = '' + Address of the server whose cluster this server should join. + Leaving this empty will make the server initialize the cluster. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + k3s + openiscsi # Required for Longhorn + nfs-utils # Required for Longhorn + ]; + + # TODO!!!!! + networking = { + nftables.enable = lib.mkForce false; + firewall.enable = lib.mkForce false; + }; + + virtualisation.containerd = { + enable = true; + + settings = { + version = 2; + + proxy_plugins.nix = { + type = "snapshot"; + address = "/run/nix-snapshotter/nix-snapshotter.sock"; + }; + + plugins = let + k3s-cni-plugins = pkgs.buildEnv { + name = "k3s-cni-plugins"; + paths = with pkgs; [ + cni-plugins + cni-plugin-flannel + ]; + }; + in { + "io.containerd.grpc.v1.cri" = { + stream_server_address = "127.0.0.1"; + stream_server_port = "10010"; + enable_selinux = false; + enable_unprivileged_ports = true; + enable_unprivileged_icmp = true; + disable_apparmor = true; + disable_cgroup = true; + restrict_oom_score_adj = true; + sandbox_image = "rancher/mirrored-pause:3.6"; + containerd.snapshotter = "nix"; + + cni = { + conf_dir = "/var/lib/rancher/k3s/agent/etc/cni/net.d/"; + bin_dir = "${k3s-cni-plugins}/bin"; + }; + }; + + "io.containerd.transfer.v1.local".unpack_config = [ + { + platform = "linux/amd64"; + snapshotter = "nix"; + } + ]; + }; + }; + }; + + services = { + nix-snapshotter.enable = true; + + k3s = let + serverFlagList = [ + "--image-service-endpoint=unix:///run/nix-snapshotter/nix-snapshotter.sock" + "--snapshotter=overlayfs" + "--container-runtime-endpoint=unix:///run/containerd/containerd.sock" + "--tls-san=${config.networking.fqdn}" + "--disable=servicelb" + "--cluster-cidr=10.42.0.0/16,2001:cafe:42::/56" + "--service-cidr=10.43.0.0/16,2001:cafe:43::/112" + ]; + + serverFlags = builtins.concatStringsSep " " serverFlagList; + in { + enable = true; + role = cfg.role; + tokenFile = config.sops.secrets."k3s/serverToken".path; + extraFlags = lib.mkIf (cfg.role == "server") (lib.mkForce serverFlags); + clusterInit = cfg.clusterInit; + serverAddr = lib.mkIf (! (cfg.serverAddr == null)) cfg.serverAddr; + }; + + # Required for Longhorn + openiscsi = { + enable = true; + name = "iqn.2016-04.com.open-iscsi:${config.networking.fqdn}"; + }; + }; + + # HACK: Symlink binaries to /usr/local/bin such that Longhorn can find them + # when they use nsenter. + # https://github.com/longhorn/longhorn/issues/2166#issuecomment-1740179416 + systemd.tmpfiles.rules = [ + "L+ /usr/local/bin - - - - /run/current-system/sw/bin/" + ]; + + system.activationScripts = { + k3s-bootstrap = lib.mkIf (cfg.role == "server") { + text = ( + let + k3sBootstrapFile = + (inputs.kubenix.evalModules.x86_64-linux { + module = import ./bootstrap.nix; + }) + .config + .kubernetes + .result; + in '' + mkdir -p /var/lib/rancher/k3s/server/manifests + ln -sf ${k3sBootstrapFile} /var/lib/rancher/k3s/server/manifests/k3s-bootstrap.json + '' + ); + }; + + k3s-certs = lib.mkIf (cfg.role == "server") { + text = '' + mkdir -p /var/lib/rancher/k3s/server/tls/etcd + cp -f ${./k3s-ca/server-ca.crt} /var/lib/rancher/k3s/server/tls/server-ca.crt + cp -f ${./k3s-ca/client-ca.crt} /var/lib/rancher/k3s/server/tls/client-ca.crt + cp -f ${./k3s-ca/request-header-ca.crt} /var/lib/rancher/k3s/server/tls/request-header-ca.crt + cp -f ${./k3s-ca/etcd/peer-ca.crt} /var/lib/rancher/k3s/server/tls/etcd/peer-ca.crt + cp -f ${./k3s-ca/etcd/server-ca.crt} /var/lib/rancher/k3s/server/tls/etcd/server-ca.crt + ''; + }; + }; + + sops.secrets = let + keyPathBase = "/var/lib/rancher/k3s/server/tls"; + in { + "k3s/serverToken" = { + sopsFile = "${self}/secrets/kubernetes.yaml"; + }; + + "k3s/keys/clientCAKey" = { + sopsFile = "${self}/secrets/kubernetes.yaml"; + path = "${keyPathBase}/client-ca.key"; + }; + + "k3s/keys/requestHeaderCAKey" = { + sopsFile = "${self}/secrets/kubernetes.yaml"; + path = "${keyPathBase}/request-header-ca.key"; + }; + + "k3s/keys/serverCAKey" = { + sopsFile = "${self}/secrets/kubernetes.yaml"; + path = "${keyPathBase}/server-ca.key"; + }; + + "k3s/keys/serviceKey" = { + sopsFile = "${self}/secrets/kubernetes.yaml"; + path = "${keyPathBase}/service.key"; + }; + + "k3s/keys/etcd/peerCAKey" = { + sopsFile = "${self}/secrets/kubernetes.yaml"; + path = "${keyPathBase}/etcd/peer-ca.key"; + }; + + "k3s/keys/etcd/serverCAKey" = { + sopsFile = "${self}/secrets/kubernetes.yaml"; + path = "${keyPathBase}/etcd/server-ca.key"; + }; + }; + }; +} diff --git a/nixos/k3s/k3s-ca/client-ca.crt b/nixos/k3s/k3s-ca/client-ca.crt new file mode 100644 index 0000000..cbcfa74 --- /dev/null +++ b/nixos/k3s/k3s-ca/client-ca.crt @@ -0,0 +1,81 @@ +-----BEGIN CERTIFICATE----- +MIIDZjCCAU6gAwIBAgIIK1UyUU0zJ3cwDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE +AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy +MFoXDTQ0MDEyNTEyMzAyMFowIzEhMB8GA1UEAwwYazNzLWNsaWVudC1jYUAxNzE1 +MjU3ODEzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBB8Y6sNAW10pxocoKo71 +BTJXo7gwFSxotKxht5rinAmpvVEZnRlIDcjtdRZ0mqTT3I8SXrhGtWjdTP37cmM1 +/KNjMGEwHQYDVR0OBBYEFA0aYftOY6QKQhCiWi2U3JEkGfqJMB8GA1UdIwQYMBaA +FPr9VQZaChg8JC0u+mpfJyqQvjdiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ +BAQDAgKkMA0GCSqGSIb3DQEBCwUAA4ICAQDDGSh4gVbI5zjCrHn4yFt/XdGq1MML +8wJf2UvRCddQULwhuWae21P5i6cGks3v3Yqd9h+uZJ2JKl6heChuq1/vZBQ9Y31G +LuRvaGdJnzgu2S1UQMUbkc39lgJf8j20XMK4NsIOP1N3rU5i5htEzjMsi9MtiabO +yjC9fzYXVW0j5uTi14swYG9ESKPJ7WQ1nETWWRiBrs4IlPRq3jIVOJTBAHxWjMtg +96zfvqK+jgH+rx3QolwiwV7ai0D1RbCvGoOhkoQcy506SztdlNRXfGpAbcXFJ+uP +esw9xLilIjF4o42Ga9uizBGjbk/gyN4r4lZ6ojSXGKDczcQxM6i2bGRvn96KbK/R +o0gbsb56niVt1ZQDCuYdOs3B9JlrQeZaeCUypx/UbAoYnVy1FECj0OcPDI69Es60 +wHjyp3EAOTJ/gSiUhdvDjwUYT2klP0d+GvsXWbPAcqJJJS8SuVhXIZZfZW5e7Cbn ++TwO3omtxg6b7Wh7QWTUajWtmLjFSoP0MlOp56u9U5R0rfNDG5mrV4gCh0QTNyzt ++CEIC8fHDUUDAphJnirYLZszzmg14vNQUR2gm3T9/j7XYHtmzrWA7eT2pk6h1HQz +yJwoW2EsGyT6GELjztXQN+lWlBqW05cedkMsGnfym2A4Y06MaUwjNmTA3kiAoUUr +Z6PMef1lNVlmUA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE +AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx +MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 +NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP +ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk +uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 +yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS +TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW +aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A +vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm +3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE +HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 +N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb +ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 +IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY +PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC +AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 +VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy +P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx +KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx +W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 +36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR +dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY +i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC +1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY +JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E +XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL +BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx +MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 +MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP +tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot +RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ +OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd +6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw +qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T +1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 +bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc +zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB +ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ +8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ +TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD +5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy +htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL +BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ +PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf +MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx +kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY +j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE +H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 +jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R +G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 +RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ +09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm +KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq +-----END CERTIFICATE----- diff --git a/nixos/k3s/k3s-ca/etcd/peer-ca.crt b/nixos/k3s/k3s-ca/etcd/peer-ca.crt new file mode 100644 index 0000000..0c44c46 --- /dev/null +++ b/nixos/k3s/k3s-ca/etcd/peer-ca.crt @@ -0,0 +1,81 @@ +-----BEGIN CERTIFICATE----- +MIIDaTCCAVGgAwIBAgIIK1UyUU0zJ3owDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE +AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy +MFoXDTQ0MDEyNTEyMzAyMFowJjEkMCIGA1UEAwwbazNzLWV0Y2QtcGVlci1jYUAx +NzE1MjU3ODEzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnl/F0abKbhtunsAE +gFB/NapdHORdwEku2AlLLFZuBTWTm7bDPV6aL/QrSlqKOscrh0WqCJMAy+OrC3Uz +MgKgQKNjMGEwHQYDVR0OBBYEFH8weUS7ylk6JshWGj/UTH3vt/L6MB8GA1UdIwQY +MBaAFPr9VQZaChg8JC0u+mpfJyqQvjdiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P +AQH/BAQDAgKkMA0GCSqGSIb3DQEBCwUAA4ICAQASumDCrfrfm9AAjCou3V1YEbZA +bM20GyWfFHIWzZOtCyKJQt0oOr2tXXv8RwsG0qWeVU7C0CeGUEhF8IFe/O01idWT +wv8Fiatugen6gx2ufawyEv4ATW3tPAizt+r4eZz0euYntGevPx2iM1R5xEcaNj01 +kRiydyeP/m1C+uEXTCemIcP0vC67UE5OFBntjub7+K5h+iFApt/3MpdAW51GSDZn +t+EgaMa98ozHhTRWpA0QlmbDzQLX8hIALvFvzqyJcUHSoVeJEo0J25IXi7mJKQP3 +kTG/1WjEXlZ2LUfWtBRlhfgxjdupLTULdOpHY3E0Zl5K7gBvDayMcrdcGNIgJ0iJ +qMRfB30Qwa1Hypgio5GOi4aOEyE3dNQke+M8UtI1oMXCyPeLTBMoc7rzZii0AnwD +5IuT4Uwx8SMHBuBPlU6TVe4UsChaw+k7kPDAWJ9yULW4x4o/zHQB/opjWMSpQqc0 +nrBfFEhgFyUbwYnGutfEczwhxPlDhdICKPK2bO5dh6LEPohvmoXVks6Dp98Ha371 +61/1ZLsMqO8spMrzlkONdSjZmoyFSIWiUivzXcnGVyiuSqYEbRokgoKg1mv61c3x +lcw7ChGafWws1odaHV0A6nXf7G5+K3I6wnKW5601GwrAiQVgEba8x290WWun4k8d +USo2/Dqkd9+wVScQHw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE +AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx +MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 +NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP +ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk +uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 +yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS +TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW +aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A +vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm +3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE +HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 +N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb +ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 +IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY +PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC +AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 +VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy +P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx +KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx +W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 +36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR +dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY +i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC +1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY +JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E +XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL +BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx +MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 +MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP +tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot +RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ +OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd +6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw +qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T +1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 +bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc +zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB +ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ +8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ +TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD +5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy +htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL +BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ +PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf +MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx +kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY +j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE +H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 +jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R +G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 +RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ +09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm +KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq +-----END CERTIFICATE----- diff --git a/nixos/k3s/k3s-ca/etcd/server-ca.crt b/nixos/k3s/k3s-ca/etcd/server-ca.crt new file mode 100644 index 0000000..bc0b6ef --- /dev/null +++ b/nixos/k3s/k3s-ca/etcd/server-ca.crt @@ -0,0 +1,81 @@ +-----BEGIN CERTIFICATE----- +MIIDazCCAVOgAwIBAgIIK1UyUU0zJ3swDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE +AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy +MFoXDTQ0MDEyNTEyMzAyMFowKDEmMCQGA1UEAwwdazNzLWV0Y2Qtc2VydmVyLWNh +QDE3MTUyNTc4MTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARjDMY4U81p+y3C +k+g4MloNceEQ0+TKbnGc0xlGmJBXXKqB6zrolIdv/J9GABZ9eIUGEs8Xw0E4VEPM +l2iFGyoOo2MwYTAdBgNVHQ4EFgQUm/3f0yXxqbgLmU4a+H2QMavLUX0wHwYDVR0j +BBgwFoAU+v1VBloKGDwkLS76al8nKpC+N2IwDwYDVR0TAQH/BAUwAwEB/zAOBgNV +HQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQELBQADggIBADcxOaGyetgWEqo5BqNZd9X6 +6Lj3rJZTYBmAJeISscG/Dwnv0MmRWw911zmRhikEu8jmLiGMQZUwFD1KoJ6Z/D2M +0Iqk87Ur4aS+mw2Yc60QatkZ2D1XBhrzk3gMaCtWMQBRiexA4qvaw8qlDkDR2eW9 +wyks+WsD6Am1Vb/9k7fIfDR1KkScpl07fAMil73URy+KNDZ6r8hW3xZulvZd5IWp +g2px4A+i4eUbevBU1xljpXjP5lrEqoApk5YQDlHHKARszWlQC9PbvyiRRn8dH69m +mC0cdt5tSWWT49bCRtfigoejeFr8SaYzDuvR4Wb31CgbH+qVZADfgggE1N6pQCsY +w+b8xvoZGAcKEWAlX3J159Rc1mV9HRCEzaGEt5kgJuPFyJUXCjQzrKTADOawFxGb +IYeKcmUJuJG0yDkYb5lNa5fv02PAqXVM+Wz+YpFryHRphKt/gGLlhg1HyqnLVowi +UhlRyPLj9XG8PH1ZRVF6/havkg9H78voMXdFMcotIF34wSP5k/wsDjmgsvuLUIek +ryImLiMuJT5sTM/xVdLT2B9cJrFz4XIAFV209PvIldDDp1ySsh7Tz8fWHdCjvd5o +8FTAcyBW72mpS5WP+FUnq0mgpHp9HrLCC3q4AQ7juJszD1PExGNW710rjMHlnrrF +w4VKyOziEAxsiuA390Ds +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE +AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx +MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 +NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP +ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk +uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 +yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS +TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW +aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A +vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm +3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE +HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 +N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb +ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 +IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY +PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC +AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 +VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy +P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx +KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx +W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 +36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR +dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY +i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC +1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY +JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E +XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL +BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx +MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 +MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP +tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot +RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ +OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd +6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw +qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T +1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 +bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc +zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB +ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ +8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ +TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD +5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy +htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL +BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ +PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf +MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx +kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY +j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE +H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 +jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R +G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 +RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ +09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm +KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq +-----END CERTIFICATE----- diff --git a/nixos/k3s/k3s-ca/request-header-ca.crt b/nixos/k3s/k3s-ca/request-header-ca.crt new file mode 100644 index 0000000..d675729 --- /dev/null +++ b/nixos/k3s/k3s-ca/request-header-ca.crt @@ -0,0 +1,81 @@ +-----BEGIN CERTIFICATE----- +MIIDbjCCAVagAwIBAgIIK1UyUU0zJ3kwDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE +AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy +MFoXDTQ0MDEyNTEyMzAyMFowKzEpMCcGA1UEAwwgazNzLXJlcXVlc3QtaGVhZGVy +LWNhQDE3MTUyNTc4MTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARAACYmLLW4 +6vaF9q1cqBefK/FQebhkwoDcuYuG597sjxQPEz8sO/yYVaNnNcVZZPqDsiF4OCOz +i9ge02pJJVXJo2MwYTAdBgNVHQ4EFgQUrVPDbR8zlHplrCIASYmcn8IrbDEwHwYD +VR0jBBgwFoAU+v1VBloKGDwkLS76al8nKpC+N2IwDwYDVR0TAQH/BAUwAwEB/zAO +BgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQELBQADggIBABlvTQJx7B0LI95sOKjM +zul35QpHoMTJOM4IrtDVUQfRutsRVaJ8z2M/2PXY0OiP8ZURaUTR63fL1lklQOMq +xDM59mcyWTEB50+yTYZNCi0qUrxI7kiOGmsCWJ1JDcRRnXonF2htPdMUr8wIOrzR +CL/HIYObEqasmTZeBlaHMc7clLB+yROveCRG91MeC8iftu/ORoqUIMVhXuR2PEQn +mupksalzL71RdOPLdL7UQzhVaABDRD0JrWsb6F198PLWiGpslwqFumyxucgd4+Xq +lb9AB/Sac/2KJH2GEGUoUMac7tJ+BNNc1T6VQUeyKDCacNRemjKxOa58ilFGvGPK +xKuuPhaN/mdZNBI1EX1m8JbCTByP5naGB7DDsP8ekMg1jvfszU+BDZSZoBgDhMmu +7Hsu/CpS8LWDzZ0KRuBsCLTYwlA1H0rp3C2ZYc/cbBexo8oyHMisMvpzM/5NMkuT +aKCQFt3HOncNG6rTltTrFaJaH9sZJxaaR6Q+pKzTtRGpx3SabZnNQkmu2MoFTKoE +vApW1wYptjOm7k5+o0a7IcWWK8FbqGOwfTAiI+mNYkiwo+qunALY0q/MiX0c7beI +qDzvjAHEt/xuWLCVqXhCy7bsgAmiukICMVflWd1Bg5OlXHa9H6sXqE1hP74Wv2bo +kBKEUETfs+HldaQgT5ontb+T +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE +AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx +MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 +NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP +ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk +uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 +yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS +TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW +aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A +vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm +3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE +HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 +N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb +ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 +IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY +PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC +AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 +VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy +P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx +KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx +W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 +36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR +dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY +i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC +1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY +JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E +XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL +BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx +MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 +MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP +tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot +RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ +OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd +6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw +qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T +1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 +bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc +zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB +ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ +8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ +TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD +5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy +htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL +BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ +PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf +MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx +kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY +j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE +H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 +jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R +G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 +RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ +09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm +KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq +-----END CERTIFICATE----- diff --git a/nixos/k3s/k3s-ca/server-ca.crt b/nixos/k3s/k3s-ca/server-ca.crt new file mode 100644 index 0000000..a87f21f --- /dev/null +++ b/nixos/k3s/k3s-ca/server-ca.crt @@ -0,0 +1,81 @@ +-----BEGIN CERTIFICATE----- +MIIDZjCCAU6gAwIBAgIIK1UyUU0zJ3gwDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE +AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy +MFoXDTQ0MDEyNTEyMzAyMFowIzEhMB8GA1UEAwwYazNzLXNlcnZlci1jYUAxNzE1 +MjU3ODEzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDhZobdYwh9+5PmK68/Pi +CETLWdTMftlpf4Kws1c1pu9diaQ2p2uAhgsdMxe8k5Su22HUG9soOsLpMfGn1fwS +dqNjMGEwHQYDVR0OBBYEFH4kXKFZ+MJI3cnwRtm2URRJk4ghMB8GA1UdIwQYMBaA +FPr9VQZaChg8JC0u+mpfJyqQvjdiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ +BAQDAgKkMA0GCSqGSIb3DQEBCwUAA4ICAQCWi/YtfU0RFX8vZenOolcbrtSiZDYO +yYuUUI3h7U1AW7Hmn3Gk0SYdNxUbJLB2sFt8s8TX+N80M5483prUi8O3CL/DTXxD +Ae4uag2MFGh0710JY0I/7paB9H9GU6T+BAKrjdru2mwlNC+DcUIY7UX5/PrmnG9z +HMt6tSdy6RuKTBu69tr/Mpdb3VZIjrEuJ/d1LrkbxEXXW+12AvBMociBXUW+7ooO +LlKji2LGFJUYvh7yjOXykjB5U75/9oBrRpASFkGqwcXk7c89UEL9RiPDLqAm6u1U +YoE8U9mZtgTV2E4DKUbamdeVRFalJMw1Pp6WrSLsK1wBgWxydEz8djUg8WLf01ml +mRtLH7AKgFy3u5s+fxMQMGSfSmSjzsV3HCKb8bssk8bm0Q4wLznqW1ClKTbBRdDb +lE0BkI0cJqaTkjBkcuPUd9yCEUT3mCFRPIqpiYAqzPwudZ9PynZVd4NfrItpEw1V +7hVFjN2q524LK3moPFd/adfEenZEXbkaUimUloADmnR/fuTjvqkUh0OVCta3SMTd +GjhMBidfBaDPs+b/wpI4oo3JzKL9U0AqDH9/KOsJk2W38VE8z+exgY0eU2E6HOaz +O18nrHF+eMY65Zxird7xLmu+I0h1aF0qp37ejBZnWMxawQwb0km0IcVE4xzixQ9F +NBWX9TfSjd17Tg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE +AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx +MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1 +NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP +ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk +uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4 +yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS +TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW +aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A +vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm +3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE +HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0 +N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb +ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5 +IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY +PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC +AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5 +VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy +P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx +KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx +W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6 +36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR +dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY +i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC +1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY +JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E +XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL +BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx +MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3 +MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP +tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot +RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ +OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd +6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw +qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T +1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9 +bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc +zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB +ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ +8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/ +TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD +5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy +htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL +BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ +PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf +MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx +kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY +j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE +H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0 +jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R +G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0 +RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+ +09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm +KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq +-----END CERTIFICATE----- diff --git a/nixos/prometheus.nix b/nixos/prometheus.nix index 5714894..6735607 100644 --- a/nixos/prometheus.nix +++ b/nixos/prometheus.nix @@ -37,7 +37,7 @@ } ]; } - ) ["lewis" "atlas" "jefke"]; + ) ["lewis" "jefke"]; pikvm = { job_name = "pikvm"; diff --git a/nixos/server.nix b/nixos/server.nix index 5ce064e..270bacf 100644 --- a/nixos/server.nix +++ b/nixos/server.nix @@ -29,6 +29,11 @@ }; }; + boot.loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + services = { openssh.enable = true; prometheus.exporters.node.enable = true; @@ -49,7 +54,7 @@ }; sops.secrets."tailscale/authKey" = { - sopsFile = "${self}/secrets/servers.sops.yaml"; + sopsFile = "${self}/secrets/servers.yaml"; }; }; } diff --git a/secrets/atlas/colmena.yaml b/secrets/atlas/colmena.yaml new file mode 100644 index 0000000..aeb1bc1 --- /dev/null +++ b/secrets/atlas/colmena.yaml @@ -0,0 +1,49 @@ +sops_nix_keys: + root: ENC[AES256_GCM,data:T0s44DmC+XgBcXaZ3czEzR3vyjSaYq3k+1NWiVOVqC6GCKIYh5v29R0L7MSStnxfAl3SoDM9rGX4J9aQdzNK0TqEHRgMQxcNsOI=,iv:gbz0I6H7g4VQhto/nIANxRtBNdJ/N0a21i0g99tNoDQ=,tag:0R3FnkiWMc8r7yXGj/yVMg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1unkshctcpucc298kmw9a0qzvtjzgdnjytrxr5p750dv0z95feymqpn68qf + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhbzRsREZKRU42WU0zaFFR + RnZCNmY1MW0vWnl3MG5mbFR3aEdXUVY5WkN3Cit2Q3lUcGg5RWxoQTlnUkhqUlR4 + OTZvOG4yTVc1dVhQMjhqaDRhQ2t2aWMKLS0tIFhxcm96ZTI1Rk1IOCtGbXRZRkRM + b1BDUnBGeUVlKzFaa3NRdzlwOGVlamMK21VcIBiXskcDE6y/Dpg7s9qVpCBVeM3s + vXi/0Vj52kASCm65ejbgalAivIkMXxuEI02XsSj2xnxtfOrFckPC1w== + -----END AGE ENCRYPTED FILE----- + - recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvY0FLdytRaG1NOUQ2Wmxl + T1kyYnpXVWVsdk41TmxOanh6V3UzaitpTG0wCmVPNVN4V2NDem1YcW5iSUdka3Br + R2c2cE40Vm4rbHJ3TWVKZE9kTEJVbzAKLS0tIHpGV2hrZGs2NVRBVC9OVkJhcG5B + cWNNWjcxaEN1V3FmUXRhYUNKME9CbDQKb00wAYmF9W1qFQSKRe834gIyW8jRU/W/ + d9ErijuI9CZIP7D5PMYeePLvQqr4gjX0Mbj0AHhq4o5Qirx9cwhm4g== + -----END AGE ENCRYPTED FILE----- + - recipient: age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4TjJLMkREY2Rhd3FncHIr + N0hVczhRbDkzM2JERjhIbHU0M3lrNTVrYjIwClJVVytnd0JKU2ovaUpZZTBTN2Yx + MkxoNjhXem1kdis1ZFhLbklGOFNCY28KLS0tIHc3NU5wRndFOS83TkE5OXN0MGRD + cG44QXJEL04xZ0U4V0pzVzUybFZFRXMK2wDBMgLRdnlvLGjiRdsNPi/uHNppcvjM + OGMS8NZgKazWTkKfR0dWSrvHI1o4TN9KYo/5/BhPyK2Xlj6FV98fRg== + -----END AGE ENCRYPTED FILE----- + - recipient: age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0TWVlRDdNYlRYMDhwcThO + T1d0eGRJNHlNWVFOVGVMbzFIU0hBajZMZWl3ClJ6OU1nSUN1YjkyTHd2RDQwSkdN + NzFpWndrS2RWWDBjY3RaejZCTnlMMkkKLS0tIFI5SnE2QzB3aXV6eTk3LzNRUkt3 + N0FNeml5K1hlcjZBVVpCMFF0WXVxYzgKhShdyYdmF+0K4rlIywVlwjVe89hmAvC+ + cN+tMcxYPd+QFzR8QDnTyncp7sBh5TcbTi5pJEuhpRyTFGRy6ovasQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-12-01T11:22:03Z" + mac: ENC[AES256_GCM,data:XvARePc6FEmp+rY39fuBHfWsezUd6zyQdfHzWPBmBb7dRf/A6tr0J7XyUL+Ex+rFnFg+JRbBFIy+fqByDZn8aQyVqOnyCgGKuSNDXcyZ1/KGwxS5PW7N95x0Vo4TJI9JxmedCfxIdQH6Tat1VlyKRgTG2viZ3WFnWwe/UBaX+Ok=,iv:gdAOTRTQPfjDTYDsQJnkIs8maa1D98nFp7gn9QKgQGg=,tag:9Uw9PoOknp8cxsrNZiO/RQ==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1 diff --git a/secrets/kubernetes.yaml b/secrets/kubernetes.yaml new file mode 100644 index 0000000..c5030bd --- /dev/null +++ b/secrets/kubernetes.yaml @@ -0,0 +1,57 @@ +k3s: + serverToken: ENC[AES256_GCM,data:aN3SLcqz8KgR3/UUR+bUSAhj4qOcMJbsWPHS7XLSY0w=,iv:eRtTp4QfZsehPX601JVs22DRI1gTLqtJy5+9LCSJ3A4=,tag:XwXwTotedP4ln0M1n4uj0g==,type:str] + keys: + clientCAKey: ENC[AES256_GCM,data:ljlXAgOeKvbX737YwFYlvSo02PxiElszJW50xMHDgKonIN4iofuuP0kMEx4aCZsfE0pqD1MwcJcUyXG3wS3TtmMAojttNC+8wunyVanTV/sS9mYrUHEGIbw+sGsoTaCzWoNAbnMeR1gNrNxx9tOVOaYOgfWKy5VMqjR3yq5q8vZweCwmt4vjHYoRK/mBe62uEd262qEap7O1qwiBhIE9Ax7fPEAoQplFOZdeXF1ruOlVBZWMttlB9PWFOVqGjDBroeej21VIH8OPKGZDt2WNjlK0SYSDnKiPpij4njGIzHbAF5k=,iv:6jd6Hlehiyzgthh225slmSbkO9OOmkhlqPokFpcCNLY=,tag:/S/ZXD++FzXVDP4qPtExoQ==,type:str] + requestHeaderCAKey: ENC[AES256_GCM,data:MtyWGTL/D3xNYHo1ripVYteg5sLRODsX0bo6TThAymJIOfqJpcq6nBrbYiSED1g2Vsw0KLhBewzP+s00cgBS0lyySxFzErEgnxV245zrNmAJJd05VKDK73r+k3iYxTxLQu/lcqe+3C8KYqck4jMMixxsl3n7UYPXePlbLa728WMhIpdwwWR2mrWeLyhDXPPvSMsj17RxMXTtM2uNdXJVByFvNNAGdCJEozZA5iB07Jvky11MT9xCd5z9QhMZtUgJRNXgsIjVKSlyh731WTgyZHntBTpUnCVvuOjuAKBr7RNCshk=,iv:INOto4bwLTBrX2rwaYNEsQAARtDoIEaedQuNNbCjyzM=,tag:daSBV1B3pA9d2F5o3aeguA==,type:str] + serverCAKey: ENC[AES256_GCM,data:JMCEyW6DJ/dt4VLdOHV/G7HJNlpEeyR8DtpxVvEVIvebuwEZONqZvNhdj+TmkWs6zTPca1OaTBMixTI+g+PMeqwsjZmxtOSM9mXtprcbztW2I8DHqP68Y+r5fqLQTqbdFNXRcXi8hCoIZPPP7wDkRRTsD/9XIUrQzEMqlFymrCMGQNgYv7AJ6/gvFK+gCG8kwVm8PnyGfwl/f/WZlafwS/pTxkNByRLlgo7ZMaXpdGSq8hpj9KQSkdtF6uJgSL0IYKBsmkYs3+UFQuUBYZa8vPyZxmt9luDO+kCnUCH29/j7o60=,iv:fBPnPHrO1P1Y2Me+m7a5YwnGsmH85Em/tR/7tPkdfdM=,tag:LjazNgPpKjkp4zE57OxG0A==,type:str] + serviceKey: ENC[AES256_GCM,data:d6G81RNRMyqjq42eeGhsjmocMHnzK/fTzDsw8vrVOpj0XGAapy+ksvoxOXaotR6ArZJTntkPsHwWVWec5rNQKmLmKRiQzzDW8JwWt0HmQ9otnSDUqSHK/6yK9Tiqtoz2fmyLxU4uZftbsMGzP3zsAjA6S6b++X5fDQgYesV7qNyQBtgHUXPj2rxOkASclhuHAJ290g79SCAy7G4cjEVLV1AzglHqysurx1uZSFXWRZS2LXgz30U1GDooAue71tHpJHUBW+UgIhedsPdXUw1ST7T6Zd0u9tfEanCf57GrUb6Tvc3Cb0uSNxAO9R3iB8Fd2bQ0rvZCwfO4lprzus6jhwy93h+1sGplPaoBhgSx/I4khWsr+wB0bGbZYP0xRu0XFEnlJLvwZFjF8vakqU89gQpE415gXm99dD35mDFn5J2sfrgXDAVZHbi9L6CPFjrAOz4D9lzVYOVYDleSDosC5aDUT1nXSSjGPvTHgiaJviClbWn2fHXy+4wx+zyapBTTnYI412aNBhq8R2Inbo230AOe6VQ4DV78RDXh5W0ZZXz0dBIB6KdF03XimnO0ONN5am83x0BNx/d5/95a0Si/FdMUNpThWVcpUO9wXIhe7Z8jUWXvnX7IrfibQNPR0S3gLvp4uiNz/9iMDLNcwX9JQDr9nPAPP4PvftVC+Ip2TM6ZHAib628Ma0+4E8i//yg6ZgMzoW+of03sg9lVNWVB98JoLkabVhKEpoLx8dscR63ehEtD06uSLyI7ajZCDWTUa60lPpBat9urEDjmaoZJnb0OntlWBc/eNRvcKK+XkfqSotLyQ7nTZs5zvFFMo4hqi5G6jUNzOAeUCfOkabiZj47XNUuAUQy72qhbU/RMqZNHJ9/+Iy7o0B++ompH2GGxiO8d+TvvCg28UI9e1YUgzKrmY95vgy34LTtSMdnxwoMjdXP68tUOON/UaoL9i2sRE93S0x/rG/R04OzJI0p0JlkPTmrNkRwQ1SEdctVMsffdC55BTY3vVA/hNZJtkUUNoukfX9p2soImX836wM3LZAsGwCUWBuxzVCdK/VN5PY4tgTTJdbQSr4KkdBdyu8KATODDoCNiIHCIcOoiT6+OXJG2oTYDgM9iXwhrg7QJmwdU1SLmP2+PSsmsMvNn3/2PJIg3FSfK4ey34p7kaMQP+jmzpmvRGK9vtC7RGQputP5XgGGeuoi8uK/lEPWSrOasRLG5nzDjjYPpK0kuQQ7h0hpKC/RO1JObOCn5dYeTddoP0UD0XP3IWD7d89joLNVTWxP/I5xRf7MhW7Jreh0Gi0PE2VHXnCKbz00Ev4u/S0VV74s8pVst8ZJ0gd6U7Jn5NvuZ9OSJTsaO7emSfbrFsxAJwUxWPhSX4y/TF140/jKXUMFGrDoDftuJX3Vbl6aij7W7aX8BALyaPub5i5XCJR5WVn008infJv4+g3ViGVz+T9g/S8O9YTh22493H4u7qbfIjW7qHADtIMKX08kBieiD3v9H2ZEsd0trvRB/ZJp8AZwIuayqBBWK2GNO8xd3RWgk6rZbQqIYZGL/mxfIyXtHVKwL5vCKbq/as6oeKkcKoLJsJiDgRoJQ8Q35hhn/eN1jU97+o+kAv6nk8BCr1crzO2hbFuuTiidpMNta56+7zC6ROslaEqEHLz3pDBR5EpxdYZNTiIq+FD0hge6GMftxjjUbF0Ld+btq23xmG3rFTf3ZUCC+9lWE1ao8YozpetqQoWPRgYlYzZ3t3fvkq2vQrjStLh65kUMHOJ2uCM9r7zjsZ4pOfNyqlkm/pTH4oGfL2o30WmqmFIS+kUiDolRTNGlm2CVzxfF0rxZ2y3HDqmx18YbebeYF6gL7dj7sis/fhM3ISnFPkRYt1AGfD6n9GDAtSvegtEw4MSc7CUI706EWKbBFwZqPPB345NrEF1ETQl8dj/Lxgipdzq1efpwMEWAnOfLWC0zvowDl9fk27k79ZK+OcU8++D3Jc/vEWHUSOhy9379GE8zd6dzRfQ8mzP+dFlRxZxf+LfpvCGasPha642xTqmwc9vwu5jBupl9dcWFKxghOPywKnBKhmjERQwTnjnKuBKDvke8A9vmbojYQ/A6Ed1TyCEQg4Ixf6O3BVYXKJBevUCPP3AzrXwoPSRz3AbKpAKJj2t3HlEv8RP2BKpezgxTODwOFs1/9XyRY6y39PepbWlJCbb7UwuOhGSvAtFoRxW/eDkhr8xmTRuGK84OZ/gbO1EJMj1w=,iv:HTujeO+X5o3LetBhc5vBbJMtTGo7vU7bxAa9utIfCGk=,tag:eyPbTjow0MYwa7tyb4Me2g==,type:str] + etcd: + peerCAKey: ENC[AES256_GCM,data:guzHtQx+rn778FE3omR7h5VrFvMcR1pVeIRT19b6i1ZyfR1YLAEyzZU/gAiokb3XDNF+UcR2D0zR7ra9k7WcNtyHlskU7vctT2iURssexMS9XbbS3nlklx0utsqO1KKeuLI+bU+/cuf4zAYxoSKpO8NcqBhfTRlNu53IBF+mHZtSQ5BbWlOjvHiBXMxRMNiTRvzC0XlkSFOF7ERslWPkOWDkIuKv6Jd+LuQ3tnxIpjp4g9HSsmLlARf9IdVp9qpeZMXrnjfyLmbNABVYPL6XJHyMudYtzG+tpwW08Q6qKZy2KEw=,iv:tnGOwMyDQOXzguTh4pBJumpaV5ObgAT50qtPIu5u9O4=,tag:agUs9H7i7Mm5rAFj3eligw==,type:str] + serverCAKey: ENC[AES256_GCM,data:S79OqkFK+z7+YecsH8Mdlel8+T50rhBnixfB9047uCZIIZ6LsxknGs1wkCAFPnymUVEzIIGW3lCog9xIvIWJSfV4wh2TMOetPGj95OBV0zQy4vdMhHHt2OV5+R6e262n0FwaQkn+kndPlVvnlPnFbkiQys0vO8GashWWddyBGQf6P/5TvYuJtz+qjW1FsrtjDTu77Vn85y7bYRENQ1o6sZxevftTHnEjSmvWHgcYey0TytkIYZpMHm1G1Up3+HtgiFAFDy1VtSv913El5W4EfLeRhV3B51ktG+SR0bxfMv/P+qU=,iv:UkWTAXYiaRqptN4PyCfMDot20Ln+/QkPIBSGabJSj+c=,tag:I056m8hcwNyOkoxsNRjYXw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1unkshctcpucc298kmw9a0qzvtjzgdnjytrxr5p750dv0z95feymqpn68qf + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBydkpsSG1xaWxHakRVVVQv + MFBMOUlib0dHcGh3eTEwNVArL2xQWkpRN21JClJLU2JWY05jeHU0bmxiVnRxVVpB + NXpqcy81THlkc1A4ek5STUhTSjlqak0KLS0tIDFjMVVYK0d1M2N6bkdQYUVzU0Z4 + ZnVqbXFlYUE4QlFBc215TlBuMDQ5eWsKRxmlAwmMyGUaH1MIiurH0pHaOIpn/wvs + xY9J3fz93bFoCJKnCQTocBetJFwhX1tQxIYigb6aIEnLdW+oX8YhSw== + -----END AGE ENCRYPTED FILE----- + - recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKT25UeUZ3R2dCb3hvY3JF + L1dOOEFXT2o1emd0UnhXS2M4NTJvZVhuK2lZCnllbVBVSE5UWUNoQ1RuSVh5VExn + REJJT3NaSjJlYWRNNzZqNnRBU1BKV1kKLS0tIEJZUHQ0SUEyMEJURStuUlVETlp4 + eTBqcnprME96dXY0dFQzTUZnWm5MOFEK+Oy3EqmhjFzARg0l7SQeh6Krg1ET35K7 + lgC7L1NSUCOQ0Xzom5X3FruDvy7NF0S9fcBqKfOyXu7dlxllE2YnWA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3L2xGUzdJZ1lDTGFMd01M + d2IvdjgyT0VoOTJQQ0I2czYvT3lrcTlySEFBCmFXWkZCbGtxTzBEZW5kMEswUUdO + bFk4T2w4TklCYTFLV2tmNStxZnZOb2cKLS0tIDVuVlVORXJwT1MrN3FjbFBMNkNo + blBBUmhKOHBLUiswWXNkUmhTSktnQmMKFZoogOuE1AVgRPSo67uFbK3kHmnxJoaP + v1uBBi5RqmQ316bkaEtMFx6psE4+khQh21D+vzysqbfosNelk2mABA== + -----END AGE ENCRYPTED FILE----- + - recipient: age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5ZmRQRmlTcDhQNndaekV0 + dFF5cEZURDFoaVVEMkZzVjAwd1BuSEdUaEdRCnJpa2xNSyt2THdLUmxwWENYSHVK + WGFDOVRaVkthZ28zaGtkTVRkL3RiWjQKLS0tIEdSN3ZiSmNDT21tZDlZZm1xdVdT + TG9EdmlqaXFZbHhhWWk5Tktia0pOek0KLlTkPkW/+1/v0lEOlL1gW/eZVpz97FPq + Oh3TagzRj0/bZo9PbLsqc/RF4rwXnIS0xUgmnu3tgOAQWaboa9Kx2g== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-12-01T11:24:36Z" + mac: ENC[AES256_GCM,data:aQQPjSLHgvBPU0eZA95qFoRsklw3Jaj2N42DpKSheDoSJ5SwWV1GK0IJqkis71eBpMG9Mjn2wWj/1IdU1upRqfZU5dwNPdVXFb2+qPZyTkz1jhvBVTRGUNedd/L3t2a2nsaj5frZyzUPBELMs7n335pB9I36e+xOgTmA8OW3XAE=,iv:UI82ZmzcXtjO9fv2bSBZVVzNs7uvlopyxKXW+wBmNf8=,tag:HySaRX4Ihpnx+a8lASHicw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1 diff --git a/secrets/servers.sops.yaml b/secrets/servers.sops.yaml deleted file mode 100644 index 68b0b43..0000000 --- a/secrets/servers.sops.yaml +++ /dev/null @@ -1,49 +0,0 @@ -tailscale: - authKey: ENC[AES256_GCM,data:3eXxQBY6AVqU4R1NlsyhGCfXW5wL58ODRH/f+zo5YFRad/ys1vB9JeKagq0SJSj/w4zxRAEpCf1o47Ypww==,iv:QklyIFuXlbH6cM/I0gqDH/Xeay9gqxqeyulQ7W/dbig=,tag:E/3UqtsfSVOi6otSlReO0Q==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1th8rdw4fs3vmgy9gzc0k9xy88tddjj4vasepckfx9h4nlzsg3q3q4cjgwu - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQcjVsVnNxcGlibnJDSWxE - NEtERm5xS3RRc0QvK09rOEdCYytlZUliaEVNCjZYR2l0Y3dhUDdGVGNwSlRLaTFa - WkZSKzJpVXBCUXhqZldMSis3UHpTQW8KLS0tIEI5V3FMR2xaeEpzMzZYdHo4YWNJ - MHBMeVpaMi9lTjFwcVVsUm1jR255UmsKxvOywqqgMfpQ1TngUmtxH80So10Yd+R2 - I9+1chjRTAnHemtUU1154cL591b3BV5FHO3DpoiyY3MoxD2IC9PtzA== - -----END AGE ENCRYPTED FILE----- - - recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXbVVVVEI0b3hpd3hyU2Vp - V1ZNejBUOUp6NU12dVgraTlrbDNDdmxENVEwCkJobDdObTVwcXB4a3pxUnM3QlVR - d253eUxnVlpnaTRPWFZXYnVoaW5jK00KLS0tIGRnbVhFMFk4aCtpMk9hSEJYT3ZZ - dVUwOTlCVXFoSTl0VjBaQm9BWkJyQTQKuPdUd32RaHmBvdyan4O5FRzUC4q8WtlQ - NXIhBUIVQgA8ns7HMP1Q5MxFg4s3I2dhUKq5qs6430+M+cVKF3wGEA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwRkVnOHZoaXo5SGRiRzdU - KzdiRWNQMXRvQ2g2WG5GVWRNUzJkemd0ZzJBCnBtM1IwWVJ3L1BxakR0MFRTcm1I - cjVqdDEyRDNjbCtFNnk5aWd4L0tVR3cKLS0tIFJ1a2d3dzA2cWFESFlzbnRzc3FH - L21Hd2oyR0pWaTZONDByN0NrMS9lTDAKcMkHaUsUfV/kZBvT+UN8f+QTIvqJjmMY - 7sVMAumtvBNhKs9OxMlPqiWvaeLtgGoExYZqq05VwWTHxYXLouPnuQ== - -----END AGE ENCRYPTED FILE----- - - recipient: age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaZEw4R3VvdEtjK2VSa3Bu - QzZ0dWU3Uk16TkVDaldEdzN6ZWduZERyd25NCmRzdWlEZ2V2SEc4VnczbE9yc0FX - eTZXemQxaU5LOXFzWmlmYTc3YWFvYUEKLS0tIFRwOHVIcUR2ejN5NHdSQ2N6c3hL - elZ6STcwTHZXZGI5Sk0yamtQN3lhcm8KWa4JI1H+pcav7ZwCZgUMXk+lsxFewD4O - 1AOnFdamXZkUHN+zZB1zN6YJvHhUEaq2NiGAhc+ZLAc1sb5yeqd/2Q== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-30T18:44:29Z" - mac: ENC[AES256_GCM,data:SG6a5pWa3gMaSz9d9fOchUXtXbRTpMOXmbOjZo5Fdx8Es1MEDwezwscQaj9p1dzmGa+7U8UUUzMYxlg2SmGgGdPgCs0a5RQVYvQFNdgpRiuknflFMcdgXLv7XFsTqsqSmbN0O662YDvCcz4DWRKjNCZAimlLym8pwDihj1D8dcU=,iv:JmCbcazDK2KPyYsoVy39sr4IbfiGfmGoopit5ojVADk=,tag:6tKYfMkJBjsThaa4qLqobw==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.1 diff --git a/secrets/servers.yaml b/secrets/servers.yaml new file mode 100644 index 0000000..57863c7 --- /dev/null +++ b/secrets/servers.yaml @@ -0,0 +1,58 @@ +tailscale: + authKey: ENC[AES256_GCM,data:3eXxQBY6AVqU4R1NlsyhGCfXW5wL58ODRH/f+zo5YFRad/ys1vB9JeKagq0SJSj/w4zxRAEpCf1o47Ypww==,iv:QklyIFuXlbH6cM/I0gqDH/Xeay9gqxqeyulQ7W/dbig=,tag:E/3UqtsfSVOi6otSlReO0Q==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1th8rdw4fs3vmgy9gzc0k9xy88tddjj4vasepckfx9h4nlzsg3q3q4cjgwu + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNek1aa2tGdHBsSnFUYndR + OTg3R25uYW1keE5RTnBKbmV5dmpaSmpad3cwCmVOaFpPd2FnR3c0eUlzQTJVN2RK + Nm1OR0w5U3BOcXZVc0VFd3FsdGdoaTgKLS0tIHJOSmVZeXFmaUdVSkoyRFdia3pG + cmZndERUbHZnMzQyRVhodE9FV2VkUWsKSY/J6aRDzklUXx59N437zmB2cdapqZPJ + 5OJfarR+qz94b23yg2QiOA7zBxPQOWK8o0o7HoebGGAw9v3sE5uUbQ== + -----END AGE ENCRYPTED FILE----- + - recipient: age1unkshctcpucc298kmw9a0qzvtjzgdnjytrxr5p750dv0z95feymqpn68qf + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2bVMzbkRQNTk2Mlhkano1 + ZXU1N0k4MzZjajJqR2dRVzZNZEhPVVpFVERNCjF2NktabUp3OC9lNE5abTR0aWl2 + ZmluU2RmaDNvNzZSNElwb1RiSnpJSTQKLS0tIHdMWUh0SGV6SnJwWmRPSGNMNS9p + RzlIUjB0UVhtMWtDa293MWM2dmZSN3cKyamVEfKmbcIbALjHzKLxTZU+84EoJ+iU + huGmYbjti5+2e8rje6konc4Z5GSjhe6JbEOTK3hCiCGdY/vujAvClg== + -----END AGE ENCRYPTED FILE----- + - recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBR0dkR09lSUpNL3cycTRv + YVI4TzNjTklJS0E2VnZtMUNOYlpCb0psbFdNCk0zeFMzR0x0NFpwak5FajhnbG9G + Sk5oSkthZE5KNDNiTXRFNEIrMzdoMDAKLS0tIFY2Z3IzWXg3R1dZT1kxSitNRzRU + WTZuaFFpdktERzFpdUJpYjR0T1BXbGsKq1jkTYnl2z+2I+FRyhpxbIRAJz3npPf5 + aPUsGG2gdyyvN2pVW8KZNlTA0xYfe2o+qSZ7I27ThfIwKjXCe6ERaA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6RS9mdHJsdUo0NFNiR1J1 + UVRCUHRjUE95WFR4dFpwM2NyU2QzVHB4eUNvCmtJSkVnbURzTU83VklYdWFtai9p + cmFMY1V4eFpnS0hlSGtaczA5NzFVSDQKLS0tIEprMzBHV040VWtpYmpYcU90a2dN + VE1SaTRxOG90NFo0emZPajJyS3hjckEKzzci9mFruHaOfoN2ktYFOjQfY/ctMHLa + wPgKuFDV5J+dVANpT650Myx/JbbvmWhfAq+/eOG0JI0xy6Vt/UabMA== + -----END AGE ENCRYPTED FILE----- + - recipient: age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGbDlhNnZFaThtU2ZmQjJC + NG5XN3dKclc5ZXArb0twN3R1SDk1RytScWdRCjV3Mlg4VFU0N2krOU81YzVMN001 + YUtiZFo5dE5HazJtSUhXOWxxaDhZOE0KLS0tIFBUZjZYdUZpTUpzUlRZNTIwTUpQ + TnVXZ0RDUkVPdVhWa2NCMXA1ZEZvS0EKCV+DGcpjvVKZESXJsQb0He/NDszVQVMO + Bqmd5zooI1PrPngI1nTiqQY95UcNQT+RMlqBycL7cQIbRFRUdhFk5A== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-30T18:44:29Z" + mac: ENC[AES256_GCM,data:SG6a5pWa3gMaSz9d9fOchUXtXbRTpMOXmbOjZo5Fdx8Es1MEDwezwscQaj9p1dzmGa+7U8UUUzMYxlg2SmGgGdPgCs0a5RQVYvQFNdgpRiuknflFMcdgXLv7XFsTqsqSmbN0O662YDvCcz4DWRKjNCZAimlLym8pwDihj1D8dcU=,iv:JmCbcazDK2KPyYsoVy39sr4IbfiGfmGoopit5ojVADk=,tag:6tKYfMkJBjsThaa4qLqobw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1