diff --git a/.just/vars.just b/.just/vars.just index 9c63565..79c1bda 100644 --- a/.just/vars.just +++ b/.just/vars.just @@ -1,8 +1,8 @@ set unstable := true set quiet := true -machine_base_path := justfile_directory() + "/../machines" -secret_base_path := justfile_directory() + "/../systems/x86_64-linux" +machine_base_path := justfile_directory() + "/machines" +secret_base_path := justfile_directory() + "/systems/x86_64-linux" _default: just --list vars diff --git a/clan.nix b/clan.nix index b4429a9..83a59e7 100644 --- a/clan.nix +++ b/clan.nix @@ -65,7 +65,7 @@ }; inventory.instances = { - user-chris = { + users-chris = { module.name = "users"; module.input = "clan-core"; @@ -81,13 +81,33 @@ share = true; }; }; - }; - # machines = { - # mandos = {}; - # manwe = {}; - # orome = {}; - # tulkas = {}; - # ulmo = {}; - # }; + servarr = { + module.name = "servarr"; + module.input = "self"; + + roles.default.machines.ulmo.settings = {}; + roles.default.settings = { + enable = true; + services = { + sonarr = { + rootFolders = [ + "/var/media/series" + ]; + }; + radarr = { + rootFolders = [ + "/var/media/movies" + ]; + }; + lidarr = { + rootFolders = [ + "/var/media/music" + ]; + }; + prowlarr = {}; + }; + }; + }; + }; } diff --git a/clanServices/caddy/README.md b/clanServices/caddy/README.md new file mode 100644 index 0000000..e69de29 diff --git a/clanServices/caddy/default.nix b/clanServices/caddy/default.nix new file mode 100644 index 0000000..4350c62 --- /dev/null +++ b/clanServices/caddy/default.nix @@ -0,0 +1,23 @@ +{...}: { + _class = "clan.service"; + manifest = { + name = "arda/caddy"; + description = '' + Configuration of reverse proxy. + ''; + categories = [ "Service", "Media" ]; + readme = builtins.readFile ./README.md + }; + + roles.default = { + description = ''''; + + interface = {...}: { + options = {}; + }; + + perInstance = {...}: { + nixosModule = {...}: {}; + }; + }; +} diff --git a/clanServices/caddy/flake-module.nix b/clanServices/caddy/flake-module.nix new file mode 100644 index 0000000..10a5a52 --- /dev/null +++ b/clanServices/caddy/flake-module.nix @@ -0,0 +1,13 @@ +{...}: let + module = ./default.nix; +in { + clan.modules.caddy = module; + + # perSystem = {...}: { + # clan.nixosTests.caddy = { + # imports = []; + + # clan.modules."@arda/caddy" = module; + # }; + # }; +} diff --git a/clanServices/flake-module.nix b/clanServices/flake-module.nix new file mode 100644 index 0000000..141d07b --- /dev/null +++ b/clanServices/flake-module.nix @@ -0,0 +1,19 @@ +{lib, ...}: { + imports = + ./. + |> builtins.readDir + |> lib.attrsToList + |> builtins.map ({ + name, + value, + }: { + type = value; + path = ./. + "/${name}/flake-module.nix"; + }) + |> builtins.filter ({ + type, + path, + }: + type == "directory" && (builtins.pathExists path)) + |> builtins.map ({path, ...}: path); +} diff --git a/clanServices/peristance/README.md b/clanServices/peristance/README.md new file mode 100644 index 0000000..e69de29 diff --git a/clanServices/peristance/default.nix b/clanServices/peristance/default.nix new file mode 100644 index 0000000..25503ff --- /dev/null +++ b/clanServices/peristance/default.nix @@ -0,0 +1,24 @@ +{...}: { + _class = "clan.service"; + manifest = { + name = "arda/persistance"; + description = '' + Configuration of persistance resrouce(s) + (for now this means a database. and specifically it means postgres) + ''; + categories = [ "Service", "Peristance" ]; + readme = builtins.readFile ./README.md + }; + + roles.default = { + description = ''''; + + interface = {...}: { + options = {}; + }; + + perInstance = {...}: { + nixosModule = {...}: {}; + }; + }; +} diff --git a/clanServices/peristance/flake-module.nix b/clanServices/peristance/flake-module.nix new file mode 100644 index 0000000..4fc4110 --- /dev/null +++ b/clanServices/peristance/flake-module.nix @@ -0,0 +1,13 @@ +{...}: let + module = ./default.nix; +in { + clan.modules.peristance = module; + + # perSystem = {...}: { + # clan.nixosTests.peristance = { + # imports = []; + + # clan.modules."@arda/peristance" = module; + # }; + # }; +} diff --git a/clanServices/servarr/README.md b/clanServices/servarr/README.md new file mode 100644 index 0000000..e69de29 diff --git a/clanServices/servarr/default.nix b/clanServices/servarr/default.nix new file mode 100644 index 0000000..2394460 --- /dev/null +++ b/clanServices/servarr/default.nix @@ -0,0 +1,121 @@ +{lib, ...}: { + _class = "clan.service"; + manifest = { + name = "arda/servarr"; + description = ''''; + categories = ["Service" "Media"]; + readme = builtins.readFile ./README.md; + # exports.out = []; + }; + + # exports = {}; + + roles.default = { + description = ''''; + + interface = {lib, ...}: let + inherit (lib) mkOption mkEnableOption types; + in { + options = { + enable = mkEnableOption "Enable configured *arr services"; + services = mkOption { + type = types.attrsOf (types.submodule ({name, ...}: { + options = { + enable = mkEnableOption "Enable ${name}"; + debug = mkEnableOption "Use tofu plan instead of tofu apply for ${name} "; + + rootFolders = mkOption { + type = types.listOf types.str; + default = []; + }; + }; + })); + default = {}; + description = '' + Settings foreach *arr service + ''; + }; + }; + }; + + perInstance = { + instanceName, + settings, + machine, + roles, + ... + }: { + nixosModule = args @ { + config, + lib, + pkgs, + ... + }: let + servarr = import ./lib.nix (args // {inherit settings;}); + services = settings.services |> lib.attrNames; + service_count = services |> lib.length; + in { + imports = [ + (import ./sabnzbd.nix (args + // { + inherit settings; + port = 2000 + service_count + 1; + })) + (import ./qbittorrent.nix (args + // { + inherit settings; + port = 2000 + service_count + 2; + })) + (servarr.createModule settings.services) + ]; + + config = { + clan.core.vars.generators.servarr = rec { + dependencies = + services ++ ["sabnzbd" "qbittorrent"]; + + files."config.tfvars" = { + owner = "media"; + group = "media"; + mode = "0440"; + restartUnits = services |> lib.map (s: "${s}.service"); + }; + + script = '' + cat << EOL > $out/config.tfvars + ${ + services + |> lib.map (s: "${s}_api_key = \"$(cat $in/${s}/api_key)\"") + |> lib.join "\n" + } + qbittorrent_api_key = "$(cat $in/qbittorrent/password)" + sabnzbd_api_key = "$(cat $in/sabnzbd/api_key)" + EOL + ''; + }; + + services = { + flaresolverr = { + enable = true; + openFirewall = true; + port = 2000 + service_count + 3; + }; + + postgresql = { + ensureDatabases = services; + ensureUsers = + services + |> lib.map (service: { + name = service; + ensureDBOwnership = true; + }); + }; + }; + }; + }; + }; + }; + + perMachine = {...}: { + }; +} diff --git a/clanServices/servarr/flake-module.nix b/clanServices/servarr/flake-module.nix new file mode 100644 index 0000000..4a63342 --- /dev/null +++ b/clanServices/servarr/flake-module.nix @@ -0,0 +1,13 @@ +{...}: let + module = ./default.nix; +in { + clan.modules.servarr = module; + + # perSystem = {...}: { + # clan.nixosTests.servarr = { + # imports = []; + + # clan.modules."@arda/servarr" = module; + # }; + # }; +} diff --git a/clanServices/servarr/lib.nix b/clanServices/servarr/lib.nix new file mode 100644 index 0000000..45b2831 --- /dev/null +++ b/clanServices/servarr/lib.nix @@ -0,0 +1,317 @@ +{ + self, + config, + lib, + pkgs, + settings, + ... +}: let + inherit (lib) mkIf; + + createGenerator = { + service, + service_options, + ... + }: { + files = { + api_key = { + secret = true; + deploy = true; + owner = service; + group = "media"; + restartUnits = ["${service}.service"]; + }; + "config.env" = { + secret = true; + deploy = true; + owner = service; + group = "media"; + restartUnits = ["${service}.service"]; + }; + }; + + runtimeInputs = with pkgs; [pwgen]; + script = '' + pwgen -s 128 1 > $out/api_key + echo ${lib.toUpper service}__AUTH__APIKEY="$(cat $out/api_key)" > $out/config.env + ''; + }; + + createService = { + service, + service_options, + ... + }: + { + enable = true; + openFirewall = true; + + environmentFiles = [ + config.clan.core.vars.generators.${service}.files."config.env".path + ]; + + settings = { + auth.authenticationMethod = "External"; + + server = { + bindaddress = "0.0.0.0"; + port = service_options.port; + }; + + postgres = { + host = "localhost"; + port = "5432"; + user = service; + maindb = service; + logdb = service; + }; + }; + } + // (lib.optionalAttrs (lib.elem service ["radarr" "sonarr" "lidarr" "whisparr"]) { + user = service; + group = "media"; + }); + + createSystemdService = { + service, + service_options, + ... + }: let + tofu = lib.getExe pkgs.opentofu; + terraformConfiguration = self.inputs.terranix.lib.terranixConfiguration { + system = pkgs.stdenv.hostPlatform.system; + modules = [ + (createInfra {inherit service service_options;}) + ]; + }; + in { + description = "${service} apply infra"; + + wantedBy = ["multi-user.target"]; + wants = ["${service}.service"]; + + preStart = '' + install -d -m 0770 -o ${service} -g media /var/lib/${service}-apply-infra + ${ + service_options.rootFolders + |> lib.map (folder: "install -d -m 0770 -o media -g media ${folder}") + |> lib.join "\n" + } + ''; + + script = '' + # Sleep for a bit to give the service a chance to start up + sleep 5s + + if [ "$(systemctl is-active ${lib.escapeShellArg service})" != "active" ]; then + echo "${service} is not running" + exit 1 + fi + + # Print the path to the source for easier debugging + echo "config location: ${terraformConfiguration}" + + # Copy infra code into workspace + cp -f ${terraformConfiguration} config.tf.json + + # Initialize OpenTofu + ${tofu} init + + # Run the infrastructure code + ${tofu} \ + ${ + if service_options.debug + then "plan" + else "apply -auto-approve" + } \ + -var-file='${config.clan.core.vars.generators.servarr.files."config.tfvars".path}' + ''; + + serviceConfig = { + Type = "oneshot"; + User = service; + Group = "media"; + + WorkingDirectory = "/var/lib/${service}-apply-infra"; + + EnvironmentFile = [ + config.clan.core.vars.generators.${service}.files."config.env".path + ]; + }; + }; + + # Returns a module to be used in a modules list of terranix + createInfra = { + service, + service_options, + ... + }: terra: let + inherit (terra.lib) tfRef; + in { + variable = { + "${service}_api_key" = { + type = "string"; + description = "${service} API key"; + }; + + qbittorrent_api_key = { + type = "string"; + description = "qbittorrent api key"; + }; + + sabnzbd_api_key = { + type = "string"; + description = "sabnzbd api key"; + }; + }; + + terraform.required_providers.${service} = { + source = "devopsarr/${service}"; + version = + { + radarr = "2.3.5"; + sonarr = "3.4.2"; + prowlarr = "3.2.1"; + lidarr = "1.13.0"; + readarr = "2.1.0"; + whisparr = "1.2.0"; + }.${ + service + }; + }; + + provider.${service} = { + url = "http://[::1]:${toString service_options.port}"; + api_key = tfRef "var.${service}_api_key"; + }; + + resource = + { + "${service}_root_folder" = mkIf (lib.elem service ["radarr" "sonarr" "whisparr" "readarr"]) ( + service_options.rootFolders + |> lib.imap (i: f: lib.nameValuePair "local${toString i}" {path = f;}) + |> lib.listToAttrs + ); + + "${service}_download_client_qbittorrent" = mkIf (lib.elem service ["radarr" "sonarr" "lidarr" "whisparr"]) { + "main" = { + name = "qBittorrent"; + enable = true; + priority = 1; + host = "localhost"; + username = "admin"; + password = tfRef "var.qbittorrent_api_key"; + url_base = "/"; + port = config.services.qbittorrent.webuiPort; + }; + }; + + "${service}_download_client_sabnzbd" = mkIf (lib.elem service ["radarr" "sonarr" "lidarr" "whisparr"]) { + "main" = { + name = "SABnzbd"; + enable = true; + priority = 1; + host = "localhost"; + api_key = tfRef "var.sabnzbd_api_key"; + url_base = "/"; + port = config.services.sabnzbd.settings.misc.port; + }; + }; + } + // (lib.optionalAttrs (service == "prowlarr") ( + settings.services + |> lib.filterAttrs (s: _: lib.elem s ["radarr" "sonarr" "lidarr" "whisparr"]) + |> lib.mapAttrsToList (s: {port, ...}: { + "prowlarr_application_${s}"."main" = let + p = config.services.prowlarr.settings.server.port or 9696; + in { + name = s; + sync_level = "addOnly"; + base_url = "http://localhost:${toString port}"; + prowlarr_url = "http://localhost:${toString p}"; + api_key = tfRef "var.${s}_api_key"; + }; + }) + |> lib.concat [ + { + "prowlarr_indexer" = { + "nyaa" = { + enable = true; + + app_profile_id = 1; + priority = 1; + + name = "Nyaa"; + implementation = "Cardigann"; + config_contract = "CardigannSettings"; + protocol = "torrent"; + + fields = [ + { + name = "definitionFile"; + text_value = "nyaasi"; + } + { + name = "baseSettings.limitsUnit"; + number_value = 0; + } + { + name = "torrentBaseSettings.preferMagnetUrl"; + bool_value = false; + } + { + name = "prefer_magnet_links"; + bool_value = true; + } + { + name = "sonarr_compatibility"; + bool_value = false; + } + { + name = "strip_s01"; + bool_value = false; + } + { + name = "radarr_compatibility"; + bool_value = false; + } + { + name = "filter-id"; + number_value = 0; + } + { + name = "cat-id"; + number_value = 0; + } + { + name = "sort"; + number_value = 0; + } + { + name = "type"; + number_value = 1; + } + ]; + }; + }; + } + ] + |> lib.mkMerge + )); + }; +in { + createModule = services: {...}: { + config = + services + |> lib.attrsToList + |> lib.imap1 (i: service: o: let + service_options = o // {port = 2000 + i;}; + in { + clan.core.vars.generators.${service} = createGenerator {inherit service service_options;}; + services.${service} = createService {inherit service service_options;}; + + systemd.services."${service}-apply-infra" = lib.mkIf settings.enable (createSystemdService {inherit service service_options;}); + }) + |> lib.mkMerge; + }; +} diff --git a/clanServices/servarr/qbittorrent.nix b/clanServices/servarr/qbittorrent.nix new file mode 100644 index 0000000..dee52fd --- /dev/null +++ b/clanServices/servarr/qbittorrent.nix @@ -0,0 +1,96 @@ +{ + config, + pkgs, + lib, + settings, + port, + ... +}: { + clan.core.vars.generators.qbittorrent = let + hash_password = pkgs.writers.writePython3 "hashPassword" {} '' + import base64 + import hashlib + import sys + import uuid + + password = sys.argv[1] + salt = uuid.uuid4() + salt_bytes = salt.bytes + + password = str.encode(password) + hashed_password = hashlib.pbkdf2_hmac( + "sha512", + password, + salt_bytes, + 100000, + dklen=64 + ) + b64_salt = base64.b64encode(salt_bytes).decode("utf-8") + b64_password = base64.b64encode(hashed_password).decode("utf-8") + password_string = "@ByteArray({salt}:{password})".format( + salt=b64_salt, password=b64_password + ) + print(password_string) + ''; + in { + files = { + "password" = { + secret = true; + deploy = true; + }; + "password_hash" = { + secret = true; + deploy = true; + }; + "qBittorrent.conf" = { + secret = true; + deploy = true; + owner = "qbittorrent"; + group = "media"; + mode = "0660"; + restartUnits = ["qbittorrent.service"]; + }; + }; + + runtimeInputs = with pkgs; [pwgen hash_password]; + + script = '' + pwgen -s 128 1 > $out/password + + ${hash_password} $(cat $out/password) > $out/password_hash + + cat << EOF > $out/qBittorrent.conf + [LegalNotice] + Accepted=true + + [Preferences] + WebUI\AlternativeUIEnabled=true + WebUI\RootFolder=${pkgs.vuetorrent}/share/vuetorrent + WebUI\Username=admin + WebUI\Password_PBKDF2=$(cat $out/password_hash) + EOF + ''; + }; + + system.activationScripts.qbittorrent-config = { + deps = lib.optional (!config.sops.useSystemdActivation) "setupSecrets"; + # TODO: If sops-nix is switched to systemd activation, add a systemd unit + # for this install step that runs after sops-install-secrets.service, + # because this activation-script dependency only orders against setupSecrets. + text = '' + install -Dm0600 -o ${config.services.qbittorrent.user} -g ${config.services.qbittorrent.group} \ + ${config.clan.core.vars.generators.qbittorrent.files."qBittorrent.conf".path} \ + ${config.services.qbittorrent.profileDir}/qBittorrent/config/qBittorrent.conf + ''; + }; + + services.qbittorrent = { + enable = true; + openFirewall = true; + webuiPort = port; + serverConfig = lib.mkForce {}; + + user = "qbittorrent"; + group = "media"; + }; +} diff --git a/clanServices/servarr/sabnzbd.nix b/clanServices/servarr/sabnzbd.nix new file mode 100644 index 0000000..49ae9a2 --- /dev/null +++ b/clanServices/servarr/sabnzbd.nix @@ -0,0 +1,95 @@ +{ + config, + lib, + pkgs, + settings, + port, + ... +}: { + clan.core.vars.generators.sabnzbd = { + files = { + "api_key" = { + secret = true; + deploy = true; + }; + "nzb_key" = { + secret = true; + deploy = true; + }; + "config.ini" = { + secret = true; + deploy = true; + owner = "sabnzbd"; + group = "media"; + mode = "0660"; + }; + }; + + prompts = { + username = { + description = "usenet username"; + type = "hidden"; + persist = true; + }; + password = { + description = "usenet password"; + type = "hidden"; + persist = true; + }; + }; + + runtimeInputs = with pkgs; [pwgen]; + + script = '' + pwgen -s 128 1 > $out/api_key + pwgen -s 128 1 > $out/nzb_key + + cat << EOF > $out/config.ini + [misc] + api_key = $(cat $out/api_key) + nzb_key = $(cat $out/nzb_key) + + [servers] + [[news.sunnyusenet.com]] + username = $(cat $prompts/username) + password = $(cat $prompts/password) + EOF + ''; + }; + + services.sabnzbd = { + enable = true; + openFirewall = true; + + allowConfigWrite = false; + configFile = lib.mkForce null; + + secretFiles = [ + config.clan.core.vars.generators.sabnzbd.files."config.ini".path + ]; + + settings = { + misc = { + host = "0.0.0.0"; + port = port; + host_whitelist = "${config.networking.hostName}"; + + download_dir = "/var/media/downloads/incomplete"; + complete_dir = "/var/media/downloads/done"; + }; + + servers = { + "news.sunnyusenet.com" = { + name = "news.sunnyusenet.com"; + displayname = "news.sunnyusenet.com"; + host = "news.sunnyusenet.com"; + port = 563; + timeout = 60; + }; + }; + }; + + user = "sabnzbd"; + group = "media"; + }; +} diff --git a/flake.lock b/flake.lock index ec40c5c..a888110 100644 --- a/flake.lock +++ b/flake.lock @@ -351,27 +351,6 @@ "type": "github" } }, - "flake-parts_5": { - "inputs": { - "nixpkgs-lib": [ - "terranix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1736143030, - "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, "flux": { "inputs": { "mcman": "mcman", @@ -1091,7 +1070,9 @@ }, "terranix": { "inputs": { - "flake-parts": "flake-parts_5", + "flake-parts": [ + "flake-parts" + ], "nixpkgs": [ "nixpkgs" ], diff --git a/flake.nix b/flake.nix index 9694a61..7f59c27 100644 --- a/flake.nix +++ b/flake.nix @@ -27,6 +27,12 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + terranix = { + url = "github:terranix/terranix"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.flake-parts.follows = "flake-parts"; + }; + clan-core = { url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; inputs = { @@ -83,11 +89,6 @@ url = "github:vinceliuice/grub2-themes"; }; - terranix = { - url = "github:terranix/terranix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - mydia = { url = "github:chris-kruining/mydia"; # url = "github:getmydia/mydia"; @@ -108,8 +109,8 @@ flake-parts.flakeModules.modules clan-core.flakeModules.default home-manager.flakeModules.default - terranix.flakeModule ./packages/flake-module.nix + ./clanServices/flake-module.nix ]; perSystem = {system, ...}: { diff --git a/machines/mandos/configuration.nix b/machines/mandos/configuration.nix index cbeefc6..131b987 100644 --- a/machines/mandos/configuration.nix +++ b/machines/mandos/configuration.nix @@ -1,8 +1,15 @@ -{ ... }: -{ +{self, ...}: { imports = [ ./disks.nix ./hardware.nix + self.inputs.home-manager.nixosModules.home-manager + self.inputs.himmelblau.nixosModules.himmelblau + self.inputs.jovian.nixosModules.default + self.inputs.mydia.nixosModules.default + self.inputs.nix-minecraft.nixosModules.minecraft-servers + self.inputs.nvf.nixosModules.default + self.inputs.sops-nix.nixosModules.sops + (self.inputs.import-tree ../../modules/nixos) ]; nixpkgs.hostPlatform = "x86_64-linux"; diff --git a/machines/manwe/configuration.nix b/machines/manwe/configuration.nix index ec052be..98bc5ed 100644 --- a/machines/manwe/configuration.nix +++ b/machines/manwe/configuration.nix @@ -1,16 +1,51 @@ -{ pkgs, ...}: { +{ + self, + lib, + pkgs, + ... +}: { + _module.args = { + pkgs = lib.mkForce (import self.inputs.nixpkgs { + system = "x86_64-linux"; + + overlays = with self.inputs; [ + fenix.overlays.default + nix-minecraft.overlay + flux.overlays.default + ]; + + config = { + allowUnfree = true; + + permittedInsecurePackages = [ + # I think this is because of zen + "qtwebengine-5.15.19" + + # For mautrix-signal, the matrix to signal bridge + "olm-3.2.16" + ]; + }; + }); + }; + imports = [ ./disks.nix ./hardware.nix + self.inputs.home-manager.nixosModules.home-manager + self.inputs.himmelblau.nixosModules.himmelblau + self.inputs.jovian.nixosModules.default + self.inputs.mydia.nixosModules.default + self.inputs.nix-minecraft.nixosModules.minecraft-servers + self.inputs.nvf.nixosModules.default + self.inputs.sops-nix.nixosModules.sops + (self.inputs.import-tree ../../modules/nixos) ]; - nixpkgs.hostPlatform = "x86_64-linux"; - system.activationScripts.remove-gtkrc.text = "rm -f /home/chris/.gtkrc-2.0"; services.logrotate.checkConfig = false; - environment.systemPackages = with pkgs; [ beyond-all-reason openrct2 ]; + environment.systemPackages = with pkgs; [beyond-all-reason openrct2]; sneeuwvlok = { hardware.has = { @@ -41,4 +76,4 @@ }; system.stateVersion = "23.11"; -} \ No newline at end of file +} diff --git a/machines/manwe/hardware.nix b/machines/manwe/hardware.nix index 3686637..8c48c1c 100644 --- a/machines/manwe/hardware.nix +++ b/machines/manwe/hardware.nix @@ -1,18 +1,18 @@ -{ config, lib, pkgs, modulesPath, ... }: -let - inherit (lib.modules) mkDefault; -in { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - + config, + lib, + ... +}: let + inherit (lib.modules) mkDefault; +in { boot = { - initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - initrd.kernelModules = [ ]; - kernelModules = [ "kvm-amd" ]; + initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"]; + initrd.kernelModules = []; + kernelModules = ["kvm-amd"]; kernelParams = []; - extraModulePackages = [ ]; + extraModulePackages = []; }; - nixpkgs.hostPlatform = mkDefault pkgs.stdenv.hostPlatform.system; + nixpkgs.hostPlatform = "x86_64-linux"; hardware.cpu.amd.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/machines/orome/configuration.nix b/machines/orome/configuration.nix index 1762545..2c94238 100644 --- a/machines/orome/configuration.nix +++ b/machines/orome/configuration.nix @@ -1,7 +1,19 @@ -{pkgs, ...}: { +{ + self, + pkgs, + ... +}: { imports = [ ./disks.nix ./hardware.nix + self.inputs.home-manager.nixosModules.home-manager + self.inputs.himmelblau.nixosModules.himmelblau + self.inputs.jovian.nixosModules.default + self.inputs.mydia.nixosModules.default + self.inputs.nix-minecraft.nixosModules.minecraft-servers + self.inputs.nvf.nixosModules.default + self.inputs.sops-nix.nixosModules.sops + (self.inputs.import-tree ../../modules/nixos) ]; nixpkgs.hostPlatform = "x86_64-linux"; diff --git a/machines/tulkas/configuration.nix b/machines/tulkas/configuration.nix index ff3750b..bbfe3d8 100644 --- a/machines/tulkas/configuration.nix +++ b/machines/tulkas/configuration.nix @@ -1,8 +1,15 @@ -{ ... }: -{ +{self, ...}: { imports = [ ./disks.nix ./hardware.nix + self.inputs.home-manager.nixosModules.home-manager + self.inputs.himmelblau.nixosModules.himmelblau + self.inputs.jovian.nixosModules.default + self.inputs.mydia.nixosModules.default + self.inputs.nix-minecraft.nixosModules.minecraft-servers + self.inputs.nvf.nixosModules.default + self.inputs.sops-nix.nixosModules.sops + (self.inputs.import-tree ../../modules/nixos) ]; nixpkgs.hostPlatform = "x86_64-linux"; @@ -31,4 +38,4 @@ }; system.stateVersion = "23.11"; -} \ No newline at end of file +} diff --git a/machines/ulmo/configuration.nix b/machines/ulmo/configuration.nix index 49c2896..0fa4431 100644 --- a/machines/ulmo/configuration.nix +++ b/machines/ulmo/configuration.nix @@ -223,39 +223,39 @@ media.mydia.enable = true; media.nfs.enable = true; media.jellyfin.enable = true; - media.servarr = { - radarr = { - enable = true; - port = 2001; - rootFolders = [ - "/var/media/movies" - ]; - }; + # media.servarr = { + # radarr = { + # enable = true; + # port = 2001; + # rootFolders = [ + # "/var/media/movies" + # ]; + # }; - sonarr = { - enable = true; - # debug = true; - port = 2002; - rootFolders = [ - "/var/media/series" - ]; - }; + # sonarr = { + # enable = true; + # # debug = true; + # port = 2002; + # rootFolders = [ + # "/var/media/series" + # ]; + # }; - lidarr = { - enable = true; - debug = true; - port = 2003; - rootFolders = [ - "/var/media/music" - ]; - }; + # lidarr = { + # enable = true; + # debug = true; + # port = 2003; + # rootFolders = [ + # "/var/media/music" + # ]; + # }; - prowlarr = { - enable = true; - # debug = true; - port = 2004; - }; - }; + # prowlarr = { + # enable = true; + # # debug = true; + # port = 2004; + # }; + # }; observability = { grafana.enable = true; diff --git a/modules/home/application/bitwarden/default.nix b/modules/home/application/bitwarden.nix similarity index 100% rename from modules/home/application/bitwarden/default.nix rename to modules/home/application/bitwarden.nix diff --git a/modules/home/application/chrome/default.nix b/modules/home/application/chrome.nix similarity index 100% rename from modules/home/application/chrome/default.nix rename to modules/home/application/chrome.nix diff --git a/modules/home/application/default.nix b/modules/home/application/default.nix deleted file mode 100644 index a8eb524..0000000 --- a/modules/home/application/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - imports = [ - ./bitwarden - ./chrome - ./discord - ./ladybird - ./matrix - ./obs - ./onlyoffice - ./signal - ./steam - ./studio - ./teamspeak - ./thunderbird - ./zen - ]; -} diff --git a/modules/home/application/discord/default.nix b/modules/home/application/discord.nix similarity index 100% rename from modules/home/application/discord/default.nix rename to modules/home/application/discord.nix diff --git a/modules/home/application/ladybird/default.nix b/modules/home/application/ladybird.nix similarity index 100% rename from modules/home/application/ladybird/default.nix rename to modules/home/application/ladybird.nix diff --git a/modules/home/application/matrix/default.nix b/modules/home/application/matix.nix similarity index 100% rename from modules/home/application/matrix/default.nix rename to modules/home/application/matix.nix diff --git a/modules/home/application/obs/default.nix b/modules/home/application/obs.nix similarity index 100% rename from modules/home/application/obs/default.nix rename to modules/home/application/obs.nix diff --git a/modules/home/application/onlyoffice/default.nix b/modules/home/application/onlyoffice.nix similarity index 100% rename from modules/home/application/onlyoffice/default.nix rename to modules/home/application/onlyoffice.nix diff --git a/modules/home/application/signal/default.nix b/modules/home/application/signal.nix similarity index 100% rename from modules/home/application/signal/default.nix rename to modules/home/application/signal.nix diff --git a/modules/home/application/steam/default.nix b/modules/home/application/steam.nix similarity index 100% rename from modules/home/application/steam/default.nix rename to modules/home/application/steam.nix diff --git a/modules/home/application/studio/default.nix b/modules/home/application/studio.nix similarity index 100% rename from modules/home/application/studio/default.nix rename to modules/home/application/studio.nix diff --git a/modules/home/application/teamspeak/default.nix b/modules/home/application/teamspeak.nix similarity index 100% rename from modules/home/application/teamspeak/default.nix rename to modules/home/application/teamspeak.nix diff --git a/modules/home/application/thunderbird/default.nix b/modules/home/application/thunderbird.nix similarity index 100% rename from modules/home/application/thunderbird/default.nix rename to modules/home/application/thunderbird.nix diff --git a/modules/home/application/zen/default.nix b/modules/home/application/zen.nix similarity index 100% rename from modules/home/application/zen/default.nix rename to modules/home/application/zen.nix diff --git a/modules/home/default.nix b/modules/home/default.nix index 1adaef0..8140c1b 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -9,18 +9,6 @@ cfg = config.sneeuwvlok.defaults; in { - imports = [ - ./application - ./desktop - ./development - ./editor - ./game - ./home-manager - ./shell - ./terminal - ./themes - ]; - options.sneeuwvlok.defaults = { editor = mkOption { type = enum ["nano" "nvim" "zed"]; diff --git a/modules/home/desktop/default.nix b/modules/home/desktop/default.nix deleted file mode 100644 index 3498999..0000000 --- a/modules/home/desktop/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - imports = [ - ./plasma - ]; -} diff --git a/modules/home/development/default.nix b/modules/home/development/default.nix deleted file mode 100644 index d3e528a..0000000 --- a/modules/home/development/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - imports = [ - ./dotnet - ./javascript - ./rust - ]; -} diff --git a/modules/home/development/dotnet/default.nix b/modules/home/development/dotnet.nix similarity index 100% rename from modules/home/development/dotnet/default.nix rename to modules/home/development/dotnet.nix diff --git a/modules/home/development/javascript/default.nix b/modules/home/development/javascript.nix similarity index 100% rename from modules/home/development/javascript/default.nix rename to modules/home/development/javascript.nix diff --git a/modules/home/development/rust/default.nix b/modules/home/development/rust.nix similarity index 100% rename from modules/home/development/rust/default.nix rename to modules/home/development/rust.nix diff --git a/modules/home/editor/default.nix b/modules/home/editor/default.nix deleted file mode 100644 index b0cd9f4..0000000 --- a/modules/home/editor/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - imports = [ - ./nano - ./nvim - ./zed - ]; -} diff --git a/modules/home/editor/nano/default.nix b/modules/home/editor/nano.nix similarity index 100% rename from modules/home/editor/nano/default.nix rename to modules/home/editor/nano.nix diff --git a/modules/home/editor/nvim/default.nix b/modules/home/editor/nvim.nix similarity index 100% rename from modules/home/editor/nvim/default.nix rename to modules/home/editor/nvim.nix diff --git a/modules/home/editor/zed/default.nix b/modules/home/editor/zed.nix similarity index 100% rename from modules/home/editor/zed/default.nix rename to modules/home/editor/zed.nix diff --git a/modules/home/game/default.nix b/modules/home/game/default.nix deleted file mode 100644 index 639ea68..0000000 --- a/modules/home/game/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - imports = [ - ./minecraft - ]; -} diff --git a/modules/home/game/minecraft/default.nix b/modules/home/game/minescraft.nix similarity index 100% rename from modules/home/game/minecraft/default.nix rename to modules/home/game/minescraft.nix diff --git a/modules/home/shell/default.nix b/modules/home/shell/default.nix index 5639286..98a2054 100644 --- a/modules/home/shell/default.nix +++ b/modules/home/shell/default.nix @@ -8,11 +8,6 @@ cfg = config.sneeuwvlok.shell; in { - imports = [ - ./toolset - ./zsh - ]; - options.sneeuwvlok.shell = { corePkgs.enable = mkEnableOption "core shell packages"; }; diff --git a/modules/home/shell/toolset/bat/default.nix b/modules/home/shell/toolset/bat.nix similarity index 100% rename from modules/home/shell/toolset/bat/default.nix rename to modules/home/shell/toolset/bat.nix diff --git a/modules/home/shell/toolset/btop/default.nix b/modules/home/shell/toolset/btop.nix similarity index 100% rename from modules/home/shell/toolset/btop/default.nix rename to modules/home/shell/toolset/btop.nix diff --git a/modules/home/shell/toolset/default.nix b/modules/home/shell/toolset/default.nix deleted file mode 100644 index edc8c03..0000000 --- a/modules/home/shell/toolset/default.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - imports = [ - ./bat - ./btop - ./eza - ./fzf - ./git - ./gnugpg - ./just - ./starship - ./tmux - ./yazi - ./zellij - ./zoxide - ]; -} diff --git a/modules/home/shell/toolset/eza/default.nix b/modules/home/shell/toolset/eza.nix similarity index 100% rename from modules/home/shell/toolset/eza/default.nix rename to modules/home/shell/toolset/eza.nix diff --git a/modules/home/shell/toolset/fzf/default.nix b/modules/home/shell/toolset/fzf.nix similarity index 100% rename from modules/home/shell/toolset/fzf/default.nix rename to modules/home/shell/toolset/fzf.nix diff --git a/modules/home/shell/toolset/git/default.nix b/modules/home/shell/toolset/git.nix similarity index 100% rename from modules/home/shell/toolset/git/default.nix rename to modules/home/shell/toolset/git.nix diff --git a/modules/home/shell/toolset/gnugpg/default.nix b/modules/home/shell/toolset/gnupgp.nix similarity index 100% rename from modules/home/shell/toolset/gnugpg/default.nix rename to modules/home/shell/toolset/gnupgp.nix diff --git a/modules/home/shell/toolset/just/default.nix b/modules/home/shell/toolset/just.nix similarity index 100% rename from modules/home/shell/toolset/just/default.nix rename to modules/home/shell/toolset/just.nix diff --git a/modules/home/shell/toolset/starship/default.nix b/modules/home/shell/toolset/starship.nix similarity index 100% rename from modules/home/shell/toolset/starship/default.nix rename to modules/home/shell/toolset/starship.nix diff --git a/modules/home/shell/toolset/tmux/default.nix b/modules/home/shell/toolset/tmux.nix similarity index 100% rename from modules/home/shell/toolset/tmux/default.nix rename to modules/home/shell/toolset/tmux.nix diff --git a/modules/home/shell/toolset/yazi/default.nix b/modules/home/shell/toolset/yazi.nix similarity index 100% rename from modules/home/shell/toolset/yazi/default.nix rename to modules/home/shell/toolset/yazi.nix diff --git a/modules/home/shell/toolset/zellij/default.nix b/modules/home/shell/toolset/zellij.nix similarity index 100% rename from modules/home/shell/toolset/zellij/default.nix rename to modules/home/shell/toolset/zellij.nix diff --git a/modules/home/shell/toolset/zoxide/default.nix b/modules/home/shell/toolset/zoxide.nix similarity index 100% rename from modules/home/shell/toolset/zoxide/default.nix rename to modules/home/shell/toolset/zoxide.nix diff --git a/modules/home/shell/zsh/default.nix b/modules/home/shell/zsh.nix similarity index 100% rename from modules/home/shell/zsh/default.nix rename to modules/home/shell/zsh.nix diff --git a/modules/home/terminal/alacritty/default.nix b/modules/home/terminal/alacritty.nix similarity index 100% rename from modules/home/terminal/alacritty/default.nix rename to modules/home/terminal/alacritty.nix diff --git a/modules/home/terminal/default.nix b/modules/home/terminal/default.nix deleted file mode 100644 index 97d44fa..0000000 --- a/modules/home/terminal/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - imports = [ - ./alacritty - ./ghostty - ]; -} diff --git a/modules/home/terminal/ghostty/default.nix b/modules/home/terminal/ghostty.nix similarity index 100% rename from modules/home/terminal/ghostty/default.nix rename to modules/home/terminal/ghostty.nix diff --git a/modules/nixos/boot/default.nix b/modules/nixos/boot.nix similarity index 100% rename from modules/nixos/boot/default.nix rename to modules/nixos/boot.nix diff --git a/modules/nixos/desktop/cosmic/default.nix b/modules/nixos/desktop/cosmic.nix similarity index 100% rename from modules/nixos/desktop/cosmic/default.nix rename to modules/nixos/desktop/cosmic.nix diff --git a/modules/nixos/desktop/gamescope/default.nix b/modules/nixos/desktop/gamescope.nix similarity index 100% rename from modules/nixos/desktop/gamescope/default.nix rename to modules/nixos/desktop/gamescope.nix diff --git a/modules/nixos/desktop/gnome/default.nix b/modules/nixos/desktop/gnome.nix similarity index 100% rename from modules/nixos/desktop/gnome/default.nix rename to modules/nixos/desktop/gnome.nix diff --git a/modules/nixos/desktop/plasma/default.nix b/modules/nixos/desktop/plasma.nix similarity index 100% rename from modules/nixos/desktop/plasma/default.nix rename to modules/nixos/desktop/plasma.nix diff --git a/modules/nixos/editor/nano/default.nix b/modules/nixos/editor/nano.nix similarity index 100% rename from modules/nixos/editor/nano/default.nix rename to modules/nixos/editor/nano.nix diff --git a/modules/nixos/editor/nvim/default.nix b/modules/nixos/editor/nvim.nix similarity index 100% rename from modules/nixos/editor/nvim/default.nix rename to modules/nixos/editor/nvim.nix diff --git a/modules/nixos/hardware/audio/default.nix b/modules/nixos/hardware/audio.nix similarity index 100% rename from modules/nixos/hardware/audio/default.nix rename to modules/nixos/hardware/audio.nix diff --git a/modules/nixos/hardware/bluetooth/default.nix b/modules/nixos/hardware/bluetooth.nix similarity index 100% rename from modules/nixos/hardware/bluetooth/default.nix rename to modules/nixos/hardware/bluetooth.nix diff --git a/modules/nixos/home-manager/default.nix b/modules/nixos/home-manager.nix similarity index 100% rename from modules/nixos/home-manager/default.nix rename to modules/nixos/home-manager.nix diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix.nix similarity index 100% rename from modules/nixos/nix/default.nix rename to modules/nixos/nix.nix diff --git a/modules/nixos/services/authentication/authelia/default.nix b/modules/nixos/services/authentication/authelia.nix similarity index 100% rename from modules/nixos/services/authentication/authelia/default.nix rename to modules/nixos/services/authentication/authelia.nix diff --git a/modules/nixos/services/authentication/himmelblau/default.nix b/modules/nixos/services/authentication/himmelblau.nix similarity index 100% rename from modules/nixos/services/authentication/himmelblau/default.nix rename to modules/nixos/services/authentication/himmelblau.nix diff --git a/modules/nixos/services/authentication/zitadel/default.nix b/modules/nixos/services/authentication/zitadel.nix similarity index 100% rename from modules/nixos/services/authentication/zitadel/default.nix rename to modules/nixos/services/authentication/zitadel.nix diff --git a/modules/nixos/services/backup/borg/default.nix b/modules/nixos/services/backup/borg.nix similarity index 100% rename from modules/nixos/services/backup/borg/default.nix rename to modules/nixos/services/backup/borg.nix diff --git a/modules/nixos/services/communication/matrix/default.nix b/modules/nixos/services/communication/matrix.nix similarity index 100% rename from modules/nixos/services/communication/matrix/default.nix rename to modules/nixos/services/communication/matrix.nix diff --git a/modules/nixos/services/development/forgejo/default.nix b/modules/nixos/services/development/forgejo.nix similarity index 100% rename from modules/nixos/services/development/forgejo/default.nix rename to modules/nixos/services/development/forgejo.nix diff --git a/modules/nixos/services/games/minecraft/default.nix b/modules/nixos/services/games/minecraft.nix similarity index 100% rename from modules/nixos/services/games/minecraft/default.nix rename to modules/nixos/services/games/minecraft.nix diff --git a/modules/nixos/services/games/palworld/default.nix b/modules/nixos/services/games/palworld.nix similarity index 100% rename from modules/nixos/services/games/palworld/default.nix rename to modules/nixos/services/games/palworld.nix diff --git a/modules/nixos/services/media/glance/default.nix b/modules/nixos/services/media/glance.nix similarity index 100% rename from modules/nixos/services/media/glance/default.nix rename to modules/nixos/services/media/glance.nix diff --git a/modules/nixos/services/media/jellyfin/default.nix b/modules/nixos/services/media/jellyfin.nix similarity index 100% rename from modules/nixos/services/media/jellyfin/default.nix rename to modules/nixos/services/media/jellyfin.nix diff --git a/modules/nixos/services/media/mydia/default.nix b/modules/nixos/services/media/mydia.nix similarity index 100% rename from modules/nixos/services/media/mydia/default.nix rename to modules/nixos/services/media/mydia.nix diff --git a/modules/nixos/services/media/nextcloud/default.nix b/modules/nixos/services/media/nextcloud.nix similarity index 100% rename from modules/nixos/services/media/nextcloud/default.nix rename to modules/nixos/services/media/nextcloud.nix diff --git a/modules/nixos/services/media/nfs/default.nix b/modules/nixos/services/media/nfs.nix similarity index 100% rename from modules/nixos/services/media/nfs/default.nix rename to modules/nixos/services/media/nfs.nix diff --git a/modules/nixos/services/media/servarr/default.nix b/modules/nixos/services/media/servarr.nix similarity index 100% rename from modules/nixos/services/media/servarr/default.nix rename to modules/nixos/services/media/servarr.nix diff --git a/modules/nixos/services/media/servarr/lib.nix b/modules/nixos/services/media/servarr/lib.nix deleted file mode 100644 index 8ee412b..0000000 --- a/modules/nixos/services/media/servarr/lib.nix +++ /dev/null @@ -1,2 +0,0 @@ -{lib, ...}: { -} diff --git a/modules/nixos/services/networking/caddy/default.nix b/modules/nixos/services/networking/caddy.nix similarity index 100% rename from modules/nixos/services/networking/caddy/default.nix rename to modules/nixos/services/networking/caddy.nix diff --git a/modules/nixos/services/networking/ssh/default.nix b/modules/nixos/services/networking/ssh.nix similarity index 100% rename from modules/nixos/services/networking/ssh/default.nix rename to modules/nixos/services/networking/ssh.nix diff --git a/modules/nixos/services/networking/wireguard/default.nix b/modules/nixos/services/networking/wireguard.nix similarity index 90% rename from modules/nixos/services/networking/wireguard/default.nix rename to modules/nixos/services/networking/wireguard.nix index 01534c0..364395b 100644 --- a/modules/nixos/services/networking/wireguard/default.nix +++ b/modules/nixos/services/networking/wireguard.nix @@ -11,7 +11,7 @@ hasPeers = (cfg.peer |> attrNames |> length) > 0; in { options.sneeuwvlok.services.networking.wireguard = { - # enable = mkEnableOption "enable wireguard" // {default = true;}; + enable = mkEnableOption "enable wireguard" // {default = true;}; peer = mkOption { type = types.attrsOf (types.submodule { @@ -32,7 +32,7 @@ in { }; }; - config = mkIf hasPeers { + config = mkIf (cfg.enable && hasPeers) { # networking.firewall.allowedUDPPorts = cfg.peer |> lib.attrValues |> lib.map (p: p.port); # networking.wq-quick = { # # enable = cfg.enable; diff --git a/modules/nixos/services/observability/loki/default.nix b/modules/nixos/services/observability/loki.nix similarity index 100% rename from modules/nixos/services/observability/loki/default.nix rename to modules/nixos/services/observability/loki.nix diff --git a/modules/nixos/services/observability/prometheus/default.nix b/modules/nixos/services/observability/prometheus.nix similarity index 100% rename from modules/nixos/services/observability/prometheus/default.nix rename to modules/nixos/services/observability/prometheus.nix diff --git a/modules/nixos/services/observability/promtail/default.nix b/modules/nixos/services/observability/promtail.nix similarity index 100% rename from modules/nixos/services/observability/promtail/default.nix rename to modules/nixos/services/observability/promtail.nix diff --git a/modules/nixos/services/observability/uptime-kuma/default.nix b/modules/nixos/services/observability/uptime-kuma.nix similarity index 100% rename from modules/nixos/services/observability/uptime-kuma/default.nix rename to modules/nixos/services/observability/uptime-kuma.nix diff --git a/modules/nixos/services/persistance/postgesql/default.nix b/modules/nixos/services/persistance/postgresql.nix similarity index 100% rename from modules/nixos/services/persistance/postgesql/default.nix rename to modules/nixos/services/persistance/postgresql.nix diff --git a/modules/nixos/services/security/vaultwarden/default.nix b/modules/nixos/services/security/vaultwarden.nix similarity index 100% rename from modules/nixos/services/security/vaultwarden/default.nix rename to modules/nixos/services/security/vaultwarden.nix diff --git a/modules/nixos/services/virtualisation/podman/default.nix b/modules/nixos/services/virtualisation/podman.nix similarity index 100% rename from modules/nixos/services/virtualisation/podman/default.nix rename to modules/nixos/services/virtualisation/podman.nix diff --git a/modules/nixos/shells/zsh/default.nix b/modules/nixos/shells/zsh.nix similarity index 100% rename from modules/nixos/shells/zsh/default.nix rename to modules/nixos/shells/zsh.nix diff --git a/modules/nixos/system/networking/default.nix b/modules/nixos/system/networking.nix similarity index 100% rename from modules/nixos/system/networking/default.nix rename to modules/nixos/system/networking.nix diff --git a/modules/nixos/system/security/boot/default.nix b/modules/nixos/system/security/boot.nix similarity index 100% rename from modules/nixos/system/security/boot/default.nix rename to modules/nixos/system/security/boot.nix diff --git a/modules/nixos/system/security/sops/default.nix b/modules/nixos/system/security/sops.nix similarity index 100% rename from modules/nixos/system/security/sops/default.nix rename to modules/nixos/system/security/sops.nix diff --git a/modules/nixos/system/security/sudo/default.nix b/modules/nixos/system/security/sudo.nix similarity index 100% rename from modules/nixos/system/security/sudo/default.nix rename to modules/nixos/system/security/sudo.nix diff --git a/sops/machines/ulmo/key.json b/sops/machines/ulmo/key.json new file mode 100644 index 0000000..90b904f --- /dev/null +++ b/sops/machines/ulmo/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "type": "age" + } +] \ No newline at end of file diff --git a/sops/users/chris/key.json b/sops/users/chris/key.json new file mode 100644 index 0000000..90b904f --- /dev/null +++ b/sops/users/chris/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "type": "age" + } +] \ No newline at end of file diff --git a/vars/per-machine/ulmo/lidarr/api_key/secret b/vars/per-machine/ulmo/lidarr/api_key/secret new file mode 100644 index 0000000..9842058 --- /dev/null +++ b/vars/per-machine/ulmo/lidarr/api_key/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:HbbfyZGhb72fFGcw0Wni2X4vWZqR2acEOBh9C10YNolsBwmbGKniHVOQf5eq6H0HUZozvfFbI+jS92HfYPxLEOtzWdD/hyULPwYR8Q4SxWs3KfY/XeMAHupY1Qfmr4HmwgPDpH2wpFIlDACIQG0FhWpI4nplONI0krVdTRWrFvPN,iv:xqDL82zsYPTTl8yOOzgdkATqZO7Y/JNsFyk12cC4We8=,tag:GS/mTcPvJa1NV/PEWdAK2Q==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGUERwbTh6NnI3b3NvaTU2\nZmdPRmpYTk5aaDNJZ0dqYzBXcnVyYlFlNm5NCkoyZm1wS2FGb2Fza0FaMFVBR1N5\nTFNETHRGTWlSYlZaWVJsNEZ2eWR2bGsKLS0tIE1PcktjRjVKai8vU2EyUGtuMUNl\ndFlDV0VpcitwaXJSempZNmNnMi9JK2cKnCCyh5c0OZLkmJMse1g3OCzPQ+XTdkyy\nqfmAhP6O6amjpfvCcD9s0dOrK/hq/FK4l9Po+qnLkGej4pOIT50WsQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T09:08:19Z", + "mac": "ENC[AES256_GCM,data:EvrqaArhAzzQe/pYslQmstl6TedPiV4a1L6IOD84cJHt9s7qCYFbweRsea398T53dcCtdhIPlU3QyjVJpGhdyD+ekjc77oqXgqwG5hQhMvUJuTvwQXLA+v6acWsfdTu8bLjjCIfMc4+fcqKjcLGGHpPaz3RxL8Su/uifrV82u4M=,iv:Vc6zqz+s+wY1e46ogsqaiilzRfUJYbMDANNrifleBFE=,tag:pTaFWDj6baVHtTBHkledHQ==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/lidarr/config.env/secret b/vars/per-machine/ulmo/lidarr/config.env/secret new file mode 100644 index 0000000..f382ec6 --- /dev/null +++ b/vars/per-machine/ulmo/lidarr/config.env/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:O4+z76Ie5c501CYdmj17N38yEH8bIXQB/kh3u5zTpmChcUEE1M0PIy3VqXuE2YMxscs9bRlph0qBELBADb+HP5BHTtQ3wBZGNGU/qxnyMzZPy64rhXamBLRlC6lgoKfzLt+tQXprWscwJtbfHrHjNQRMAKLNFMIkpwRb2jlmp84fKFuScFSmQ5UoOrvaTzlsoEYajtBd,iv:9eoLX60eEA8DdRWiPPTWRee6blqTilD2Q0UlM2PNT24=,tag:yhfQW3mb0K9phGl8WMN37A==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0dU1la3lNSjkvQjFrQW9S\nYkowRGhyYlA1ZnBGMzBUOS9LRGtXcmhLeDNRCkdUVDFvNUVSeFFzK0NDS0lzaTUx\nT0l1b2tPelIvaHJOSmRVM2U5Z2lTcG8KLS0tIFVjVUtNNC9oYUYwbTRDV2tPQXVy\nY0cyTklIV3llb0l2TSszSjJ6R3hWc1kKIKJYEg/xHztKo4mmXXym/yTu57MKdk/k\nPfyVXClBxAGjsLzNHbEcc9RNbaIhTXiQlL/bkuH6JvLpeFlKLuLDGw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T09:08:19Z", + "mac": "ENC[AES256_GCM,data:ZVcelcvx10+4B1voC2GeBz9FPTypbCp+Zp0QaI5G0UgtD9vLm1W6fT/KysreEqLknlqTN6oqadWS0xCpV2purLu7VLnnfjsjfObod0TxwKf90bi/sG6U0t4kIB/F437WRHai5aV7MWtsXFdh7GuYnpoueqXW5C/qUlKYNJ5eOFk=,iv:N9vbG5HGOS52Z/tvwwr+j2bty0Hqx/Kdd6Q9YI+Xujg=,tag:UL9RzZjl2Vapma/Tel3XpA==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/prowlarr/api_key/secret b/vars/per-machine/ulmo/prowlarr/api_key/secret new file mode 100644 index 0000000..6470c17 --- /dev/null +++ b/vars/per-machine/ulmo/prowlarr/api_key/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:kRQf0fU7aayEFxh57PqwT11aI+GytZFkpIS1Fl4lCbf786K9uBNkNjrKn9FGJjf/bWl+28a30SiI+x1SJIDmB0Gx+twaoH0uTx7xzniMQ6A+mqUihe7qTsuqJZ+B/z4kCQn/4+ig8f3XcgHjx4gp9Ig8d4YlnBHBONCM9d1Mnrd+,iv:g9jb9soLfS71wB5u8+I7ozGNvmCx9rTa09uEZT0pIyI=,tag:MJrJSogPgfF2V98BY2n7Dw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvTjZEUm5oaUZVcmsvU1ds\nTGNueUxyelNPdm1OMTJMOXZPSzNrR0lTQXk0CmtvT2ZxamlrNUdKcmRnWCt3RjZo\nUUtYS0NTYkNXVXpvSWwxVi90Zzh1UnMKLS0tIG5xQU5pOGZ4QzlTdWNjK3Zacmpn\nV05vUjNYT2ZNdmZKemt1bWlhYVhsL3cKFsAZB2rTA84FLcSIMIVdUIWIg3RNFtmW\nj/CUcHwqIlNa0syu3DUIgKCCWLGqeFFyIhah0XgrJPJl74NG8aU+OQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T09:08:22Z", + "mac": "ENC[AES256_GCM,data:6PFwnAOBZVLuhw9DV7sNTxEi80C7nXYvRVjxK9sIbq5N10J6LoGW79VgXOfUOWaVzfjkfPV5QKgKiNNJpUr1rbxNms9oBX/nF7HqB+oPCNfhe8EKBYBiOJw0ijYbLKgHO1N1KrSbhIAlRwpOqYGHxTOEidBhKkSbr+fUHqRUf84=,iv:V4N2NWjT7KMMjL50fOlJ+I75X9+isf75+vx1L17HJyc=,tag:cabQTDqazYLC2zrRrmYNjw==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/prowlarr/config.env/secret b/vars/per-machine/ulmo/prowlarr/config.env/secret new file mode 100644 index 0000000..784f19b --- /dev/null +++ b/vars/per-machine/ulmo/prowlarr/config.env/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:wK2BUSJ8t7xruSMgMpLr6QnX5cUFdwdxYd5Bv3yozFVkjWi7uooc8kHfIRVEjjNsi9TDmlBXg3watv1pMd/XisfKYw/syFzVf+R84Uc0eLpdXZtqdmoii2rQ0X0oBo+9jnVtYCtq/CPaE5QsDh62xzTHCjgk+esQLBqpMbGyCM1gJehU0UT4/I4aRotEANN+FDIMCMEWQu8=,iv:97NU3qoVFX7pt6Oel8MYzaVpxJnXAGg9anMH7A3I0r4=,tag:Wjqp8dt6kbC+n2saCAUMdw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmZlNUVm94WUx0b0cwREhl\nVk8vZmR1YmIwZnZPZnJ1cHlMQ2FPaHFiOFFZCnQwSDZyRHhRQ3JXTWhvZ29UTUkv\nTHRvejFjTUVkdWZBaUVsQmNiYUJlakkKLS0tIEVqWmlZSllmUXJ4SkhnY09kV00r\nQ3lhbllsclltMEZ2eFFLQUZKYUdwWG8Kr4iQGYLocVJX48XoVP0ZC3oFYkMueFHG\npRbHTWd+epglbWB1kkjdL89CpLyueJKX/MfNR4oW6RUvs9m73oQIvw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T09:08:22Z", + "mac": "ENC[AES256_GCM,data:VwG47hA8cFNni6L+3eSkg8EUIybu5cSRgen3x23Eumehib1ojdyOhER/VO20VouhXdpszZxV/8j7ddLpebgBWgxQNzj4BAdPf1PwuYZMJ8jpHIcu47qgMpixjj8kedn9hyniUOAycB2bODfkXBKjTvfNxw5pLVUlLL1EOnNvQH0=,iv:1nV7aN+KCJ5TAjy26eBr+lPAjnVYH+jSOTgcQq5d9XY=,tag:NRqMVUdDlkNqd6Nc/Fqj+A==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/qbittorrent/password/secret b/vars/per-machine/ulmo/qbittorrent/password/secret new file mode 100644 index 0000000..f609b86 --- /dev/null +++ b/vars/per-machine/ulmo/qbittorrent/password/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:mM/ifrTA1aSOtCtVJvjF55WOu9SEgN96QqKK7N8Z+qWHHFpoEc1J9KpjKLH6X3pOQawxpSXHcfOr5iEE0tyeXK0+/G0o1w23YlARroqKIqjUK5NkVHH6BlOQEjuqlBX9D37O5N9rbs5BQ0urXUJ4TP1dmWUOABeEVFkWLeSBv1wa,iv:JUfoo7wmBA82SjpRBVGGR4N6SbURmA/raDFMcR+vyzE=,tag:cOu0oz3i1A33/Cc0BlSBMQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpSFUvRjNZOWJ1N250ODNH\nbXk5ZklvSFhGR3JFc2tKenZZYm5YRlVJSEVNCjdxK0R3dzFHcUdrb25MajRMVHpP\ncjZtT2FzZG5WS3l1TTRvczR3cHpIdmsKLS0tIHVKK1Nhb3kzRW4vNVV3MVVyNVIw\neVJsU2pRZTM0N0xPUTlKQWxQZ3Jab00K+07ETKcNVJ67in/yTRPadLOBMOt/assB\nRdiraOoaw1W7nKMZ81pw2teV8BUWrl2ZvWHGAk9B5M+LNm2U/nZ/zA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T06:02:33Z", + "mac": "ENC[AES256_GCM,data:DSIFCYcpJFrIgLUmQ8M0gTFL3aKkwUJ5S46RYUgwn6Lu5BKJMVdpOGpYloinvRYlMHyK+Diva/tL/xnBtjG7Ug5gKqY4NAf/2yZLjO+y8+FMApn4KiTp7Nqe8Q93psJlIoe5ZUGxl2wERuXnmSnmFmfOjAYb6c/XtR+4oTVqvcg=,iv:wRrA2+eHduRpArHQ8ZghXf1LlezWZKuZkH4KGxJ/KcQ=,tag:RrVAzeL6aZEURY9DDLQu/Q==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/qbittorrent/password_hash/secret b/vars/per-machine/ulmo/qbittorrent/password_hash/secret new file mode 100644 index 0000000..d6ae7d3 --- /dev/null +++ b/vars/per-machine/ulmo/qbittorrent/password_hash/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:JBLJryQ1s+yY7ukjCdToghQrTEcE3DgEhMSl9eyKQPMARm7EX8/82H07CPHCjYGOb+NtZle3a+AAwv39XKUM6OybOiN484rDa2zV6lvFA5dcd/sbuJH6S6Y43iUbUHnScV7iYX2OGW85dSo3Wwcb5SKbXSb3+nhcXouRi0gn,iv:UQjJhIT4AbYACcmjkmeTnpXgXLAbhtDZoF8JUSfOdH8=,tag:928Qkgls5vGx5pBk0BJ1wQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnREhIZmJVTnUvd0hPbm5R\ndlp5aWE4V0doWDVzQzl6aW5rWU96QjZnNXkwCmV0SlM5NXFFeisyVTB3NDAvMXNz\nZzRMcmdyM0tyNkttVU1xN3E2cEtMYmMKLS0tIHJXWW9BRjIydlVmYStnZXIyZnBh\naCtYMWpwVWlJK0IxUWRPdEhVMnVYencKom7jxQwua8Poe4d9wR8sMXZCQQYM12YW\nR8hxaVFwXMIrg6qMRwTK2O1m/fkcVCV6qidjsLERb+laH+W8Nn/urQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T06:02:33Z", + "mac": "ENC[AES256_GCM,data:ikSkLjZtN+P5mOtljcOVo9oEIGlVi+mNO2nURtAgosN27TmQUA5lysUNAZLROD0UsnJAsghXCK4tt9vF68jAOPkBtAnWgL59hgoZcBSiOBr7oRxd4WIGXLhyqPlcDJV7VevNJWl0JLk1NA3+3HQZho4YUzQUNs0GtiBoJj67Uqc=,iv:nPLGU4UHCmY4MUP0j6ZXWyMmyAvs3xNMzKDcgoWo5qw=,tag:JMqKvVHVVfNOVt/TQu9kYQ==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/qbittorrent/qBittorrent.conf/secret b/vars/per-machine/ulmo/qbittorrent/qBittorrent.conf/secret new file mode 100644 index 0000000..054243b --- /dev/null +++ b/vars/per-machine/ulmo/qbittorrent/qBittorrent.conf/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:QmSqL0OQvu2l4NsJHfI/SaEk2Sdx1jMf0AKbbxmPaGnSnN3O3c2ATrIwgTHTumLankI/uXxbrV5vIXTpJU5oSXjbv+Rx0hU+c2Tic/E8ORX1/1SW50Y0ax4IxFat6mwhndte+4dX00KyCCnaRDvnFlR9Eag1C9wQY/GwAeMJY6Dqv9oWSBVRsIONatSogYZ9mTk5ueDrPbfBbVzLKs/5ZbA3RScxKOe5fiCiZ3RQCdPbrd356rGwCzD/k008zGxJkW7aeFxBhpTy7XRKhUUjw4gH7FOwZ71qFlYxvNkOu6QnpFXez3ks9fAIBL2uMHlQfARZGwm84MdEOHCPKq1TI6NmKsqEfXS91hW5iKvH9KUa0FOEhFHY5W6tR1gx0zfGvjv1ofqSMdUSBhHPOuc3HouBK96MzStfyNzePGuAMbsAC+ogn2Dsy55KQiHKvnAW4G1gvQ==,iv:4QN2aeK0jbbzR+qIHHSCLV7/OnZ3vQAHpUovlmnftno=,tag:vFMX8Ep5xJz8eBlQmKXCxw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArRjlwVmpOU3l3aXIybU5N\nckJrb29rZE9OS1dQTzRSVitCZ3pIOExUM1JnCk1vMWZ3THFXR253L3Nmc1g5NnMz\nV2Jwc0VqYWx4eFJLcTRNMDh0V2M1bkUKLS0tIFFLdFJIclVZMmsvWTFKSm9BMDVj\nb3hrd1ZNL00rNHFTc1d6azYxT016NnMK06sT9B1bV3Cst+SQsZWhFAxxN9wEzQ62\nEMfKu8flDkpXOfYhT7O5gjMMYmC0m6UIt8Gth0E2PQsqx0WfcoshIw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T06:02:33Z", + "mac": "ENC[AES256_GCM,data:JYeelZkxYyfciMcksE3b8YKfefzlTJc4Piua8A1Lg4O2Xqz5TpZ7sLyAiqdkKAQsorFYnIjGwhIHx9PrDme1+oioCHJqCsO9Kqs9RLcwVZbBIw+UKlFdc5wNLc55qvP3GSVMLO0/IuXETaOd6IVzFxX76EJT4LTOF4Vv1pz/ymU=,iv:Sll8IvjiGO5kPbdEDXry8j+0pSMIioeIx4LrcfpyUxo=,tag:tGnRLCXcCKlifLp8JNcE8g==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/radarr/api_key/secret b/vars/per-machine/ulmo/radarr/api_key/secret new file mode 100644 index 0000000..962bf05 --- /dev/null +++ b/vars/per-machine/ulmo/radarr/api_key/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:cNdXQigG3pBPGgiWNLkGx/VNE1M2U6YgJ1Stt8NUhRqNCNPdywKOFCA5tKRtjkb6QIH+ICMX1Ct8W13xN2BuQYsv71ighywH81VmYHCxoMApgFK/Jc2Kb9y3kdLY5CvHXf87UJlUo8SVtJ5EpL3iMLNWQJUD5r2/bYINlFwXkeqy,iv:xHyO07zaBu4nHHw5dGj7ZYdSNrkOPt11XMPQu86QGyw=,tag:cXcIni2K7c7ImEbVi6ABkg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuRGpwaEpFV29FM3R5VXN3\nUHNsSVQzS0tWTWhKVWQ3dVkrZENONXlIR3hjCjk4bHhjZmRyZmV2RmhFUVNUMGcr\nRm9mR2FjOU1pTFU5TldsdHJuVWh6WWcKLS0tICtZMTh2T3NCYXNNRzhnZ1pwM0dp\nWC9jZnE1L2tMWjlwRFdhemUzNzVIMU0KS0A5bF0mbXOMliCipJhF98ooIZPtQ2SH\n3utUInxWocWXxtUpUTt5T4HWeacNYQ2XY7OTn/G2xz/wqgtnJg0eeg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T09:08:25Z", + "mac": "ENC[AES256_GCM,data:zy4toD5Mi5GFldrZpj9LaYnFZ6AhpKE+gMGmlnlfuxshpJniyu+8LiBEhx2P1RBAfw1d1Sl4ZYyj1cKGuru2ByMD21W3RzXmsiDrJTaAsA3HDFh0WLHnapBuhvEMVK0bn4TAeAn45+Gx5fiiQBX+UaNjA+zhzCm6KWixd50p6OQ=,iv:TI01AQeTXJR9+5kowddyxyGneK80z6zVhwjMSjD0S3w=,tag:QfokXV71TayFuZP9x+SE3g==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/radarr/config.env/secret b/vars/per-machine/ulmo/radarr/config.env/secret new file mode 100644 index 0000000..e781a27 --- /dev/null +++ b/vars/per-machine/ulmo/radarr/config.env/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:9x6/mvl0KqctP0NYLOiF1tz3wohlbqrJn9qrW1YnwEhXvM6idlUhqcD13FVVsaCwQofCAgVhPq+wjcqsFqsTbLlQlgD+BIz8nqvmq+IUnfAxqSgVLzwjegPIAVbb1vTCaneUFm50CtC8QGpfE4A9DQOvyER9G0TpJ5n3zeFBWFXlMMHu4rxoolIjL1AfrcXY45rlnIko,iv:HxGdEqaAWm7IY67FkSU1vwXeOQ3Ntfk28uHRhjTOzSU=,tag:3kVkX2ZDT351hR/nF6ZP+g==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYcU5DMFNjNGl1SWV6VnNo\nQWU4dDJrbkJWaTVvTDY3YUxaQ2JXRjlsa0E4CnJoaWFJOGlyM0dBeHRQQ2Q2QXV4\nYVhUWGxueVI0WjY0WC91czVQcjMrcncKLS0tIFRPaUpyblZGZVRsVUhaZmpUWSsr\naEU1OEZMZnRBTWJVaENnQTQ5S2pOSzgK9mhU+zWYnmtHll+oQg04ieplFgW4z2j0\n6RT95UWy0ThPuPe0vEEjbzAeXDQ6qmtvE+IgWs0NILRY7TL801B9oA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T09:08:25Z", + "mac": "ENC[AES256_GCM,data:P7Zsb4y8KMCepviLcIfiZD+UyNHR6Sxby+D4IkSLpT8cq86zVdBARbuR+jTgvAsH8JNfKMsYd+UQD8saowuZTPLDzphfkNpzHc3VBkBhIFraNHK874tCyRa+a4SElqdpAF/aPeCpixJsE6uX4us7YnCuBTZjIgZjygqOkioLV3k=,iv:hqEYp7zlTt+3cf3vpAYOhXfy6BY+oe91sA6Wp3LJAbI=,tag:SJwwTDAdETyTErvvgtqvTw==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/sabnzbd/api_key/secret b/vars/per-machine/ulmo/sabnzbd/api_key/secret new file mode 100644 index 0000000..74393fe --- /dev/null +++ b/vars/per-machine/ulmo/sabnzbd/api_key/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:Hjg1GjSENrhiqIa3E0bMsmVwKFBI5PtRu+FeCdhICpKUY5UIgdnf5DiM+hv2ZYIP6iP/t4KN2aOQsYBD7UgJeS1fNuDn9UD7ZhipJVqG0vR0CwnVl5/ynJaYAWpVQyA5v+jWpSXp5kNa+sSYfwPKJgoWwWnsji157iQ1CVQkQ43f,iv:y/loJ87JCFQv4hAfRmhFOG//qkYCB0iE6WLH+MOoeM8=,tag:X+N7M1sAv0fRKXE9pOyQkg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsYjhvWTI1Y2FkOFQwMjUr\ncmd3eXN3SSt2NGN1eWp2RTZYd3AyaTQwSUQ4CnR2VURjLzcvdFRKbWlwc1dJYytZ\ndjUyT0o0eC8yQmpCU0orU3UwbS9BNmcKLS0tIHpaTDcrckJyZlF5cW5NeW1wOTdx\nMXQrZ3FzeDZFaUg5MmxoMGQzRTVpT2sKXUKhnjPqpIVDcJzV9BlCrc5hJhx6bsTs\nOpak6eXFkery72dZdOXvijQ8DGUl5tfLXmlHd77kszuSOOTHutqnmA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-30T13:05:06Z", + "mac": "ENC[AES256_GCM,data:9ERg0A43TKDudtI5Vq4sNmBV1z/6WG8VcTHykVoRsSvEIESPxKveSFOvoa/2pifM7xsGqHabPcLBzJU+/sOKTLVK6IdL80EbCilZFCQsUYxc0zu41+NdTzLBmD50fW8G9H93B5osOcmcTtKPWgwvyEoJ+O/aVzQWlukEwDo+vcI=,iv:kJmOlShNhtF03CxjoQfUv65ricphC3KrbTfMvlUBa/s=,tag:huaI5sxj9JIKYEqrstw7KQ==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/sabnzbd/config.ini/secret b/vars/per-machine/ulmo/sabnzbd/config.ini/secret new file mode 100644 index 0000000..ddeebc8 --- /dev/null +++ b/vars/per-machine/ulmo/sabnzbd/config.ini/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:WVP52sevgJzYb4oB9N24uhKqo+YV/WFjHmmFDO80SNyARTueG0s2eXQ+UeXbodo0nGk/f7tTxYJRcmZyBLMGuks9YKKvn6zOZ7LZY72csO14XAI19P7sTupGOs43PpvQE8212/M18RMPNRIoj0od0HeDxhhFa61yhtZdclppJw3YIxyAfLGaCqV3LUrFIv3+hlM2zymJTi3QDucxL9h63tlv8ijwFg1ZOV/80tSQ4aEeMmic8LCbAbETtdYViQXHJLTNEEDFK/vL8eMHEwULPmw5yOjbWEyqVGO8FHDVbo6Aaj5EZGkiiEQccbJUbuM46J1LzLEjvobg8LKFcA/sVoiiqGp8b47qHbb+dswM5e5vQx11vqDI0UyQcxHuSxtSXJWqi9xKRf32sNhs2P/u1VDLBNCZDtc6z4cTzDHWKn5Dpm+G3oe9OtcA4Nzk/T49pGsb0AZ9WKSo2aAXlyoHfA3bfm+pWyAhEn5wvlhWojhJX/wRTg==,iv:Jdx8BJPx/Emszd/Y3y8y+j3Ogfp0I9fXdhAU5SToTj4=,tag:npMFKmFv+4dcp5Gi5Vyvkg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXMmM0UmtEZ2JDMnFKaitk\nZjh4NXU5Sk15aGNBbVdJa2xSRTVmbUxFc2pBCkhPSjN1b2Z1Y01XYTlNaXpObFp4\ndSs3QlFXbTB5YnRNZzZaejFjVms4dncKLS0tIGwrckxId1F6OGVlZGg4UWI2cWdI\nKzBZU1gxNlpNN2FaTVRHd3FiV3ZzMkkKsi+bSSHNZ5UR//r7Md5Cds7ZjaAgHLqn\nh9gsf9q8Q1dM8LXyu7s0UEApcW9PVWoFAJKttn5mK0VMl0CkUlhTYw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-30T13:05:07Z", + "mac": "ENC[AES256_GCM,data:U1oKfi5RKpLIJOS3mM5y/pQ+8cxGk3dmza2YXk9kfBuzV1LfjCpSoFFGkuLWESA2rbZZEjjqRYfcgi0n8bTzWN8JZFZ9ZTI1ffSjKhVWdC5vqW2XmBlUC3GvAg/huGLd4FGO02qJMcqmnH94pzAglH1uhB7sP6K54w6GEUNEBnQ=,iv:mt+DmM/V1u5mCXjRx7y5RDW0gkmKHC8jYFCrqmbeiWk=,tag:+0f7k/bLwHznNtDt7boRmQ==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/sabnzbd/nzb_key/secret b/vars/per-machine/ulmo/sabnzbd/nzb_key/secret new file mode 100644 index 0000000..9ef806a --- /dev/null +++ b/vars/per-machine/ulmo/sabnzbd/nzb_key/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:PconALoYtJ9/rw1rlo1jPAZTbcEYbBCHOC2Yt4V/gunFGOGoRZqENAJgOA8DICNvbv/04Mv2R9kJtHIwNXOfij0J0ySo20Tj6hTgTFIPOmNts/7lA3GFtCzsDWPokGmLwYzq/cowNTs2Vh2tZBJvL8qZtBBY607fmxlL9b44wjKm,iv:6BdN5nXBYtKHPdYn74AxetgllLFXIza/jktIGt6uMU0=,tag:riFepVvAaFcDSZHz48q5KA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqd1B1eVBVUkVYZDV0NVlB\nUWNDYkZrbndOZkI3THJWa3YvV0dqc055c2tnClV6MGdsKzFRaTEwRlU4dHVXdGJR\nUzc1M3dKWkFPZ243UzA5ZnYvVzVjYjQKLS0tIHhhMnJ6MmcrTFZvc0ZQUDNLb1Bp\nbWdsOGhSYjJkZTRNTXpsV0hxV0I3cTQKjKfRJ7B4wDi0Z7ELkyosdxWPT4qdHtNu\njHDRfgmhD0EGgntwDohSCuxTyp04jQX0gO2/wF0oIFddP5cJQBZm+w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-30T13:05:07Z", + "mac": "ENC[AES256_GCM,data:p6VDaZr2vq1As/qe8n+fjV31+IurhYcgctUTJ1Zh7QkQRKBRXqfHQAZIjJttKUbhEp7hJBVGT316lDNJ9uKLm2vkO3CKrb15Jd0nKBWIsAknOF+ldhADQ9+Vt2W+tW+RMvVjq09fyKihU+j/5NtoaFFnZoK6gPjCWOcKuDVYor4=,iv:3Mn5MDdZmYhS9d0C6IcV6OWxrIej+N9RmVwHRa3N5Ys=,tag:pWa4Cj/X2wZiuGsFrVbwYg==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/sabnzbd/password/secret b/vars/per-machine/ulmo/sabnzbd/password/secret new file mode 100644 index 0000000..757c532 --- /dev/null +++ b/vars/per-machine/ulmo/sabnzbd/password/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:SkOlXNgGnZ1w,iv:SL+wXz7Ifpinqbrlv6Z6Lw2OYugZviGK1yLyHkwY1xM=,tag:iebP8vOoFCTWesHbq/QKvw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzV0VuUDh0K2l5bXYwMWJu\nVnJ0dnhncEtpU1JQTXNwSXZXczBvb25qRnk4CmZYUjJDYXAvTHZPSmtjQkdHYjlh\nbWxmaXFFZGY3b0ZDR3NQOTlBYnBVZmMKLS0tIExFTXVBUU5GOEJWdEZ3VnpWTU9Q\nWEg3TjBxM21EbWszSkh3c25oeEVNTEkK3FemB2jA6fVil0z2FA6u/4nH0CScrE2B\nKS37nP35ufv+m/5x00+WNOgppfj3X61mKLmeJZ+Vj01hr4tTPegddg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-30T13:05:07Z", + "mac": "ENC[AES256_GCM,data:YVBRGtUoLSLl/B6JOwckAh2olXCrbbu7S/jE4DyHqO41KdSufQ1EUm+gzaXYnW64oiyKtMAHZPYJS8z9i91zGDs6oUOtW/2vr0LWyIkhEfXAB5Lbm4Im9SqJ8uOthjVQNVErMJOu87P16Ud37v71wkIXa6UImwPLtn5nf2lD5ho=,iv:L8BpU1VEWCtwTeXDwAMqWzKdvzxZbkYPC854g5Lfrs4=,tag:ILEjAo1f8i791ORUQgzGoA==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/sabnzbd/username/secret b/vars/per-machine/ulmo/sabnzbd/username/secret new file mode 100644 index 0000000..317403a --- /dev/null +++ b/vars/per-machine/ulmo/sabnzbd/username/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:GOtu+wDVCaCaOIcAjMZFpQOvwg==,iv:05f4WFx/u/zkBOfD3woUnlgoab8qqgCxc7tJvLd4FBI=,tag:0GcqnjlKC34dWWQdNDaVwA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsVGJWMzVvdjZhM1Biam1P\nN2ZNY2dBSTBLejh0TTBkV2pVcVEyUEhxQ3dzCjRtTzY4NmI0UERTeThGMmZ4aUdI\nbVZ6eFNQZHNzNy9pTS9DYjROZGt6Y28KLS0tIExuVnp2V05iMHlBR1BqWE1scDFk\ndS96eWFSeEozTXJ2VWtJNUxFVXA5K2cKo/7Xybb8tzJQa2zUHmZMJir27ytBoCx2\nI2XBaM8L4eT+OJzO6PodSaQCfQlfEEVlqZupRA2YzeYXUGZqzPBgpg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-30T13:05:08Z", + "mac": "ENC[AES256_GCM,data:X5V3TeZbT8YkYwL7blD8p70A8cER28DBNJT2EC3EdXfd3ATcGrwfpQYt6v18p0msSMRWHP0BIxKutDHUzWjERk7U2Lj221zm5GwjMevZDAXFNKKk4GXmCdpSeVpX43+37UzSKA78cEWca77Yor3fEBfusGux8fMG6XD1wFoRXqI=,iv:36IjknMbyu372BegqV1OBPS+8e3J5WaQ2WYAHQ93Jps=,tag:FWN4tkv4LXvelotNjD2ieA==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/servarr/config.tfvars/secret b/vars/per-machine/ulmo/servarr/config.tfvars/secret new file mode 100644 index 0000000..e598362 --- /dev/null +++ b/vars/per-machine/ulmo/servarr/config.tfvars/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:R1/Mc5QxFI/hW/moWKy0l7ITvv8MAzXvr6Xx8PCReL9XxwXtaz+oam8LnSPnQo4Utl6LiMoSpz4oKKze+w4bgXpKPMXyMTZKS2rFyTINstegVhaULZz/5jCr/DOEquqgSQZKz/0QJnI4owoWy89MDkixJl+JxcVOMhlz7ICP4cxuqhEqNoRLqOppWLDhhXGowHWPqnEs4XVHSoEIYtJaWl6G2InEAL7PfHh6lHI4lYYliVVINp9UWG0yV0jb/GulsI492wcZKG2G5SkNMM4jyA3sK/2UpKOyuHsRJ5TGkjF5OgSu4kyIMhDtfZyoLVPdGAgZlNJ44L17xqQhlbTkO4iJ70lgddjCf5w7f2iWw1kTJqC9bZjreS77OkSb3FLOUZjbEkGPQiAcuYiB+eV8DwzuLCv4kws0vG4O19+u1myoPx1dVAVhcpJwdFVH09U9z86+ea2sWIQjst73LXt2zL6t185U4nzqbRDSwZ0DIwxi3ledPC7Xj8HDwdeHnGTdfRQeN4wLrul7jM7ZgODykcAQM6VbRF6HzQW8h8jifYOFgElSAbEkWCNj30vJo+bu5FLpbkxRizgZxiDr94K7vFXVSH1sV57lKlpaq5UpcmcTAgxcUl8+O3KRP/3/MLR8X0dp+l3xvwCJed1Icp1ihWf+9vHDzt1eo4pi5MXNtDt18mRiNh2hAYlf6klvV7rbWy4ScZzxHH2RnA/HXlE28JoAiW4MlWmjqVuZ/IzelZuUVrwNEolHkqUfZADnGTUsUXg+yhpJWtPdW9sYr30PlKeadapYdivh1fyKPU/9QE6KlQLL5uWjaHROe15QoPr5HrY9krfEzte+5DidxYa6vX5JEPxGSbVze+EpTGH8zDWJFrbXtkf//UEO5YGzctmUHi1NZ5f1yWQplpLZDDHc24svhVd4czfg7BoaqKiFRHkXjTTN4nuZVe3AIzBoNBbqDZnHmWASdqXRfyyvEHWeLDcJi8P5ZD37LVJVbZqzn76AztED2bUgSOqmzyrf8ZtlQ+Z+Gso6i8gxzeJbLrVVVDZ4mUS1xJWFRQS1C4yA/onT6hpkrTz3iVcbgsGlbbKkEZeNywrMbAev1cGfD5aqko1zgibPmP/Bl973koc6bxwLtz7XLDGAs4hf/x/KY7Notdh2KBDCPYsYpXF5xcaI4W6GE5gU3pJTn/xkvmRaznM=,iv:Cxa6M3Rp3B0b60h9R5iK1yvREtjZPbw3cw8G9qUIgvM=,tag:VQtwzjSTaOgxqlDXC7xttQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3djJ0MFlIbkdIUXZJMlFs\nNDhDK0lvUjJ0WHdxZm1WTGJKVjZ2NjVjVngwCnZ6VFdzVEVjOXk5aGttVXh3WVhz\nK05oZStwN0tqNnBJMDBzRDNyaERzcm8KLS0tIGdDZjl5ekoxRzBZWlJ5TWdzeTVQ\nK3ZBSVR2WFpRelhWa3kwcUhIVnpTM2MKaUqoL2Gn5ZTSeg1VdcTbJv6DksBbH/2P\nYlO6g6WGQymklHfOcHweXsfK9SQKIw/QMzjSAFSnyEdHvj4b4zp4wg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T09:09:54Z", + "mac": "ENC[AES256_GCM,data:R9R25jOI2o2YhbiPvpHNngzagv3d1vb5AeCix8Heaqa4OPv4hdvCeTTGSq26dyOU+CXN1TTRoIjl3gj/F3qqsfwaUiIlV/A5K2jQPVcnf9v7GC6htftiwsOYnsVuHPcL71ttaGlsR7VNfuT3r7ICZzQhLo4PR8q5Tp3z0RE4VzA=,iv:RE8X1BBW/SDGLdwUlNUSGPKN+N3huJKSft6dt3Eeg5k=,tag:Bci00Z/ThB7EX1m4sLKwhw==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/sonarr/api_key/secret b/vars/per-machine/ulmo/sonarr/api_key/secret new file mode 100644 index 0000000..d9eb063 --- /dev/null +++ b/vars/per-machine/ulmo/sonarr/api_key/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:idOrTA5FVhBKOOMva6rIl+kqYYN0EzSY3qczSqmgghjuGLVnzxZ2FdLRY9GwH1Xih8NYu/GFbeyL1XTt/Dt1fcB95dX7qw+xUHXVy78FYPy33L0zWXAYhLkzWZa2ijJfNgTxd/W8M9giYA0XDntKfQuGZve2UJAsu9+SjeZAmwD4,iv:81Q4jVnlqqQEyMkswBAxm7vrHYyw+afdxmP8BDdDihU=,tag:Z0zP9XsXfUE4O6DS0+DhGg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEN25BeHdpYlErYnM2ZmhR\nQnlqYnJvUHNpSGlBZGxxczVrSWwybG0xVjBVCmt4aFdJRjliMGV5U0gwSHRoU2RP\nZ3lVejlYR3lxSzhxeG1HUGFxT0EwSjgKLS0tIENSc0tSbHZCOVREalhKYUZyMmtP\nZHZPUXdFNC9QbXdtL3Z1MkJieUlPSUkKXANMJ1efR1D8bCG9I5Q8vmSowQ0p4j7D\npdBxoJxuo4yB6J7gpUuS1aQmGGw0+7OVSg5cQmQoeVMYimXGtHNb4Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T09:08:27Z", + "mac": "ENC[AES256_GCM,data:onx5LMoonmZSDTorBl8iZkCi0oszYf/RqqJhEUE3Vi+5mjlAmfXwKUTnFg0EIZ3Rb83bxJ+WR60GDbyVFbBMhaBxs2zkc53JieiuzH1Pdz+79EvAcG2hAdO4koPvWQYxrdw4nTi4m4V324jAHPsCgEvSaRH9RIuigYuJ429wOZ8=,iv:o0LLukrDgr0IN3MXlevVGzznRldaCeL9lAZTEN/GZ9c=,tag:8gMZYf4q+9EGHLxSox+2Eg==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/sonarr/config.env/secret b/vars/per-machine/ulmo/sonarr/config.env/secret new file mode 100644 index 0000000..0960548 --- /dev/null +++ b/vars/per-machine/ulmo/sonarr/config.env/secret @@ -0,0 +1,14 @@ +{ + "data": "ENC[AES256_GCM,data:Ys1NFOkYt3IMlzvTdHZqloVMh0TfB3C2LFJpOjDHQoL4hSa6PcsNguFQW0wdegxyKjo60vloeYKo0LRAzq/iBcUBQGJaXTnQTDQOtGAJpmB541BPRwgKxiwXry98GL+E8uuCYR1uidHlNOytDEAUOAUBAS5bX8FKOLlD/qZLu3UD75uP7IriMnCfhMibbMNUU7M7AaFI,iv:shfnbi0jTQYi6NcUvN/MQlDktfdZ6CB9uoUXE/r20IE=,tag:pP/Jc3n+n6ZulRbLg6UPsg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age19qfpf980tadguqq44zf6xwvjvl428dyrj46ha3n6aeqddwhtnuqqml7etq", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmVWMrNzdnNkxqM2VYU3NI\neTQybDRoeStodUZvS0dGejNsODFqUXBuYVJRCnR0dWxzL05GeUcxK040ZXZEa0RV\na2MxMjhsZk44ZGVwakRuMHZWWFQrcXMKLS0tIC9hMkE5YUlYMFVoSjlNVUc1bXlt\nY2hhYnRFL1N4QTh3NmJ0Q0x0Y3BRTlEKosiaPw0LRpy5tcw0I/7w0T/+VR4ULi3F\nXStF3s+lzZFtjtvJXlAquAscSS92AydOwKgK9R26Zl9/7vAWehce3w==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-03-31T09:08:27Z", + "mac": "ENC[AES256_GCM,data:5ioLLvUqSaMHEfwQR6LgE8sGhzklUmX6BAlJVh/m1GOPkt1CjZ4IT76Or2Q7zY66jBUyIIVoTsSnMo7kGNQTLwHYj3T+meYgbZmD9dTUE/zHj5t8t6H4VgfNuyT6Mxl8SKWMb0fJP2cgDt1Asz4O4g2mDchMP/9BMDGbPOM6AuU=,iv:at0VHtc5pdbnGvbxcrrVS83svlJjI+LoaoKRwZW4uM0=,tag:dXf/zL3huq21Wxm39BEiuw==,type:str]", + "version": "3.12.1" + } +} diff --git a/vars/per-machine/ulmo/state-version/version/value b/vars/per-machine/ulmo/state-version/version/value new file mode 100644 index 0000000..abbaa1c --- /dev/null +++ b/vars/per-machine/ulmo/state-version/version/value @@ -0,0 +1 @@ +23.11 \ No newline at end of file