pim/nixos-configs
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Migrate Atlas to this repo

Browse source
This commit is contained in:
Pim Kunis 2024-12-01 14:33:24 +01:00
parent 459ee2c6b2
commit 0db03c8175
22 changed files with 4926 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
.sops.yaml
View file

@ -6,6 +6,7 @@ keys:
- &gamepc_pim age1qlldg2c6kptvnmvlkpf9pae3wnczk6eklcmwdvnzyvvnur3aqdcq3c3trt - &gamepc_pim age1qlldg2c6kptvnmvlkpf9pae3wnczk6eklcmwdvnzyvvnur3aqdcq3c3trt
- &warwick_root age1th8rdw4fs3vmgy9gzc0k9xy88tddjj4vasepckfx9h4nlzsg3q3q4cjgwu - &warwick_root age1th8rdw4fs3vmgy9gzc0k9xy88tddjj4vasepckfx9h4nlzsg3q3q4cjgwu
- &niels age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga - &niels age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga
- &atlas_root age1unkshctcpucc298kmw9a0qzvtjzgdnjytrxr5p750dv0z95feymqpn68qf
creation_rules: creation_rules:
- path_regex: secrets/sue/colmena.yaml - path_regex: secrets/sue/colmena.yaml
@ -32,10 +33,25 @@ creation_rules:
- *sue_pim - *sue_pim
- *sue_root - *sue_root
- *niels - *niels
- path_regex: secrets/servers.sops.yaml - path_regex: secrets/servers.yaml
key_groups: key_groups:
- age: - age:
- *warwick_root - *warwick_root
- *atlas_root
- *sue_pim
- *sue_root
- *niels
- path_regex: secrets/atlas/colmena.yaml
key_groups:
- age:
- *atlas_root
- *sue_pim
- *sue_root
- *niels
- path_regex: secrets/kubernetes.yaml
key_groups:
- age:
- *atlas_root
- *sue_pim - *sue_pim
- *sue_root - *sue_root
- *niels - *niels

7
colmena.nix
View file

@ -35,6 +35,13 @@ inputs @ {
./nixos ./nixos
]; ];
}; };
atlas = {
imports = [
(import ./machines).atlas.nixosModule
./nixos
];
};
}; };
colmenaHive = colmena.lib.makeHive self.outputs.colmena; colmenaHive = colmena.lib.makeHive self.outputs.colmena;

197
flake.lock
View file

@ -238,6 +238,38 @@
} }
}, },
"flake-compat_4": { "flake-compat_4": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_6": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1717312683, "lastModified": 1717312683,
@ -253,7 +285,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_5": { "flake-compat_7": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1673956053, "lastModified": 1673956053,
@ -290,6 +322,27 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"nix-snapshotter",
"nixpkgs"
]
},
"locked": {
"lastModified": 1704152458,
"narHash": "sha256-DS+dGw7SKygIWf9w4eNBUZsK+4Ug27NwEWmn2tnbycg=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "88a2cd8166694ba0b6cb374700799cec53aef527",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"locked": { "locked": {
"lastModified": 1659877975, "lastModified": 1659877975,
@ -325,7 +378,7 @@
}, },
"flake-utils_3": { "flake-utils_3": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1681202837, "lastModified": 1681202837,
@ -444,6 +497,27 @@
"type": "github" "type": "github"
} }
}, },
"globset": {
"inputs": {
"nixpkgs-lib": [
"nix-snapshotter",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729844927,
"narHash": "sha256-nBkQx23jgpGPk3aU2KcqJCoYvzjsKEjWBePmc2z8N3k=",
"owner": "pdtpartners",
"repo": "globset",
"rev": "eb9d9e64b7ab0a64c34ba4a5a990b66506401c35",
"type": "github"
},
"original": {
"owner": "pdtpartners",
"repo": "globset",
"type": "github"
}
},
"gnome-shell": { "gnome-shell": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -503,10 +577,33 @@
"type": "github" "type": "github"
} }
}, },
"kubenix": {
"inputs": {
"flake-compat": "flake-compat_3",
"nixpkgs": [
"nixpkgs-unstable"
],
"systems": "systems_2",
"treefmt": "treefmt"
},
"locked": {
"lastModified": 1717788185,
"narHash": "sha256-Uc6QSQqJa2lyv/1W4StwoKrjtq7cFjlKNhdrtanToGo=",
"owner": "pizzapim",
"repo": "kubenix",
"rev": "a9590abe23a2f7577bc3271d90955e9ccc2923fe",
"type": "github"
},
"original": {
"owner": "pizzapim",
"repo": "kubenix",
"type": "github"
}
},
"lanzaboote": { "lanzaboote": {
"inputs": { "inputs": {
"crane": "crane", "crane": "crane",
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_4",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_3",
"nixpkgs": [ "nixpkgs": [
@ -571,6 +668,50 @@
"type": "github" "type": "github"
} }
}, },
"nix-snapshotter": {
"inputs": {
"flake-compat": "flake-compat_5",
"flake-parts": "flake-parts_2",
"globset": "globset",
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1730022297,
"narHash": "sha256-eVMEONp3yqu0gy0RtOSEpOAueXuQsGQVqac3qCJixMU=",
"owner": "pdtpartners",
"repo": "nix-snapshotter",
"rev": "c738f1a16a8612dfc474a4424bacff7e89369ca3",
"type": "github"
},
"original": {
"owner": "pdtpartners",
"repo": "nix-snapshotter",
"type": "github"
}
},
"nixng": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1726571270,
"narHash": "sha256-LEug48WOL+mmFYtKM57e/oudgjBk2Km5zIP3p27hF8I=",
"owner": "pizzapim",
"repo": "NixNG",
"rev": "9538892da603608f0176d07d33b1265e038c0adf",
"type": "github"
},
"original": {
"owner": "pizzapim",
"ref": "dnsmasq",
"repo": "NixNG",
"type": "github"
}
},
"nixos-artwork": { "nixos-artwork": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -589,7 +730,7 @@
}, },
"nixos-cosmic": { "nixos-cosmic": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_4", "flake-compat": "flake-compat_6",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nixpkgs-stable": [ "nixpkgs-stable": [
"nixpkgs-unstable" "nixpkgs-unstable"
@ -822,8 +963,11 @@
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_2",
"git-hooks": "git-hooks", "git-hooks": "git-hooks",
"home-manager": "home-manager", "home-manager": "home-manager",
"kubenix": "kubenix",
"lanzaboote": "lanzaboote", "lanzaboote": "lanzaboote",
"nix-index-database": "nix-index-database", "nix-index-database": "nix-index-database",
"nix-snapshotter": "nix-snapshotter",
"nixng": "nixng",
"nixos-artwork": "nixos-artwork", "nixos-artwork": "nixos-artwork",
"nixos-cosmic": "nixos-cosmic", "nixos-cosmic": "nixos-cosmic",
"nixos-facter-modules": "nixos-facter-modules", "nixos-facter-modules": "nixos-facter-modules",
@ -927,12 +1071,12 @@
"base16-kitty": "base16-kitty", "base16-kitty": "base16-kitty",
"base16-tmux": "base16-tmux", "base16-tmux": "base16-tmux",
"base16-vim": "base16-vim", "base16-vim": "base16-vim",
"flake-compat": "flake-compat_5", "flake-compat": "flake-compat_7",
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_4",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_4",
"systems": "systems_3" "systems": "systems_4"
}, },
"locked": { "locked": {
"lastModified": 1726497442, "lastModified": 1726497442,
@ -974,9 +1118,8 @@
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "id": "systems",
"repo": "default", "type": "indirect"
"type": "github"
} }
}, },
"systems_3": { "systems_3": {
@ -994,6 +1137,42 @@
"type": "github" "type": "github"
} }
}, },
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt": {
"inputs": {
"nixpkgs": [
"kubenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1688026376,
"narHash": "sha256-qJmkr9BWDpqblk4E9/rCsAEl39y2n4Ycw6KRopvpUcY=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "df3f32b0cc253dfc7009b7317e8f0e7ccd70b1cf",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_5" "nixpkgs": "nixpkgs_5"

15
flake.nix
View file

@ -52,6 +52,21 @@
url = "github:lilyinstarlight/nixos-cosmic"; url = "github:lilyinstarlight/nixos-cosmic";
inputs.nixpkgs-stable.follows = "nixpkgs-unstable"; inputs.nixpkgs-stable.follows = "nixpkgs-unstable";
}; };
nix-snapshotter = {
url = "github:pdtpartners/nix-snapshotter";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
kubenix = {
url = "github:pizzapim/kubenix";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
nixng = {
url = "github:pizzapim/NixNG/dnsmasq";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = inputs @ { outputs = inputs @ {

124
machines/atlas/configuration.nix Normal file
View file

@ -0,0 +1,124 @@
{config, ...}: {
config = {
facter.reportPath = ./facter.json;
networking.hostName = "atlas";
system.stateVersion = "23.05";
users.users.root.openssh.authorizedKeys.keys = config.pim.ssh.keys.pim ++ config.pim.ssh.keys.niels;
sops.age.keyFile = "/root/.config/sops/age/keys.txt";
deployment = {
targetHost = "atlas";
targetUser = "root";
tags = ["server"];
};
pim = {
sops-nix.usersWithSopsKeys = ["root"];
k3s = {
enable = true;
serverAddr = "https://jefke.dmz:6443";
};
};
disko.devices = {
disk = {
nvme = {
device = "/dev/nvme0n1";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
type = "EF00";
size = "500M";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
pv_os = {
size = "79G";
content = {
type = "lvm_pv";
vg = "vg_os";
};
};
pv_nvme_extra = {
size = "100%";
content = {
type = "lvm_pv";
vg = "vg_data";
};
};
};
};
};
sata = {
device = "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions.pv_sata = {
size = "100%";
content = {
type = "lvm_pv";
vg = "vg_data";
};
};
};
};
};
lvm_vg = {
vg_os = {
type = "lvm_vg";
lvs = {
root = {
size = "75G";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = ["defaults"];
};
};
swap = {
size = "100%FREE";
content.type = "swap";
};
};
};
vg_data = {
type = "lvm_vg";
lvs.longhorn = {
size = "100%FREE";
content = {
type = "filesystem";
format = "xfs";
mountpoint = "/mnt/longhorn";
};
};
};
};
};
};
}

3758
machines/atlas/facter.json Normal file
View file

File diff suppressed because it is too large Load diff

5
machines/default.nix
View file

@ -13,4 +13,9 @@
system = "aarch64-linux"; system = "aarch64-linux";
nixosModule = import ./warwick/configuration.nix; nixosModule = import ./warwick/configuration.nix;
}; };
atlas = {
system = "x86_64-linux";
nixosModule = import ./atlas/configuration.nix;
};
} }

1
machines/warwick/configuration.nix
View file

@ -29,6 +29,7 @@
buildOnTarget = true; buildOnTarget = true;
}; };
boot.loader.systemd-boot.enable = lib.mkForce false;
users.users.root.openssh.authorizedKeys.keys = config.pim.ssh.keys.pim ++ config.pim.ssh.keys.niels; users.users.root.openssh.authorizedKeys.keys = config.pim.ssh.keys.pim ++ config.pim.ssh.keys.niels;
sops.age.keyFile = "/root/.config/sops/age/keys.txt"; sops.age.keyFile = "/root/.config/sops/age/keys.txt";

2
nixos/default.nix
View file

@ -12,6 +12,7 @@
inputs.nixos-facter-modules.nixosModules.facter inputs.nixos-facter-modules.nixosModules.facter
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
inputs.nix-snapshotter.nixosModules.nix-snapshotter
./lanzaboote.nix ./lanzaboote.nix
./tidal.nix ./tidal.nix
./stylix.nix ./stylix.nix
@ -23,6 +24,7 @@
./desktop.nix ./desktop.nix
./server.nix ./server.nix
./prometheus.nix ./prometheus.nix
./k3s
]; ];
options = { options = {

20
nixos/k3s/bootstrap.nix Normal file
View file

@ -0,0 +1,20 @@
{kubenix, ...}: {
imports = [kubenix.modules.k8s];
kubernetes.resources.clusterRoleBindings.cluster-admins = {
roleRef = {
apiGroup = "rbac.authorization.k8s.io";
kind = "ClusterRole";
name = "cluster-admin";
};
subjects = [
{
kind = "User";
name = "pim";
}
{
kind = "User";
name = "niels";
}
];
};
}

213
nixos/k3s/default.nix Normal file
View file

@ -0,0 +1,213 @@
{
self,
inputs,
pkgs,
lib,
config,
...
}: let
cfg = config.pim.k3s;
in {
options.pim.k3s = {
enable = lib.mkOption {
default = false;
type = lib.types.bool;
description = ''
Whether to run k3s on this server.
'';
};
role = lib.mkOption {
default = "server";
type = lib.types.str;
description = ''
Whether to run k3s as a server or an agent.
'';
};
clusterInit = lib.mkOption {
default = false;
type = lib.types.bool;
description = ''
Whether this node should initialize the K8s cluster.
'';
};
serverAddr = lib.mkOption {
default = null;
type = with lib.types; nullOr str;
description = ''
Address of the server whose cluster this server should join.
Leaving this empty will make the server initialize the cluster.
'';
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [
k3s
openiscsi # Required for Longhorn
nfs-utils # Required for Longhorn
];
# TODO!!!!!
networking = {
nftables.enable = lib.mkForce false;
firewall.enable = lib.mkForce false;
};
virtualisation.containerd = {
enable = true;
settings = {
version = 2;
proxy_plugins.nix = {
type = "snapshot";
address = "/run/nix-snapshotter/nix-snapshotter.sock";
};
plugins = let
k3s-cni-plugins = pkgs.buildEnv {
name = "k3s-cni-plugins";
paths = with pkgs; [
cni-plugins
cni-plugin-flannel
];
};
in {
"io.containerd.grpc.v1.cri" = {
stream_server_address = "127.0.0.1";
stream_server_port = "10010";
enable_selinux = false;
enable_unprivileged_ports = true;
enable_unprivileged_icmp = true;
disable_apparmor = true;
disable_cgroup = true;
restrict_oom_score_adj = true;
sandbox_image = "rancher/mirrored-pause:3.6";
containerd.snapshotter = "nix";
cni = {
conf_dir = "/var/lib/rancher/k3s/agent/etc/cni/net.d/";
bin_dir = "${k3s-cni-plugins}/bin";
};
};
"io.containerd.transfer.v1.local".unpack_config = [
{
platform = "linux/amd64";
snapshotter = "nix";
}
];
};
};
};
services = {
nix-snapshotter.enable = true;
k3s = let
serverFlagList = [
"--image-service-endpoint=unix:///run/nix-snapshotter/nix-snapshotter.sock"
"--snapshotter=overlayfs"
"--container-runtime-endpoint=unix:///run/containerd/containerd.sock"
"--tls-san=${config.networking.fqdn}"
"--disable=servicelb"
"--cluster-cidr=10.42.0.0/16,2001:cafe:42::/56"
"--service-cidr=10.43.0.0/16,2001:cafe:43::/112"
];
serverFlags = builtins.concatStringsSep " " serverFlagList;
in {
enable = true;
role = cfg.role;
tokenFile = config.sops.secrets."k3s/serverToken".path;
extraFlags = lib.mkIf (cfg.role == "server") (lib.mkForce serverFlags);
clusterInit = cfg.clusterInit;
serverAddr = lib.mkIf (! (cfg.serverAddr == null)) cfg.serverAddr;
};
# Required for Longhorn
openiscsi = {
enable = true;
name = "iqn.2016-04.com.open-iscsi:${config.networking.fqdn}";
};
};
# HACK: Symlink binaries to /usr/local/bin such that Longhorn can find them
# when they use nsenter.
# https://github.com/longhorn/longhorn/issues/2166#issuecomment-1740179416
systemd.tmpfiles.rules = [
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
system.activationScripts = {
k3s-bootstrap = lib.mkIf (cfg.role == "server") {
text = (
let
k3sBootstrapFile =
(inputs.kubenix.evalModules.x86_64-linux {
module = import ./bootstrap.nix;
})
.config
.kubernetes
.result;
in ''
mkdir -p /var/lib/rancher/k3s/server/manifests
ln -sf ${k3sBootstrapFile} /var/lib/rancher/k3s/server/manifests/k3s-bootstrap.json
''
);
};
k3s-certs = lib.mkIf (cfg.role == "server") {
text = ''
mkdir -p /var/lib/rancher/k3s/server/tls/etcd
cp -f ${./k3s-ca/server-ca.crt} /var/lib/rancher/k3s/server/tls/server-ca.crt
cp -f ${./k3s-ca/client-ca.crt} /var/lib/rancher/k3s/server/tls/client-ca.crt
cp -f ${./k3s-ca/request-header-ca.crt} /var/lib/rancher/k3s/server/tls/request-header-ca.crt
cp -f ${./k3s-ca/etcd/peer-ca.crt} /var/lib/rancher/k3s/server/tls/etcd/peer-ca.crt
cp -f ${./k3s-ca/etcd/server-ca.crt} /var/lib/rancher/k3s/server/tls/etcd/server-ca.crt
'';
};
};
sops.secrets = let
keyPathBase = "/var/lib/rancher/k3s/server/tls";
in {
"k3s/serverToken" = {
sopsFile = "${self}/secrets/kubernetes.yaml";
};
"k3s/keys/clientCAKey" = {
sopsFile = "${self}/secrets/kubernetes.yaml";
path = "${keyPathBase}/client-ca.key";
};
"k3s/keys/requestHeaderCAKey" = {
sopsFile = "${self}/secrets/kubernetes.yaml";
path = "${keyPathBase}/request-header-ca.key";
};
"k3s/keys/serverCAKey" = {
sopsFile = "${self}/secrets/kubernetes.yaml";
path = "${keyPathBase}/server-ca.key";
};
"k3s/keys/serviceKey" = {
sopsFile = "${self}/secrets/kubernetes.yaml";
path = "${keyPathBase}/service.key";
};
"k3s/keys/etcd/peerCAKey" = {
sopsFile = "${self}/secrets/kubernetes.yaml";
path = "${keyPathBase}/etcd/peer-ca.key";
};
"k3s/keys/etcd/serverCAKey" = {
sopsFile = "${self}/secrets/kubernetes.yaml";
path = "${keyPathBase}/etcd/server-ca.key";
};
};
};
}

81
nixos/k3s/k3s-ca/client-ca.crt Normal file
View file

@ -0,0 +1,81 @@
-----BEGIN CERTIFICATE-----
MIIDZjCCAU6gAwIBAgIIK1UyUU0zJ3cwDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE
AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy
MFoXDTQ0MDEyNTEyMzAyMFowIzEhMB8GA1UEAwwYazNzLWNsaWVudC1jYUAxNzE1
MjU3ODEzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBB8Y6sNAW10pxocoKo71
BTJXo7gwFSxotKxht5rinAmpvVEZnRlIDcjtdRZ0mqTT3I8SXrhGtWjdTP37cmM1
/KNjMGEwHQYDVR0OBBYEFA0aYftOY6QKQhCiWi2U3JEkGfqJMB8GA1UdIwQYMBaA
FPr9VQZaChg8JC0u+mpfJyqQvjdiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
BAQDAgKkMA0GCSqGSIb3DQEBCwUAA4ICAQDDGSh4gVbI5zjCrHn4yFt/XdGq1MML
8wJf2UvRCddQULwhuWae21P5i6cGks3v3Yqd9h+uZJ2JKl6heChuq1/vZBQ9Y31G
LuRvaGdJnzgu2S1UQMUbkc39lgJf8j20XMK4NsIOP1N3rU5i5htEzjMsi9MtiabO
yjC9fzYXVW0j5uTi14swYG9ESKPJ7WQ1nETWWRiBrs4IlPRq3jIVOJTBAHxWjMtg
96zfvqK+jgH+rx3QolwiwV7ai0D1RbCvGoOhkoQcy506SztdlNRXfGpAbcXFJ+uP
esw9xLilIjF4o42Ga9uizBGjbk/gyN4r4lZ6ojSXGKDczcQxM6i2bGRvn96KbK/R
o0gbsb56niVt1ZQDCuYdOs3B9JlrQeZaeCUypx/UbAoYnVy1FECj0OcPDI69Es60
wHjyp3EAOTJ/gSiUhdvDjwUYT2klP0d+GvsXWbPAcqJJJS8SuVhXIZZfZW5e7Cbn
+TwO3omtxg6b7Wh7QWTUajWtmLjFSoP0MlOp56u9U5R0rfNDG5mrV4gCh0QTNyzt
+CEIC8fHDUUDAphJnirYLZszzmg14vNQUR2gm3T9/j7XYHtmzrWA7eT2pk6h1HQz
yJwoW2EsGyT6GELjztXQN+lWlBqW05cedkMsGnfym2A4Y06MaUwjNmTA3kiAoUUr
Z6PMef1lNVlmUA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE
AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx
MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1
NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP
ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk
uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4
yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS
TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW
aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A
vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm
3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE
HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0
N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb
ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5
IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY
PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC
AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5
VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy
P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx
KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx
W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6
36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR
dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY
i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC
1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY
JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E
XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL
BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx
MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3
MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP
tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot
RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ
OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd
6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw
qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T
1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9
bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc
zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB
ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ
8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/
TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD
5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy
htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL
BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ
PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf
MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx
kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY
j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE
H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0
jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R
G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0
RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+
09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm
KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq
-----END CERTIFICATE-----

81
nixos/k3s/k3s-ca/etcd/peer-ca.crt Normal file
View file

@ -0,0 +1,81 @@
-----BEGIN CERTIFICATE-----
MIIDaTCCAVGgAwIBAgIIK1UyUU0zJ3owDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE
AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy
MFoXDTQ0MDEyNTEyMzAyMFowJjEkMCIGA1UEAwwbazNzLWV0Y2QtcGVlci1jYUAx
NzE1MjU3ODEzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnl/F0abKbhtunsAE
gFB/NapdHORdwEku2AlLLFZuBTWTm7bDPV6aL/QrSlqKOscrh0WqCJMAy+OrC3Uz
MgKgQKNjMGEwHQYDVR0OBBYEFH8weUS7ylk6JshWGj/UTH3vt/L6MB8GA1UdIwQY
MBaAFPr9VQZaChg8JC0u+mpfJyqQvjdiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgKkMA0GCSqGSIb3DQEBCwUAA4ICAQASumDCrfrfm9AAjCou3V1YEbZA
bM20GyWfFHIWzZOtCyKJQt0oOr2tXXv8RwsG0qWeVU7C0CeGUEhF8IFe/O01idWT
wv8Fiatugen6gx2ufawyEv4ATW3tPAizt+r4eZz0euYntGevPx2iM1R5xEcaNj01
kRiydyeP/m1C+uEXTCemIcP0vC67UE5OFBntjub7+K5h+iFApt/3MpdAW51GSDZn
t+EgaMa98ozHhTRWpA0QlmbDzQLX8hIALvFvzqyJcUHSoVeJEo0J25IXi7mJKQP3
kTG/1WjEXlZ2LUfWtBRlhfgxjdupLTULdOpHY3E0Zl5K7gBvDayMcrdcGNIgJ0iJ
qMRfB30Qwa1Hypgio5GOi4aOEyE3dNQke+M8UtI1oMXCyPeLTBMoc7rzZii0AnwD
5IuT4Uwx8SMHBuBPlU6TVe4UsChaw+k7kPDAWJ9yULW4x4o/zHQB/opjWMSpQqc0
nrBfFEhgFyUbwYnGutfEczwhxPlDhdICKPK2bO5dh6LEPohvmoXVks6Dp98Ha371
61/1ZLsMqO8spMrzlkONdSjZmoyFSIWiUivzXcnGVyiuSqYEbRokgoKg1mv61c3x
lcw7ChGafWws1odaHV0A6nXf7G5+K3I6wnKW5601GwrAiQVgEba8x290WWun4k8d
USo2/Dqkd9+wVScQHw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE
AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx
MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1
NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP
ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk
uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4
yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS
TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW
aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A
vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm
3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE
HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0
N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb
ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5
IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY
PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC
AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5
VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy
P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx
KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx
W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6
36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR
dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY
i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC
1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY
JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E
XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL
BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx
MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3
MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP
tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot
RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ
OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd
6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw
qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T
1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9
bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc
zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB
ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ
8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/
TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD
5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy
htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL
BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ
PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf
MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx
kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY
j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE
H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0
jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R
G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0
RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+
09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm
KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq
-----END CERTIFICATE-----

81
nixos/k3s/k3s-ca/etcd/server-ca.crt Normal file
View file

@ -0,0 +1,81 @@
-----BEGIN CERTIFICATE-----
MIIDazCCAVOgAwIBAgIIK1UyUU0zJ3swDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE
AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy
MFoXDTQ0MDEyNTEyMzAyMFowKDEmMCQGA1UEAwwdazNzLWV0Y2Qtc2VydmVyLWNh
QDE3MTUyNTc4MTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARjDMY4U81p+y3C
k+g4MloNceEQ0+TKbnGc0xlGmJBXXKqB6zrolIdv/J9GABZ9eIUGEs8Xw0E4VEPM
l2iFGyoOo2MwYTAdBgNVHQ4EFgQUm/3f0yXxqbgLmU4a+H2QMavLUX0wHwYDVR0j
BBgwFoAU+v1VBloKGDwkLS76al8nKpC+N2IwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQELBQADggIBADcxOaGyetgWEqo5BqNZd9X6
6Lj3rJZTYBmAJeISscG/Dwnv0MmRWw911zmRhikEu8jmLiGMQZUwFD1KoJ6Z/D2M
0Iqk87Ur4aS+mw2Yc60QatkZ2D1XBhrzk3gMaCtWMQBRiexA4qvaw8qlDkDR2eW9
wyks+WsD6Am1Vb/9k7fIfDR1KkScpl07fAMil73URy+KNDZ6r8hW3xZulvZd5IWp
g2px4A+i4eUbevBU1xljpXjP5lrEqoApk5YQDlHHKARszWlQC9PbvyiRRn8dH69m
mC0cdt5tSWWT49bCRtfigoejeFr8SaYzDuvR4Wb31CgbH+qVZADfgggE1N6pQCsY
w+b8xvoZGAcKEWAlX3J159Rc1mV9HRCEzaGEt5kgJuPFyJUXCjQzrKTADOawFxGb
IYeKcmUJuJG0yDkYb5lNa5fv02PAqXVM+Wz+YpFryHRphKt/gGLlhg1HyqnLVowi
UhlRyPLj9XG8PH1ZRVF6/havkg9H78voMXdFMcotIF34wSP5k/wsDjmgsvuLUIek
ryImLiMuJT5sTM/xVdLT2B9cJrFz4XIAFV209PvIldDDp1ySsh7Tz8fWHdCjvd5o
8FTAcyBW72mpS5WP+FUnq0mgpHp9HrLCC3q4AQ7juJszD1PExGNW710rjMHlnrrF
w4VKyOziEAxsiuA390Ds
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE
AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx
MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1
NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP
ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk
uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4
yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS
TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW
aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A
vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm
3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE
HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0
N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb
ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5
IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY
PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC
AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5
VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy
P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx
KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx
W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6
36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR
dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY
i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC
1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY
JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E
XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL
BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx
MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3
MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP
tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot
RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ
OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd
6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw
qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T
1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9
bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc
zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB
ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ
8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/
TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD
5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy
htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL
BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ
PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf
MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx
kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY
j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE
H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0
jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R
G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0
RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+
09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm
KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq
-----END CERTIFICATE-----

81
nixos/k3s/k3s-ca/request-header-ca.crt Normal file
View file

@ -0,0 +1,81 @@
-----BEGIN CERTIFICATE-----
MIIDbjCCAVagAwIBAgIIK1UyUU0zJ3kwDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE
AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy
MFoXDTQ0MDEyNTEyMzAyMFowKzEpMCcGA1UEAwwgazNzLXJlcXVlc3QtaGVhZGVy
LWNhQDE3MTUyNTc4MTMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARAACYmLLW4
6vaF9q1cqBefK/FQebhkwoDcuYuG597sjxQPEz8sO/yYVaNnNcVZZPqDsiF4OCOz
i9ge02pJJVXJo2MwYTAdBgNVHQ4EFgQUrVPDbR8zlHplrCIASYmcn8IrbDEwHwYD
VR0jBBgwFoAU+v1VBloKGDwkLS76al8nKpC+N2IwDwYDVR0TAQH/BAUwAwEB/zAO
BgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQELBQADggIBABlvTQJx7B0LI95sOKjM
zul35QpHoMTJOM4IrtDVUQfRutsRVaJ8z2M/2PXY0OiP8ZURaUTR63fL1lklQOMq
xDM59mcyWTEB50+yTYZNCi0qUrxI7kiOGmsCWJ1JDcRRnXonF2htPdMUr8wIOrzR
CL/HIYObEqasmTZeBlaHMc7clLB+yROveCRG91MeC8iftu/ORoqUIMVhXuR2PEQn
mupksalzL71RdOPLdL7UQzhVaABDRD0JrWsb6F198PLWiGpslwqFumyxucgd4+Xq
lb9AB/Sac/2KJH2GEGUoUMac7tJ+BNNc1T6VQUeyKDCacNRemjKxOa58ilFGvGPK
xKuuPhaN/mdZNBI1EX1m8JbCTByP5naGB7DDsP8ekMg1jvfszU+BDZSZoBgDhMmu
7Hsu/CpS8LWDzZ0KRuBsCLTYwlA1H0rp3C2ZYc/cbBexo8oyHMisMvpzM/5NMkuT
aKCQFt3HOncNG6rTltTrFaJaH9sZJxaaR6Q+pKzTtRGpx3SabZnNQkmu2MoFTKoE
vApW1wYptjOm7k5+o0a7IcWWK8FbqGOwfTAiI+mNYkiwo+qunALY0q/MiX0c7beI
qDzvjAHEt/xuWLCVqXhCy7bsgAmiukICMVflWd1Bg5OlXHa9H6sXqE1hP74Wv2bo
kBKEUETfs+HldaQgT5ontb+T
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE
AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx
MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1
NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP
ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk
uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4
yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS
TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW
aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A
vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm
3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE
HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0
N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb
ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5
IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY
PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC
AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5
VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy
P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx
KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx
W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6
36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR
dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY
i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC
1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY
JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E
XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL
BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx
MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3
MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP
tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot
RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ
OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd
6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw
qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T
1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9
bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc
zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB
ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ
8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/
TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD
5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy
htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL
BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ
PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf
MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx
kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY
j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE
H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0
jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R
G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0
RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+
09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm
KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq
-----END CERTIFICATE-----

81
nixos/k3s/k3s-ca/server-ca.crt Normal file
View file

@ -0,0 +1,81 @@
-----BEGIN CERTIFICATE-----
MIIDZjCCAU6gAwIBAgIIK1UyUU0zJ3gwDQYJKoZIhvcNAQELBQAwKTEnMCUGA1UE
AwweazNzLWludGVybWVkaWF0ZS1jYUAxNzE1MjU3ODEzMB4XDTI0MDUwOTEyMzAy
MFoXDTQ0MDEyNTEyMzAyMFowIzEhMB8GA1UEAwwYazNzLXNlcnZlci1jYUAxNzE1
MjU3ODEzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDhZobdYwh9+5PmK68/Pi
CETLWdTMftlpf4Kws1c1pu9diaQ2p2uAhgsdMxe8k5Su22HUG9soOsLpMfGn1fwS
dqNjMGEwHQYDVR0OBBYEFH4kXKFZ+MJI3cnwRtm2URRJk4ghMB8GA1UdIwQYMBaA
FPr9VQZaChg8JC0u+mpfJyqQvjdiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
BAQDAgKkMA0GCSqGSIb3DQEBCwUAA4ICAQCWi/YtfU0RFX8vZenOolcbrtSiZDYO
yYuUUI3h7U1AW7Hmn3Gk0SYdNxUbJLB2sFt8s8TX+N80M5483prUi8O3CL/DTXxD
Ae4uag2MFGh0710JY0I/7paB9H9GU6T+BAKrjdru2mwlNC+DcUIY7UX5/PrmnG9z
HMt6tSdy6RuKTBu69tr/Mpdb3VZIjrEuJ/d1LrkbxEXXW+12AvBMociBXUW+7ooO
LlKji2LGFJUYvh7yjOXykjB5U75/9oBrRpASFkGqwcXk7c89UEL9RiPDLqAm6u1U
YoE8U9mZtgTV2E4DKUbamdeVRFalJMw1Pp6WrSLsK1wBgWxydEz8djUg8WLf01ml
mRtLH7AKgFy3u5s+fxMQMGSfSmSjzsV3HCKb8bssk8bm0Q4wLznqW1ClKTbBRdDb
lE0BkI0cJqaTkjBkcuPUd9yCEUT3mCFRPIqpiYAqzPwudZ9PynZVd4NfrItpEw1V
7hVFjN2q524LK3moPFd/adfEenZEXbkaUimUloADmnR/fuTjvqkUh0OVCta3SMTd
GjhMBidfBaDPs+b/wpI4oo3JzKL9U0AqDH9/KOsJk2W38VE8z+exgY0eU2E6HOaz
O18nrHF+eMY65Zxird7xLmu+I0h1aF0qp37ejBZnWMxawQwb0km0IcVE4xzixQ9F
NBWX9TfSjd17Tg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFLzCCAxegAwIBAgIIK1UyUU0zJ3YwDQYJKoZIhvcNAQELBQAwITEfMB0GA1UE
AwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkxMjMwMjBaFw00NDAx
MjUxMjMwMjBaMCkxJzAlBgNVBAMMHmszcy1pbnRlcm1lZGlhdGUtY2FAMTcxNTI1
NzgxMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZQkDW8ULwu2iUP
ZeXf+v3alHj6MQioEebJqe8ZaCFwyzQuz6VgyJIkxc0qUtvAuan2WVek22+EqLnk
uQfmEgsfuWwHt8n69SGMqZ3SA+sH5eZt+KTGEWUNzyIFZumtNgsRkeJmF+oX5QQ4
yVWqclLrEaYkfPAr0+pf5CPugY51G8v4ezuYU4wFPjXfja4ewZj9Otpmn+X/18OS
TkSMfKG6SoY6hQPoq0rqe/C9BdilWX79C6+2Hw3fs+jzXWPaq7hkRjYEzzBPSzNW
aDl4lYQi/70wZYC85LC0J0VW0NrbrgmxieMmATnTuQAb3Ud4iQGGlqUUV7pgJO/A
vywHNR+V6xyBV2riHloy50jVkQ2ecbdqYlWn89S2Yanca/DvEYm1URWroDvhtTsm
3QPHC/Y5B04+qBaGZif7PayvRWE1WM5h130jpeTEGRRhQ7e1hM+0rvP8gyBEMiFE
HhyYGFBJ4SmZu5kbSGVQNXwS9/F9Tm47yEFEKuMQ0eFw5OASVXX4sglT/5kn8/h0
N6EyrFMgXAo4wyCJ/m3q8ngG9VLcz+vcbSBMtt8cWxs5LyhDvK06oPsy+aGq74Pb
ripTJHysnueCqG51jC/My/vL1TAXQH8kAsz2hHFnqi5LqvY2dpeHqPa4N/9oi7i5
IN7hw1+9kD5zO6mYMnaEQnEiYLVRAgMBAAGjYzBhMB0GA1UdDgQWBBT6/VUGWgoY
PCQtLvpqXycqkL43YjAfBgNVHSMEGDAWgBTLIkPmeEX9fvysxUa/HvlxbPKG2TAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICpDANBgkqhkiG9w0BAQsFAAOC
AgEAE4Z9is2j6K6Kk7BvDbDjW83Gew7TIIP8kTC0jZIu1loV2K8YOnmhKjer7XN5
VpcABZ2GOzKw0syN+Z+l54az/dnp1m81MlFhUoZCiNdIDjNwSOJuF/PuBszpODcy
P6LapwD52T0WH7HyUC1Grm84Bvmzwf87rpt29PBgRyt1ZPRgOCD96RvCH9v8/jWx
KkxrtjYpsje7SIagepWEsu4w+ZXMSCsJejj4bqH/mFpkUNGDSu+kgiHh2RXHSqTx
W1ZLHoz243vFyv1wrH1hFpZfEaOxa17zGEn8kdOXcRqkPMOEokKVrbjmv334SeE6
36eWyFtcbrFLWES6wKw4/KLWEzBAuGWz+ujoy9G7ahpylJGTMk74+/njqLbgrOcR
dQom/UAoynkUY+U0Rj7bW1rYpxcjimpTPGyXsJ9AGz4nYtOwQEpQ441/nPxH6hAY
i7tODC4YSbP+HH8aGIkb+oSMExVnHLeypjUcbQWPLQ940p0bLIUu378yl62N9dOC
1JYW68PslezrIN/YViAF9aW7CxxI9mJQeGZlO8+4gpUTLkHX7vLws9GK2giCbvEY
JXnrtd3C2sY8BmP5Ps6hQKd//NyT0D+mIhOmoNXaTufvWSdRdWjgClcdNtEqk88E
XPWn6g0sW7r1usZQCms+bDSmO88ZZ0SDOg+Yw76pBHRAkAo=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFMzCCAxugAwIBAgIUVmq/U/xnr7TE0GqtUK9fdm6ClgAwDQYJKoZIhvcNAQEL
BQAwITEfMB0GA1UEAwwWazNzLXJvb3QtY2FAMTcxNTI1NzgxMzAeFw0yNDA1MDkx
MjMwMThaFw00NDA1MDQxMjMwMThaMCExHzAdBgNVBAMMFmszcy1yb290LWNhQDE3
MTUyNTc4MTMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDAcIqRzsAP
tWnAxd3nkSyVutRe1gYGe4cqYExgwn6JLi34/ENZ8PTkUTA7crZ9okm66vn8Wcot
RCIrIQV/4FoQBKnTQgCv0TRaA59TyvLiES1W9EaFOpggrIz5TKx06DN+UhxhEOeQ
OaYpBfigVzODv3qw5+7V10a/9QErpy4PDv915zAO3fu6n/9Y3OJxpzb3vVwfQpLd
6vMl4o13gZq3Tp17DJ3pbs3RT1TMYiECCLEhuEgML9dXVFdW5HNcdiGx9mepzwcw
qyrlD4BufIJ9K6PPu3Ppp1311y0acvTLgYuRUBl9qOlrsMv0rS/7XcNEG6b9Vg+T
1s38y9FJIbtIwvLBlKPonfMatem2bkGcijlf7LHlkDmCd0GLsQtvklwzGPPa2lg9
bCB909ivzRWtSW1ba0kLaQUbCJG7yRH/nqE+fA72IlUzxN01AvXUFtq7Hi3cw2Yc
zyyVk8IRRJLYq9EjFy8+14e1QAWCP4M4RbGLSRb53aVcOWm22KFyczaDg+NnnHtB
ASS6ODfYEeAujVj7tq90IPspT6ewPaZ91qRSanr2lABkEEEaX58ErQ6G2g4yuQLQ
8pzXX9v1crCIWGsclx77a5CV599loKcZOIIxT4e1u7Dhy0EQD0yX1tru3XaVkdP/
TyidJLH2GS5MJ1vLuY7ezrocZJUrkSZOIwIDAQABo2MwYTAdBgNVHQ4EFgQUyyJD
5nhF/X78rMVGvx75cWzyhtkwHwYDVR0jBBgwFoAUyyJD5nhF/X78rMVGvx75cWzy
htkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAqQwDQYJKoZIhvcNAQEL
BQADggIBAEM7KOB7myKORjA+smmMHXeHrfWMtS5R1mlp+JFeEZaMks6ktsicynRQ
PdD49F8Kk35XtB97sfNeM0/csIngq9ES0xhRvDbfEq68edFUUD/WpyPYIFjd1MGf
MiIbOYZSVG60xOJSFgE7f+ymK6XTwd61PRojNyIvb+2lVASKT//aWMlHU1ox+2rx
kihi0YJHH8yKhFyps4oJQyW7f+0NFfy2rknvLP55EIKiLCFPHmh636vx+bJ8AbUY
j96VEN96KqZE6YTygqHmYz5n/Vl9FibOBN1hQmHwyBy6mJI8Q0RxS4PMsxSEwKoE
H5RdpAdYPF4F23gsN0rbIFzEmgwXMnJkKPgGEIMniTHcKIEjSPTPnLWScQynqRu0
jpNXpgJ9N22sRFAzJWAaB+67YSwymClOzzAe18A7lwBrQRFZldR+GYjpywBNVI0R
G8WVmyOcQCqNeycwED+z2UvRJcGR1yxkZFDhJjcV/kLbvQQj9zNRpS8cEHWyqXZ0
RYqQMvYebLwydDkmZ9e73NaJPFTtWciFUzzxfDid9Ql6C1sMFURl4XxBthUXNH6+
09T9IIivtoyHV+EWPo/9yr3cO+4B18PXJv3vlmFf1PGOGjpzNLnOxiPU+fDEmAhm
KasQJscK9c2FT6/6XnJjdOnyvgTBlLM7UrZ+9M0icf8vQSVjDudq
-----END CERTIFICATE-----

2
nixos/prometheus.nix
View file

@ -37,7 +37,7 @@
} }
]; ];
} }
) ["lewis" "atlas" "jefke"]; ) ["lewis" "jefke"];
pikvm = { pikvm = {
job_name = "pikvm"; job_name = "pikvm";

7
nixos/server.nix
View file

@ -29,6 +29,11 @@
}; };
}; };
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
services = { services = {
openssh.enable = true; openssh.enable = true;
prometheus.exporters.node.enable = true; prometheus.exporters.node.enable = true;
@ -49,7 +54,7 @@
}; };
sops.secrets."tailscale/authKey" = { sops.secrets."tailscale/authKey" = {
sopsFile = "${self}/secrets/servers.sops.yaml"; sopsFile = "${self}/secrets/servers.yaml";
}; };
}; };
} }

49
secrets/atlas/colmena.yaml Normal file
View file

@ -0,0 +1,49 @@
sops_nix_keys:
root: ENC[AES256_GCM,data:T0s44DmC+XgBcXaZ3czEzR3vyjSaYq3k+1NWiVOVqC6GCKIYh5v29R0L7MSStnxfAl3SoDM9rGX4J9aQdzNK0TqEHRgMQxcNsOI=,iv:gbz0I6H7g4VQhto/nIANxRtBNdJ/N0a21i0g99tNoDQ=,tag:0R3FnkiWMc8r7yXGj/yVMg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1unkshctcpucc298kmw9a0qzvtjzgdnjytrxr5p750dv0z95feymqpn68qf
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhbzRsREZKRU42WU0zaFFR
RnZCNmY1MW0vWnl3MG5mbFR3aEdXUVY5WkN3Cit2Q3lUcGg5RWxoQTlnUkhqUlR4
OTZvOG4yTVc1dVhQMjhqaDRhQ2t2aWMKLS0tIFhxcm96ZTI1Rk1IOCtGbXRZRkRM
b1BDUnBGeUVlKzFaa3NRdzlwOGVlamMK21VcIBiXskcDE6y/Dpg7s9qVpCBVeM3s
vXi/0Vj52kASCm65ejbgalAivIkMXxuEI02XsSj2xnxtfOrFckPC1w==
-----END AGE ENCRYPTED FILE-----
- recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvY0FLdytRaG1NOUQ2Wmxl
T1kyYnpXVWVsdk41TmxOanh6V3UzaitpTG0wCmVPNVN4V2NDem1YcW5iSUdka3Br
R2c2cE40Vm4rbHJ3TWVKZE9kTEJVbzAKLS0tIHpGV2hrZGs2NVRBVC9OVkJhcG5B
cWNNWjcxaEN1V3FmUXRhYUNKME9CbDQKb00wAYmF9W1qFQSKRe834gIyW8jRU/W/
d9ErijuI9CZIP7D5PMYeePLvQqr4gjX0Mbj0AHhq4o5Qirx9cwhm4g==
-----END AGE ENCRYPTED FILE-----
- recipient: age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4TjJLMkREY2Rhd3FncHIr
N0hVczhRbDkzM2JERjhIbHU0M3lrNTVrYjIwClJVVytnd0JKU2ovaUpZZTBTN2Yx
MkxoNjhXem1kdis1ZFhLbklGOFNCY28KLS0tIHc3NU5wRndFOS83TkE5OXN0MGRD
cG44QXJEL04xZ0U4V0pzVzUybFZFRXMK2wDBMgLRdnlvLGjiRdsNPi/uHNppcvjM
OGMS8NZgKazWTkKfR0dWSrvHI1o4TN9KYo/5/BhPyK2Xlj6FV98fRg==
-----END AGE ENCRYPTED FILE-----
- recipient: age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0TWVlRDdNYlRYMDhwcThO
T1d0eGRJNHlNWVFOVGVMbzFIU0hBajZMZWl3ClJ6OU1nSUN1YjkyTHd2RDQwSkdN
NzFpWndrS2RWWDBjY3RaejZCTnlMMkkKLS0tIFI5SnE2QzB3aXV6eTk3LzNRUkt3
N0FNeml5K1hlcjZBVVpCMFF0WXVxYzgKhShdyYdmF+0K4rlIywVlwjVe89hmAvC+
cN+tMcxYPd+QFzR8QDnTyncp7sBh5TcbTi5pJEuhpRyTFGRy6ovasQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-12-01T11:22:03Z"
mac: ENC[AES256_GCM,data:XvARePc6FEmp+rY39fuBHfWsezUd6zyQdfHzWPBmBb7dRf/A6tr0J7XyUL+Ex+rFnFg+JRbBFIy+fqByDZn8aQyVqOnyCgGKuSNDXcyZ1/KGwxS5PW7N95x0Vo4TJI9JxmedCfxIdQH6Tat1VlyKRgTG2viZ3WFnWwe/UBaX+Ok=,iv:gdAOTRTQPfjDTYDsQJnkIs8maa1D98nFp7gn9QKgQGg=,tag:9Uw9PoOknp8cxsrNZiO/RQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1

57
secrets/kubernetes.yaml Normal file
View file

@ -0,0 +1,57 @@
k3s:
serverToken: ENC[AES256_GCM,data:aN3SLcqz8KgR3/UUR+bUSAhj4qOcMJbsWPHS7XLSY0w=,iv:eRtTp4QfZsehPX601JVs22DRI1gTLqtJy5+9LCSJ3A4=,tag:XwXwTotedP4ln0M1n4uj0g==,type:str]
keys:
clientCAKey: ENC[AES256_GCM,data:ljlXAgOeKvbX737YwFYlvSo02PxiElszJW50xMHDgKonIN4iofuuP0kMEx4aCZsfE0pqD1MwcJcUyXG3wS3TtmMAojttNC+8wunyVanTV/sS9mYrUHEGIbw+sGsoTaCzWoNAbnMeR1gNrNxx9tOVOaYOgfWKy5VMqjR3yq5q8vZweCwmt4vjHYoRK/mBe62uEd262qEap7O1qwiBhIE9Ax7fPEAoQplFOZdeXF1ruOlVBZWMttlB9PWFOVqGjDBroeej21VIH8OPKGZDt2WNjlK0SYSDnKiPpij4njGIzHbAF5k=,iv:6jd6Hlehiyzgthh225slmSbkO9OOmkhlqPokFpcCNLY=,tag:/S/ZXD++FzXVDP4qPtExoQ==,type:str]
requestHeaderCAKey: ENC[AES256_GCM,data:MtyWGTL/D3xNYHo1ripVYteg5sLRODsX0bo6TThAymJIOfqJpcq6nBrbYiSED1g2Vsw0KLhBewzP+s00cgBS0lyySxFzErEgnxV245zrNmAJJd05VKDK73r+k3iYxTxLQu/lcqe+3C8KYqck4jMMixxsl3n7UYPXePlbLa728WMhIpdwwWR2mrWeLyhDXPPvSMsj17RxMXTtM2uNdXJVByFvNNAGdCJEozZA5iB07Jvky11MT9xCd5z9QhMZtUgJRNXgsIjVKSlyh731WTgyZHntBTpUnCVvuOjuAKBr7RNCshk=,iv:INOto4bwLTBrX2rwaYNEsQAARtDoIEaedQuNNbCjyzM=,tag:daSBV1B3pA9d2F5o3aeguA==,type:str]
serverCAKey: ENC[AES256_GCM,data:JMCEyW6DJ/dt4VLdOHV/G7HJNlpEeyR8DtpxVvEVIvebuwEZONqZvNhdj+TmkWs6zTPca1OaTBMixTI+g+PMeqwsjZmxtOSM9mXtprcbztW2I8DHqP68Y+r5fqLQTqbdFNXRcXi8hCoIZPPP7wDkRRTsD/9XIUrQzEMqlFymrCMGQNgYv7AJ6/gvFK+gCG8kwVm8PnyGfwl/f/WZlafwS/pTxkNByRLlgo7ZMaXpdGSq8hpj9KQSkdtF6uJgSL0IYKBsmkYs3+UFQuUBYZa8vPyZxmt9luDO+kCnUCH29/j7o60=,iv:fBPnPHrO1P1Y2Me+m7a5YwnGsmH85Em/tR/7tPkdfdM=,tag:LjazNgPpKjkp4zE57OxG0A==,type:str]
serviceKey: ENC[AES256_GCM,data:d6G81RNRMyqjq42eeGhsjmocMHnzK/fTzDsw8vrVOpj0XGAapy+ksvoxOXaotR6ArZJTntkPsHwWVWec5rNQKmLmKRiQzzDW8JwWt0HmQ9otnSDUqSHK/6yK9Tiqtoz2fmyLxU4uZftbsMGzP3zsAjA6S6b++X5fDQgYesV7qNyQBtgHUXPj2rxOkASclhuHAJ290g79SCAy7G4cjEVLV1AzglHqysurx1uZSFXWRZS2LXgz30U1GDooAue71tHpJHUBW+UgIhedsPdXUw1ST7T6Zd0u9tfEanCf57GrUb6Tvc3Cb0uSNxAO9R3iB8Fd2bQ0rvZCwfO4lprzus6jhwy93h+1sGplPaoBhgSx/I4khWsr+wB0bGbZYP0xRu0XFEnlJLvwZFjF8vakqU89gQpE415gXm99dD35mDFn5J2sfrgXDAVZHbi9L6CPFjrAOz4D9lzVYOVYDleSDosC5aDUT1nXSSjGPvTHgiaJviClbWn2fHXy+4wx+zyapBTTnYI412aNBhq8R2Inbo230AOe6VQ4DV78RDXh5W0ZZXz0dBIB6KdF03XimnO0ONN5am83x0BNx/d5/95a0Si/FdMUNpThWVcpUO9wXIhe7Z8jUWXvnX7IrfibQNPR0S3gLvp4uiNz/9iMDLNcwX9JQDr9nPAPP4PvftVC+Ip2TM6ZHAib628Ma0+4E8i//yg6ZgMzoW+of03sg9lVNWVB98JoLkabVhKEpoLx8dscR63ehEtD06uSLyI7ajZCDWTUa60lPpBat9urEDjmaoZJnb0OntlWBc/eNRvcKK+XkfqSotLyQ7nTZs5zvFFMo4hqi5G6jUNzOAeUCfOkabiZj47XNUuAUQy72qhbU/RMqZNHJ9/+Iy7o0B++ompH2GGxiO8d+TvvCg28UI9e1YUgzKrmY95vgy34LTtSMdnxwoMjdXP68tUOON/UaoL9i2sRE93S0x/rG/R04OzJI0p0JlkPTmrNkRwQ1SEdctVMsffdC55BTY3vVA/hNZJtkUUNoukfX9p2soImX836wM3LZAsGwCUWBuxzVCdK/VN5PY4tgTTJdbQSr4KkdBdyu8KATODDoCNiIHCIcOoiT6+OXJG2oTYDgM9iXwhrg7QJmwdU1SLmP2+PSsmsMvNn3/2PJIg3FSfK4ey34p7kaMQP+jmzpmvRGK9vtC7RGQputP5XgGGeuoi8uK/lEPWSrOasRLG5nzDjjYPpK0kuQQ7h0hpKC/RO1JObOCn5dYeTddoP0UD0XP3IWD7d89joLNVTWxP/I5xRf7MhW7Jreh0Gi0PE2VHXnCKbz00Ev4u/S0VV74s8pVst8ZJ0gd6U7Jn5NvuZ9OSJTsaO7emSfbrFsxAJwUxWPhSX4y/TF140/jKXUMFGrDoDftuJX3Vbl6aij7W7aX8BALyaPub5i5XCJR5WVn008infJv4+g3ViGVz+T9g/S8O9YTh22493H4u7qbfIjW7qHADtIMKX08kBieiD3v9H2ZEsd0trvRB/ZJp8AZwIuayqBBWK2GNO8xd3RWgk6rZbQqIYZGL/mxfIyXtHVKwL5vCKbq/as6oeKkcKoLJsJiDgRoJQ8Q35hhn/eN1jU97+o+kAv6nk8BCr1crzO2hbFuuTiidpMNta56+7zC6ROslaEqEHLz3pDBR5EpxdYZNTiIq+FD0hge6GMftxjjUbF0Ld+btq23xmG3rFTf3ZUCC+9lWE1ao8YozpetqQoWPRgYlYzZ3t3fvkq2vQrjStLh65kUMHOJ2uCM9r7zjsZ4pOfNyqlkm/pTH4oGfL2o30WmqmFIS+kUiDolRTNGlm2CVzxfF0rxZ2y3HDqmx18YbebeYF6gL7dj7sis/fhM3ISnFPkRYt1AGfD6n9GDAtSvegtEw4MSc7CUI706EWKbBFwZqPPB345NrEF1ETQl8dj/Lxgipdzq1efpwMEWAnOfLWC0zvowDl9fk27k79ZK+OcU8++D3Jc/vEWHUSOhy9379GE8zd6dzRfQ8mzP+dFlRxZxf+LfpvCGasPha642xTqmwc9vwu5jBupl9dcWFKxghOPywKnBKhmjERQwTnjnKuBKDvke8A9vmbojYQ/A6Ed1TyCEQg4Ixf6O3BVYXKJBevUCPP3AzrXwoPSRz3AbKpAKJj2t3HlEv8RP2BKpezgxTODwOFs1/9XyRY6y39PepbWlJCbb7UwuOhGSvAtFoRxW/eDkhr8xmTRuGK84OZ/gbO1EJMj1w=,iv:HTujeO+X5o3LetBhc5vBbJMtTGo7vU7bxAa9utIfCGk=,tag:eyPbTjow0MYwa7tyb4Me2g==,type:str]
etcd:
peerCAKey: ENC[AES256_GCM,data:guzHtQx+rn778FE3omR7h5VrFvMcR1pVeIRT19b6i1ZyfR1YLAEyzZU/gAiokb3XDNF+UcR2D0zR7ra9k7WcNtyHlskU7vctT2iURssexMS9XbbS3nlklx0utsqO1KKeuLI+bU+/cuf4zAYxoSKpO8NcqBhfTRlNu53IBF+mHZtSQ5BbWlOjvHiBXMxRMNiTRvzC0XlkSFOF7ERslWPkOWDkIuKv6Jd+LuQ3tnxIpjp4g9HSsmLlARf9IdVp9qpeZMXrnjfyLmbNABVYPL6XJHyMudYtzG+tpwW08Q6qKZy2KEw=,iv:tnGOwMyDQOXzguTh4pBJumpaV5ObgAT50qtPIu5u9O4=,tag:agUs9H7i7Mm5rAFj3eligw==,type:str]
serverCAKey: ENC[AES256_GCM,data:S79OqkFK+z7+YecsH8Mdlel8+T50rhBnixfB9047uCZIIZ6LsxknGs1wkCAFPnymUVEzIIGW3lCog9xIvIWJSfV4wh2TMOetPGj95OBV0zQy4vdMhHHt2OV5+R6e262n0FwaQkn+kndPlVvnlPnFbkiQys0vO8GashWWddyBGQf6P/5TvYuJtz+qjW1FsrtjDTu77Vn85y7bYRENQ1o6sZxevftTHnEjSmvWHgcYey0TytkIYZpMHm1G1Up3+HtgiFAFDy1VtSv913El5W4EfLeRhV3B51ktG+SR0bxfMv/P+qU=,iv:UkWTAXYiaRqptN4PyCfMDot20Ln+/QkPIBSGabJSj+c=,tag:I056m8hcwNyOkoxsNRjYXw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1unkshctcpucc298kmw9a0qzvtjzgdnjytrxr5p750dv0z95feymqpn68qf
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBydkpsSG1xaWxHakRVVVQv
MFBMOUlib0dHcGh3eTEwNVArL2xQWkpRN21JClJLU2JWY05jeHU0bmxiVnRxVVpB
NXpqcy81THlkc1A4ek5STUhTSjlqak0KLS0tIDFjMVVYK0d1M2N6bkdQYUVzU0Z4
ZnVqbXFlYUE4QlFBc215TlBuMDQ5eWsKRxmlAwmMyGUaH1MIiurH0pHaOIpn/wvs
xY9J3fz93bFoCJKnCQTocBetJFwhX1tQxIYigb6aIEnLdW+oX8YhSw==
-----END AGE ENCRYPTED FILE-----
- recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKT25UeUZ3R2dCb3hvY3JF
L1dOOEFXT2o1emd0UnhXS2M4NTJvZVhuK2lZCnllbVBVSE5UWUNoQ1RuSVh5VExn
REJJT3NaSjJlYWRNNzZqNnRBU1BKV1kKLS0tIEJZUHQ0SUEyMEJURStuUlVETlp4
eTBqcnprME96dXY0dFQzTUZnWm5MOFEK+Oy3EqmhjFzARg0l7SQeh6Krg1ET35K7
lgC7L1NSUCOQ0Xzom5X3FruDvy7NF0S9fcBqKfOyXu7dlxllE2YnWA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3L2xGUzdJZ1lDTGFMd01M
d2IvdjgyT0VoOTJQQ0I2czYvT3lrcTlySEFBCmFXWkZCbGtxTzBEZW5kMEswUUdO
bFk4T2w4TklCYTFLV2tmNStxZnZOb2cKLS0tIDVuVlVORXJwT1MrN3FjbFBMNkNo
blBBUmhKOHBLUiswWXNkUmhTSktnQmMKFZoogOuE1AVgRPSo67uFbK3kHmnxJoaP
v1uBBi5RqmQ316bkaEtMFx6psE4+khQh21D+vzysqbfosNelk2mABA==
-----END AGE ENCRYPTED FILE-----
- recipient: age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5ZmRQRmlTcDhQNndaekV0
dFF5cEZURDFoaVVEMkZzVjAwd1BuSEdUaEdRCnJpa2xNSyt2THdLUmxwWENYSHVK
WGFDOVRaVkthZ28zaGtkTVRkL3RiWjQKLS0tIEdSN3ZiSmNDT21tZDlZZm1xdVdT
TG9EdmlqaXFZbHhhWWk5Tktia0pOek0KLlTkPkW/+1/v0lEOlL1gW/eZVpz97FPq
Oh3TagzRj0/bZo9PbLsqc/RF4rwXnIS0xUgmnu3tgOAQWaboa9Kx2g==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-12-01T11:24:36Z"
mac: ENC[AES256_GCM,data:aQQPjSLHgvBPU0eZA95qFoRsklw3Jaj2N42DpKSheDoSJ5SwWV1GK0IJqkis71eBpMG9Mjn2wWj/1IdU1upRqfZU5dwNPdVXFb2+qPZyTkz1jhvBVTRGUNedd/L3t2a2nsaj5frZyzUPBELMs7n335pB9I36e+xOgTmA8OW3XAE=,iv:UI82ZmzcXtjO9fv2bSBZVVzNs7uvlopyxKXW+wBmNf8=,tag:HySaRX4Ihpnx+a8lASHicw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1

49
secrets/servers.sops.yaml
View file

@ -1,49 +0,0 @@
tailscale:
authKey: ENC[AES256_GCM,data:3eXxQBY6AVqU4R1NlsyhGCfXW5wL58ODRH/f+zo5YFRad/ys1vB9JeKagq0SJSj/w4zxRAEpCf1o47Ypww==,iv:QklyIFuXlbH6cM/I0gqDH/Xeay9gqxqeyulQ7W/dbig=,tag:E/3UqtsfSVOi6otSlReO0Q==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1th8rdw4fs3vmgy9gzc0k9xy88tddjj4vasepckfx9h4nlzsg3q3q4cjgwu
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQcjVsVnNxcGlibnJDSWxE
NEtERm5xS3RRc0QvK09rOEdCYytlZUliaEVNCjZYR2l0Y3dhUDdGVGNwSlRLaTFa
WkZSKzJpVXBCUXhqZldMSis3UHpTQW8KLS0tIEI5V3FMR2xaeEpzMzZYdHo4YWNJ
MHBMeVpaMi9lTjFwcVVsUm1jR255UmsKxvOywqqgMfpQ1TngUmtxH80So10Yd+R2
I9+1chjRTAnHemtUU1154cL591b3BV5FHO3DpoiyY3MoxD2IC9PtzA==
-----END AGE ENCRYPTED FILE-----
- recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXbVVVVEI0b3hpd3hyU2Vp
V1ZNejBUOUp6NU12dVgraTlrbDNDdmxENVEwCkJobDdObTVwcXB4a3pxUnM3QlVR
d253eUxnVlpnaTRPWFZXYnVoaW5jK00KLS0tIGRnbVhFMFk4aCtpMk9hSEJYT3ZZ
dVUwOTlCVXFoSTl0VjBaQm9BWkJyQTQKuPdUd32RaHmBvdyan4O5FRzUC4q8WtlQ
NXIhBUIVQgA8ns7HMP1Q5MxFg4s3I2dhUKq5qs6430+M+cVKF3wGEA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwRkVnOHZoaXo5SGRiRzdU
KzdiRWNQMXRvQ2g2WG5GVWRNUzJkemd0ZzJBCnBtM1IwWVJ3L1BxakR0MFRTcm1I
cjVqdDEyRDNjbCtFNnk5aWd4L0tVR3cKLS0tIFJ1a2d3dzA2cWFESFlzbnRzc3FH
L21Hd2oyR0pWaTZONDByN0NrMS9lTDAKcMkHaUsUfV/kZBvT+UN8f+QTIvqJjmMY
7sVMAumtvBNhKs9OxMlPqiWvaeLtgGoExYZqq05VwWTHxYXLouPnuQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaZEw4R3VvdEtjK2VSa3Bu
QzZ0dWU3Uk16TkVDaldEdzN6ZWduZERyd25NCmRzdWlEZ2V2SEc4VnczbE9yc0FX
eTZXemQxaU5LOXFzWmlmYTc3YWFvYUEKLS0tIFRwOHVIcUR2ejN5NHdSQ2N6c3hL
elZ6STcwTHZXZGI5Sk0yamtQN3lhcm8KWa4JI1H+pcav7ZwCZgUMXk+lsxFewD4O
1AOnFdamXZkUHN+zZB1zN6YJvHhUEaq2NiGAhc+ZLAc1sb5yeqd/2Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-30T18:44:29Z"
mac: ENC[AES256_GCM,data:SG6a5pWa3gMaSz9d9fOchUXtXbRTpMOXmbOjZo5Fdx8Es1MEDwezwscQaj9p1dzmGa+7U8UUUzMYxlg2SmGgGdPgCs0a5RQVYvQFNdgpRiuknflFMcdgXLv7XFsTqsqSmbN0O662YDvCcz4DWRKjNCZAimlLym8pwDihj1D8dcU=,iv:JmCbcazDK2KPyYsoVy39sr4IbfiGfmGoopit5ojVADk=,tag:6tKYfMkJBjsThaa4qLqobw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1

58
secrets/servers.yaml Normal file
View file

@ -0,0 +1,58 @@
tailscale:
authKey: ENC[AES256_GCM,data:3eXxQBY6AVqU4R1NlsyhGCfXW5wL58ODRH/f+zo5YFRad/ys1vB9JeKagq0SJSj/w4zxRAEpCf1o47Ypww==,iv:QklyIFuXlbH6cM/I0gqDH/Xeay9gqxqeyulQ7W/dbig=,tag:E/3UqtsfSVOi6otSlReO0Q==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1th8rdw4fs3vmgy9gzc0k9xy88tddjj4vasepckfx9h4nlzsg3q3q4cjgwu
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNek1aa2tGdHBsSnFUYndR
OTg3R25uYW1keE5RTnBKbmV5dmpaSmpad3cwCmVOaFpPd2FnR3c0eUlzQTJVN2RK
Nm1OR0w5U3BOcXZVc0VFd3FsdGdoaTgKLS0tIHJOSmVZeXFmaUdVSkoyRFdia3pG
cmZndERUbHZnMzQyRVhodE9FV2VkUWsKSY/J6aRDzklUXx59N437zmB2cdapqZPJ
5OJfarR+qz94b23yg2QiOA7zBxPQOWK8o0o7HoebGGAw9v3sE5uUbQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1unkshctcpucc298kmw9a0qzvtjzgdnjytrxr5p750dv0z95feymqpn68qf
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2bVMzbkRQNTk2Mlhkano1
ZXU1N0k4MzZjajJqR2dRVzZNZEhPVVpFVERNCjF2NktabUp3OC9lNE5abTR0aWl2
ZmluU2RmaDNvNzZSNElwb1RiSnpJSTQKLS0tIHdMWUh0SGV6SnJwWmRPSGNMNS9p
RzlIUjB0UVhtMWtDa293MWM2dmZSN3cKyamVEfKmbcIbALjHzKLxTZU+84EoJ+iU
huGmYbjti5+2e8rje6konc4Z5GSjhe6JbEOTK3hCiCGdY/vujAvClg==
-----END AGE ENCRYPTED FILE-----
- recipient: age189laethzry4ylnd790dmpuc4xjjuwqxruc76caj3ceqhqug4g9qs0upuvw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBR0dkR09lSUpNL3cycTRv
YVI4TzNjTklJS0E2VnZtMUNOYlpCb0psbFdNCk0zeFMzR0x0NFpwak5FajhnbG9G
Sk5oSkthZE5KNDNiTXRFNEIrMzdoMDAKLS0tIFY2Z3IzWXg3R1dZT1kxSitNRzRU
WTZuaFFpdktERzFpdUJpYjR0T1BXbGsKq1jkTYnl2z+2I+FRyhpxbIRAJz3npPf5
aPUsGG2gdyyvN2pVW8KZNlTA0xYfe2o+qSZ7I27ThfIwKjXCe6ERaA==
-----END AGE ENCRYPTED FILE-----
- recipient: age1w99m9klvc7m5qtmtmu3l0jx8ksdzp5c4p9rkvh5fdullfc6afemqv5py2q
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6RS9mdHJsdUo0NFNiR1J1
UVRCUHRjUE95WFR4dFpwM2NyU2QzVHB4eUNvCmtJSkVnbURzTU83VklYdWFtai9p
cmFMY1V4eFpnS0hlSGtaczA5NzFVSDQKLS0tIEprMzBHV040VWtpYmpYcU90a2dN
VE1SaTRxOG90NFo0emZPajJyS3hjckEKzzci9mFruHaOfoN2ktYFOjQfY/ctMHLa
wPgKuFDV5J+dVANpT650Myx/JbbvmWhfAq+/eOG0JI0xy6Vt/UabMA==
-----END AGE ENCRYPTED FILE-----
- recipient: age159whjxeyw94xmkkephmtlur8e85xd9d5vnvkwkcayfv7el0neqfq863yga
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGbDlhNnZFaThtU2ZmQjJC
NG5XN3dKclc5ZXArb0twN3R1SDk1RytScWdRCjV3Mlg4VFU0N2krOU81YzVMN001
YUtiZFo5dE5HazJtSUhXOWxxaDhZOE0KLS0tIFBUZjZYdUZpTUpzUlRZNTIwTUpQ
TnVXZ0RDUkVPdVhWa2NCMXA1ZEZvS0EKCV+DGcpjvVKZESXJsQb0He/NDszVQVMO
Bqmd5zooI1PrPngI1nTiqQY95UcNQT+RMlqBycL7cQIbRFRUdhFk5A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-11-30T18:44:29Z"
mac: ENC[AES256_GCM,data:SG6a5pWa3gMaSz9d9fOchUXtXbRTpMOXmbOjZo5Fdx8Es1MEDwezwscQaj9p1dzmGa+7U8UUUzMYxlg2SmGgGdPgCs0a5RQVYvQFNdgpRiuknflFMcdgXLv7XFsTqsqSmbN0O662YDvCcz4DWRKjNCZAimlLym8pwDihj1D8dcU=,iv:JmCbcazDK2KPyYsoVy39sr4IbfiGfmGoopit5ojVADk=,tag:6tKYfMkJBjsThaa4qLqobw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.1