diff --git a/clan.nix b/clan.nix index 92e13a2..874586a 100644 --- a/clan.nix +++ b/clan.nix @@ -7,25 +7,29 @@ inventory.machines = { m1 = { - name = "Management node 1"; + name = "management-1"; + description = "Management node 1"; machineClass = "nixos"; - tags = [ "cloud:amarth" "region:oss" "nodeType:management" "criticallity: medium" "" ]; + tags = [ "cloud:amarth" "region:oss" "nodeType:management" "criticallity:critical" "" ]; deploy.targetHost = "root@192.168.1.222"; }; c1 = { - name = "Compute node 1"; + name = "compute-1"; + description = "Compute node 1"; machineClass = "nixos"; - tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity: medium" "" ]; + tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity:medium" "" ]; }; c2 = { - name = "Compute node 2"; + name = "compute-2"; + description = "Compute node 2"; machineClass = "nixos"; - tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity: medium" "" ]; + tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity:medium" "" ]; }; c3 = { - name = "Compute node 3"; + name = "compute-3"; + description = "Compute node 3"; machineClass = "nixos"; - tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity: medium" "" ]; + tags = [ "cloud:amarth" "region:oss" "nodeType:compute" "criticallity:medium" "" ]; }; }; @@ -45,24 +49,28 @@ zitadel = { module = { - name = "@amarth/zitadel"; + name = "zitadel"; input = "amarth-services"; }; - roles.controller.machines."m1" = {}; + roles.controller = { + machines."m1" = {}; + settings = { + hostName = "auth.amarth.cloud"; + displayName = "Amarth"; + }; + }; }; k3s = { module = { - name = "@amarth/k3s"; - input = "amarth"; + name = "k3s"; + input = "amarth-services"; }; roles.server.machines."c1" = {}; - roles.agent.machines."c2" = {}; roles.agent.machines."c3" = {}; ->>>>>>> 81bc14dcb9b649451939a01d3828ca4c170dc897 }; }; @@ -70,8 +78,26 @@ # machines/jon/configuration.nix will be automatically imported. # See: https://docs.clan.lol/guides/more-machines/#automatic-registration machines = { - m1 = { config, pkgs, ... }: { - environment.systemPackages = [ pkgs.asciinema ]; + # m1 = { config, pkgs, ... }: { + # environment.systemPackages = [ pkgs.asciinema ]; + + # nixpkgs.hostPlatform = "x86_64-linux"; + # }; + m1 = { + nixpkgs.hostPlatform = "x86_64-linux"; + networking.domain = "amarth.local"; + }; + c1 = { + nixpkgs.hostPlatform = "x86_64-linux"; + networking.domain = "amarth.local"; + }; + c2 = { + nixpkgs.hostPlatform = "x86_64-linux"; + networking.domain = "amarth.local"; + }; + c3 = { + nixpkgs.hostPlatform = "x86_64-linux"; + networking.domain = "amarth.local"; }; }; } diff --git a/devShells/flake-module.nix b/devShells/flake-module.nix new file mode 100644 index 0000000..6fa23fd --- /dev/null +++ b/devShells/flake-module.nix @@ -0,0 +1,12 @@ +{ + perSystem = { pkgs, inputs', ... }: { + devShells.default = pkgs.mkShellNoCC { + packages = with pkgs; [ + bash + sops + + inputs'.clan-core.packages.clan-cli + ]; + }; + }; +} \ No newline at end of file diff --git a/flake.lock b/flake.lock index d9f9b6f..287fa11 100644 --- a/flake.lock +++ b/flake.lock @@ -5,14 +5,15 @@ "clan-core": "clan-core", "devshell": "devshell", "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_2", + "systems": "systems_2" }, "locked": { - "lastModified": 1758132307, - "narHash": "sha256-qO40PUZ6OJnBGPWA4wXG0TnKAcgM+CQhroKHFle8O88=", + "lastModified": 1758197467, + "narHash": "sha256-3LciQLDSdPaD/rgcVCk3V62XlCtDFLdRy/NkbUbkgAY=", "ref": "refs/heads/main", - "rev": "bf272f660796f765c2919a2e4a75441556604d18", - "revCount": 12, + "rev": "9f16bb29ab94268c8177d4965f621319dfb5bad7", + "revCount": 39, "type": "git", "url": "https://git.amarth.cloud/amarth/services" }, @@ -66,15 +67,15 @@ "nixpkgs" ], "sops-nix": "sops-nix_2", - "systems": "systems_2", + "systems": "systems_3", "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1758121565, - "narHash": "sha256-y37cz5A+EFMBvWi0/S+wrkTMHGQnDb7cifqZoIfSRHE=", - "rev": "b7798f54666fe61d8b16b5c45c39fac97e2d2e60", + "lastModified": 1758189924, + "narHash": "sha256-qBoYADWqfKPhr5D0Sz8vWa3BrWbMH2boAh3qfEdUkmg=", + "rev": "e03fcc25e7846c74b04eb73ed577bb7b20629356", "type": "tarball", - "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/b7798f54666fe61d8b16b5c45c39fac97e2d2e60.tar.gz" + "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/e03fcc25e7846c74b04eb73ed577bb7b20629356.tar.gz" }, "original": { "type": "tarball", @@ -204,11 +205,11 @@ ] }, "locked": { - "lastModified": 1757508292, - "narHash": "sha256-7lVWL5bC6xBIMWWDal41LlGAG+9u2zUorqo3QCUL4p4=", + "lastModified": 1758160037, + "narHash": "sha256-fXelTdjdILspZ1IUU9aICB1+PXwSFiF8j+7ujwo1VpQ=", "owner": "nix-community", "repo": "disko", - "rev": "146f45bee02b8bd88812cfce6ffc0f933788875a", + "rev": "4f554162fff88e77655073d352eec0cea71103a2", "type": "github" }, "original": { @@ -407,11 +408,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1757745802, - "narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=", + "lastModified": 1758035966, + "narHash": "sha256-qqIJ3yxPiB0ZQTT9//nFGQYn8X/PBoJbofA7hRKZnmE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1", + "rev": "8d4ddb19d03c65a36ad8d189d001dc32ffb0306b", "type": "github" }, "original": { @@ -489,6 +490,20 @@ } }, "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "id": "systems", + "type": "indirect" + } + }, + "systems_3": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", diff --git a/flake.nix b/flake.nix index e096edf..e9fb98f 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,8 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs?ref=nixos-unstable"; + nixpkgs = { + url = "github:NixOS/nixpkgs?ref=nixos-unstable"; + }; flake-parts = { url = "github:hercules-ci/flake-parts"; @@ -23,59 +25,18 @@ }; outputs = - inputs@{ flake-parts, ... }: + inputs@{ flake-parts, self, clan-core, ... }: flake-parts.lib.mkFlake { inherit inputs; } ({ ... }: { systems = [ "x86_64-linux" ]; imports = [ - inputs.clan-core.flakeModules.default - inputs.devshell.flakeModule - ./clan.nix + clan-core.flakeModules.default + + ./devShells/flake-module.nix ]; - perSystem = { system, ... }: { - devshells = { - default = { - packages = [ inputs.clan-core.packages.${system}.clan-cli ]; - }; - }; - }; + clan = import ./clan.nix; }); - - # outputs = - # { - # self, - # clan-core, - # nixpkgs, - # ... - # }@inputs: - # let - # # Usage see: https://docs.clan.lol - # clan = clan-core.lib.clan { - # inherit self; - # imports = [ ./clan.nix ]; - # specialArgs = { inherit inputs; }; - # }; - # in - # { - # inherit (clan.config) nixosConfigurations nixosModules clanInternals; - # clan = clan.config; - # # Add the Clan cli tool to the dev shell. - # # Use "nix develop" to enter the dev shell. - # devShells = - # nixpkgs.lib.genAttrs - # [ - # "x86_64-linux" - # "aarch64-linux" - # "aarch64-darwin" - # "x86_64-darwin" - # ] - # (system: { - # default = clan-core.inputs.nixpkgs.legacyPackages.${system}.mkShell { - # packages = [ clan-core.packages.${system}.clan-cli ]; - # }; - # }); - # }; } diff --git a/machines/c1/disko.nix b/machines/c1/disko.nix new file mode 100644 index 0000000..01879d1 --- /dev/null +++ b/machines/c1/disko.nix @@ -0,0 +1,50 @@ +# --- +# schema = "single-disk" +# [placeholders] +# mainDisk = "/dev/disk/by-id/ata-SAMSUNG_MZ7LN256HAJQ-000H1_S3TCNE0JA38335" +# --- +# This file was automatically generated! +# CHANGING this configuration requires wiping and reinstalling the machine +{ + + boot.loader.grub.efiSupport = true; + boot.loader.grub.efiInstallAsRemovable = true; + boot.loader.grub.enable = true; + disko.devices = { + disk = { + main = { + name = "main-a122d42601d5437687431cfd63ed44e9"; + device = "/dev/disk/by-id/ata-SAMSUNG_MZ7LN256HAJQ-000H1_S3TCNE0JA38335"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + "boot" = { + size = "1M"; + type = "EF02"; # for grub MBR + priority = 1; + }; + ESP = { + type = "EF00"; + size = "500M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/c2/disko.nix b/machines/c2/disko.nix new file mode 100644 index 0000000..01879d1 --- /dev/null +++ b/machines/c2/disko.nix @@ -0,0 +1,50 @@ +# --- +# schema = "single-disk" +# [placeholders] +# mainDisk = "/dev/disk/by-id/ata-SAMSUNG_MZ7LN256HAJQ-000H1_S3TCNE0JA38335" +# --- +# This file was automatically generated! +# CHANGING this configuration requires wiping and reinstalling the machine +{ + + boot.loader.grub.efiSupport = true; + boot.loader.grub.efiInstallAsRemovable = true; + boot.loader.grub.enable = true; + disko.devices = { + disk = { + main = { + name = "main-a122d42601d5437687431cfd63ed44e9"; + device = "/dev/disk/by-id/ata-SAMSUNG_MZ7LN256HAJQ-000H1_S3TCNE0JA38335"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + "boot" = { + size = "1M"; + type = "EF02"; # for grub MBR + priority = 1; + }; + ESP = { + type = "EF00"; + size = "500M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/c3/disko.nix b/machines/c3/disko.nix new file mode 100644 index 0000000..01879d1 --- /dev/null +++ b/machines/c3/disko.nix @@ -0,0 +1,50 @@ +# --- +# schema = "single-disk" +# [placeholders] +# mainDisk = "/dev/disk/by-id/ata-SAMSUNG_MZ7LN256HAJQ-000H1_S3TCNE0JA38335" +# --- +# This file was automatically generated! +# CHANGING this configuration requires wiping and reinstalling the machine +{ + + boot.loader.grub.efiSupport = true; + boot.loader.grub.efiInstallAsRemovable = true; + boot.loader.grub.enable = true; + disko.devices = { + disk = { + main = { + name = "main-a122d42601d5437687431cfd63ed44e9"; + device = "/dev/disk/by-id/ata-SAMSUNG_MZ7LN256HAJQ-000H1_S3TCNE0JA38335"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + "boot" = { + size = "1M"; + type = "EF02"; # for grub MBR + priority = 1; + }; + ESP = { + type = "EF00"; + size = "500M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/m1/configuration.nix b/machines/m1/configuration.nix index 9e26dfe..7a73a41 100644 --- a/machines/m1/configuration.nix +++ b/machines/m1/configuration.nix @@ -1 +1,2 @@ -{} \ No newline at end of file +{ +} \ No newline at end of file diff --git a/modules/gnome.nix b/modules/gnome.nix deleted file mode 100644 index d36b852..0000000 --- a/modules/gnome.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ ... }: -{ - # Can be imported into machines to enable GNOME and GDM. - # - # Copy this into a machine's configuration: - # `machines//configuration.nix` - # ```nix - # imports = [ - # ../../modules/gnome.nix - # ]; - # ``` - - services.displayManager.gdm.enable = true; - services.desktopManager.gnome.enable = true; -} diff --git a/sops/secrets/c1-age.key/users/chris b/sops/secrets/c1-age.key/users/chris deleted file mode 120000 index 1d434d3..0000000 --- a/sops/secrets/c1-age.key/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../users/chris \ No newline at end of file diff --git a/sops/secrets/c2-age.key/users/chris b/sops/secrets/c2-age.key/users/chris deleted file mode 120000 index 1d434d3..0000000 --- a/sops/secrets/c2-age.key/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../users/chris \ No newline at end of file diff --git a/sops/secrets/c3-age.key/users/chris b/sops/secrets/c3-age.key/users/chris deleted file mode 120000 index 1d434d3..0000000 --- a/sops/secrets/c3-age.key/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../users/chris \ No newline at end of file diff --git a/sops/secrets/m1-age.key/users/chris b/sops/secrets/m1-age.key/users/chris deleted file mode 120000 index 1d434d3..0000000 --- a/sops/secrets/m1-age.key/users/chris +++ /dev/null @@ -1 +0,0 @@ -../../../users/chris \ No newline at end of file diff --git a/vars/per-machine/c1/k3s/ip_v4/value b/vars/per-machine/c1/k3s/ip_v4/value new file mode 100644 index 0000000..7b9ad53 --- /dev/null +++ b/vars/per-machine/c1/k3s/ip_v4/value @@ -0,0 +1 @@ +127.0.0.1 diff --git a/vars/per-machine/c1/k3s/ip_v6/value b/vars/per-machine/c1/k3s/ip_v6/value new file mode 100644 index 0000000..20e29b1 --- /dev/null +++ b/vars/per-machine/c1/k3s/ip_v6/value @@ -0,0 +1 @@ +::1 diff --git a/vars/per-machine/c1/k3s/token/secret b/vars/per-machine/c1/k3s/token/secret new file mode 100644 index 0000000..3d07cc2 --- /dev/null +++ b/vars/per-machine/c1/k3s/token/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:MtwZ3Fc2LPNs1ldihofchR4ZVXbcv3bvAcI49Wsqoe7LVAOmuo8tk+0F0DZxlcsZrnyI,iv:oQ0xLxs/IzfrbsA4WH3fiH1P8oTvwOQ460xabFg7j1k=,tag:PJO/rxi9ReZTlXi703UGgw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19cnepqj2xclqwgv9esldz3znsezxazz0599ctkn2t5znsvxjxdjqvnxl80", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2WW40aExiWjB4OTlyU1RU\nQThRcml1N1RBSlJhUDhiVTB3TGE5MVpQTm5vClo1bEhyT1lYMWpWaCtndm12NHJS\nUi80RmUwdW5sODBDK0dyUVd3VEcvQTgKLS0tIHJGbmluUi9hQVIrRWZhaEVwcE9U\nenc3MEZvM2ZyOE5uRENwQmxKUXpQMncKiaOpoGlMteGv0mNsG9fPjN5ZWh966hH4\nFXuUkcViZAdesFuaiGXHbyD/UvQpiY2PknQTSWlyy51ah6/gjgq7ew==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1ewes0f5snqx3sh5ul6fa6qtxzhd25829v6mf5rx2wnheat6fefps5rme2x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBONXpzaVF6RjhCVlE3ZWdm\nUUNTL3E4UzE2SGZReWQrNGpaM2R6ZWRRSkI0CnNwQVQvUjc4b25OR1Vwa3lKVTVJ\nWHZJM2ZMV3V0RHc2NmlQaXBXUFRVOEEKLS0tIFpVY0lqUmlSMVR5amNyV1VmUlBw\namxrN2NvQnlKeVE1aE9NazloN3pubEEKfj1FFC+aLeqX8Lt1tnYAaS5pLZEEAZdL\nCJRNXEa4W+++dDsGEbK4iHy9DtHFeATPcd3TnpGKeUTThIUvOhajrw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-18T09:45:49Z", + "mac": "ENC[AES256_GCM,data:o7owG4EgbZi7wwdCDI/KKFIkRTeALUCsB92TIBip9ZZ2nHyXv7+r5KctHIAEZIIkoTR6FNs7riosA1Td7RbZGkVlSQa/D4vuoFTLQTt+N9ZFnWaz50SYEOkfH6ofieB6zI+JH4RyuDedha+1cVlCzDmZWHsj+bXXXE4Scx04aj4=,iv:pbF/vWAPsgCa/oG7bilALTJMnlfgsuv5mpcCRgemkWE=,tag:VUBavWjXJXLNIM5jumY+Cg==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/per-machine/c2/zerotier/zerotier-identity-secret/secret b/vars/per-machine/c2/zerotier/zerotier-identity-secret/secret new file mode 100644 index 0000000..05de9b7 --- /dev/null +++ b/vars/per-machine/c2/zerotier/zerotier-identity-secret/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:0dqzliabPL2ZKLkr+x6GQ4mVlNq8WD1k5dRw1ohqzxtgAuhxeB3yDWVaWtpQT6LQwbcHkQG5eLddgSdGHiKdj3YdSWbqdasL23r5NBxqmdekrvVe2dusAEhhcKIokj0WziOIkti/UBLJsRU71/mba/q6wyCkCUFQvnHML5xz/657dfLqFo6dY4P1Am7hiClADGAZpLIhxS2P1RO2GaOG+BjLNm8KpytKxb1gATsGdQDHTFFtF0S1TuerTASQ2+34v9r/2p92AACliN0uuajD8e2Ev/vr/ZaQmmvws7q23qQoIxjApM7EtRZfQu1LacY8DjiKDT8m22Q5rp7Pf3/IqHnzPf2OmyK2Ln40NOvq,iv:DYig33lqxLoyjbNUJyZRTwaTR0eyfnx70rMN9FSdFWU=,tag:X3dkhi1A05SQNTQtTed79Q==,type:str]", + "sops": { + "age": [ + { + "recipient": "age10uarjm0d8udtzarf3j7n6tfydsr0crwjv20j0yg8xyvcf2a4jafssqn344", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSOFJTM25SNkdVRWdyM3Na\nV3NvQ3k4UTRrUEdNT0tTdzVwTmtiMk9hdGpjCk4rSExIQW1zS1F6MTRiTHJTK2RN\nQVhISjlWM2tpUERlbmM3STJrNElwdDgKLS0tIG9jTWVsRFlLZmF4bUZLVE1HYU9X\nN0xoTEF3SkhmYlhUa1RwbWI2ZzVvWGsKCSXEWIwO0P0TrCICAb265eGE+M/N5uFv\nm05i9y3SnWK4NsQ3lcUA92lYadLsXUUHRuATze7vz3PKgDm7/bGBzg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1ewes0f5snqx3sh5ul6fa6qtxzhd25829v6mf5rx2wnheat6fefps5rme2x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5ejJpSEZWYm9lQlBNc1g2\nSHNsb242R3NjUVdUWjJrWTlGRWZ1L1R0enljCmloOXNta0pQWVJzK0FFc3Z5VnBp\nNlV1L3o3SHpOSDNsTEZwRmpHWlVab0EKLS0tIGgvdGF6ZUtJMDA4U3RaSm40ckhk\nc0xwWXF1TmFGSUdxc29qZG5saS9NV2cKTMGeNYas82xp9ynLb5eOTbQKonGFG6Ig\nYfnGqj/nCQUk6J1QYiY07/FLU5Wldu5jWdCYkVxN+pX6v7tdFRmxLA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-18T09:47:31Z", + "mac": "ENC[AES256_GCM,data:CBRUFJSmGo1OltMNhivUg9Zioygv+rWMbIyJXKBAnUS2P4j2jwV5bPE3KhnXmzkoVP1SrAYstd9Ht9Zx1KHeU0B0E0OKiJPT30dpDflFPja707P94kxHvnkIkALkLbJiW9dgHF6uQOMvupn6iTN/O30EmIPOnBZFj7kfuBmwaiQ=,iv:N6n7GlOnr6NdbBmW/B4XO+CgC+pMuiBFQjprltQ5+p0=,tag:XLMti3OM3dz7pK1WBFgd4w==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/per-machine/c2/zerotier/zerotier-ip/value b/vars/per-machine/c2/zerotier/zerotier-ip/value new file mode 100644 index 0000000..b4c98a3 --- /dev/null +++ b/vars/per-machine/c2/zerotier/zerotier-ip/value @@ -0,0 +1 @@ +fd03:2623:9523:e639:2899:9304:1bc9:4a52 \ No newline at end of file diff --git a/vars/per-machine/c3/zerotier/zerotier-identity-secret/secret b/vars/per-machine/c3/zerotier/zerotier-identity-secret/secret new file mode 100644 index 0000000..b594327 --- /dev/null +++ b/vars/per-machine/c3/zerotier/zerotier-identity-secret/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:Vq+/jlokkShxyCXZj984waAaw9LKqz1JD6ezoR9u/5yDoWPt7k/qGO/yo/g1VWIWrwF7APoP7Nx3Sk5F4xiYLh3iSD93zFfSyT6qAYfG3LW9kBe1w+GvHdx7C4AyZL2pHb66RkTzi+dosdI6KuZemqPwfZS/FBUKObiNWeaXz/pMsucRcUt7FqqpGjeDZTZr+avGLWzfxv8tIZ7RSIL5rbEpinDe/RsKJBVEYqI59rm/NJoOM8V/dkxh3vFkY5X4g4Fh97CkHrNKBfeIrDKDfO7pZ1I4UsZiwUojsDaOaGPkKXNwCGyY7X/AmAoDSEOMFF7S3pcjraO0UZq2/iId95o9FtZ7nVwLkp90Zbwg,iv:O8lENuRf9cP2dC3AjBkvNFY/HLIJJoggWKlvC67d6lo=,tag:uww8yvF9LDY57CmML/VHIw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1axpkt9hv6nat3hqsz69h2ps83q8dqkadg97s3a6yyycqdg5tdy3q5dxtkg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyelNvNDdTWlNjSUhEK21r\nTTNPeml4NzF3aElQWVRkK3YyZzRyTGZLamhZCkRYNlJQRkRFc1RPUEM0UmpYWWFP\nV1E4LzlqME1FWmlyT0VTcmoyeVp1VEkKLS0tIE5Tc3RWeG8xOGFpM0JuRHV2NnJl\nQy9VNXZ6OGQva1R2ZGdIc3BrRCtEMW8KgZ+gJzJpzTluyQrH3NVvtP4wN0oFS1I1\nLCCv5S2dpKw6IG6388Cv7BCoA6dRuI/ijHNimGxrXARXgqKQjzQHfQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1ewes0f5snqx3sh5ul6fa6qtxzhd25829v6mf5rx2wnheat6fefps5rme2x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBaHFRcmpmK1V6angwY2Rm\nNmFsRGgra1R4YUx4ckRkRlY1aDVNMC8ySFJJCmFXRE05UVlRaXMzVHcrZi9DNGR2\nMnZnaWNxWE5KZ2dhNVZJSCtRWC9HQU0KLS0tIFB3NDhwcW0yTUo5a3Q1VXZ4VmND\nb081aDVOT0lqYmVlSFBxSnpwWnB1WUUKaTrZaBYRHOT71wL0RC6Em3IVStMWK5pw\nTX6zEdyXrvkesWfvfp7FHA+mV0ju11BDNEVQJksRjnGToGCe98BwRg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-18T09:47:36Z", + "mac": "ENC[AES256_GCM,data:qK8okCuc1QuRqnWzDFE0eSJ/QflBxtHo/77J6M9jypBTMM3Qq3VFrh1QxDl4GLt5MfB0XxMcSEQk2775jAZmO5xQexO2LC5DBLV+C1OhObpla6/Fb9TbJfHctQfvuzEr8pCJo83E1g8dq9a6fu5s/eabvPaR5ARVT2ymaI2DtCc=,iv:YNeySSXy+sdzs8h/aoYCxeuOuiY1CeEdIWBMkmk6crk=,tag:FMg5nZZkoV/+Dx+Sk7t13Q==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +} diff --git a/vars/per-machine/c3/zerotier/zerotier-ip/value b/vars/per-machine/c3/zerotier/zerotier-ip/value new file mode 100644 index 0000000..19639e0 --- /dev/null +++ b/vars/per-machine/c3/zerotier/zerotier-ip/value @@ -0,0 +1 @@ +fd03:2623:9523:e639:2899:93e8:5d0:8ec6 \ No newline at end of file diff --git a/vars/per-machine/m1/zitadel/initialAdminPassword/value b/vars/per-machine/m1/zitadel/initialAdminPassword/value new file mode 100644 index 0000000..8ebc5e7 --- /dev/null +++ b/vars/per-machine/m1/zitadel/initialAdminPassword/value @@ -0,0 +1 @@ +aid7eixoo1Aecootoo5IeZ9ooc2imiekeeWovohyaecizaishi diff --git a/vars/per-machine/m1/zitadel/masterKey/secret b/vars/per-machine/m1/zitadel/masterKey/secret new file mode 100644 index 0000000..84189a4 --- /dev/null +++ b/vars/per-machine/m1/zitadel/masterKey/secret @@ -0,0 +1,19 @@ +{ + "data": "ENC[AES256_GCM,data:69+gMlRREra1/VDGefyY4uO3dNEMfg2PhUJWs8roGUw=,iv:4klTKyb+Hohc85p2oCLRQ+yO1G7AUWW8X694mUunPpk=,tag:h2l6sATSK+7QKreExWy6Yw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age12jttkmrt43ugulsn9q6y9u0hm2ec96nkfud3thfkrtsuyrpzcg2saan3mu", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwVVUwcEJERGk5ZDVJRTFt\nTzV2cVFhWjYyK1duT0QxVlhpVzhQMUJLM1MwCmxXM2kzajRXOTBkTk9ic3huUUow\nRXg2anNudFBsaU92YnBUVzZSbWE3NDAKLS0tIDhwd2d5cy9TU0YvT2pwUHgyR1Nr\neGl0Sk9meGJoUlIxMHI0VWtRSElTUFkKdgJIZ3avNeyR7q7w9rVTZKhMYmBGa4va\n9m+voQ4IKJbCQGeL+K6UKSU1uEYxkDwM0rLkAJGGo/wndwrJ5Cx+xQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1ewes0f5snqx3sh5ul6fa6qtxzhd25829v6mf5rx2wnheat6fefps5rme2x", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1Y0Q0UFZYTHpTNXdKMzNh\nbmluOU9oV3lBeG5CQS9NQ2FaTjMvVDNlSFJ3Cnd3Snh2QnZldDYyRDZtd1hTOVFF\neTlrS244ZFRsTVVKTGVEU1d2NmRFNVEKLS0tIGV1OWljTittTENEblFwMTNIVUho\nOUVCTEg3UU53SmhpT1lWNnhFbEpucHMKI1FK4lhef3Q5CRFcGHnCGeyumThLaG64\nGJfDwHLQDOEso4P76iu3cIDk2milg0k6rzZvvlunPuyYhMBLdQnO4w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2025-09-18T09:15:20Z", + "mac": "ENC[AES256_GCM,data:69bA5w6Qps1WVv1O5MrBNK66JlUla5HW2oWj2whz1ssJvH1DZzxZK+TQHHTM4ECgvl/6MR6pqqIDxIBjMI/CwYe9zAY7YrKYUM8XJCLt6c8c8C3SQwqaeojcjFKaZ2SSMLlG+wAMFQINjZxtctY9Vs0ayVBwnw8HG0YDb1Ir3b0=,iv:peNqi2leQcVjawrNTUEY80D184ZfkZ1xUzqqEg6b6Po=,tag:jkK76MKjm0lKGrLgFRa0Pw==,type:str]", + "unencrypted_suffix": "_unencrypted", + "version": "3.10.2" + } +}