megamanmalte/nixos
0
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

feat(faunus-ater): split into modules, fixup nginx access from local network

Browse source
This commit is contained in:
Malte Tammena 2024-01-15 14:57:13 +01:00
parent 32a59a6379
commit a6298ab5fb
34 changed files with 664 additions and 481 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

343
hosts/faunus-ater.nix
View file

@ -6,23 +6,21 @@
...
}: let
sopsPath = key: config.sops.secrets.${key}.path;
mkVirtHost = certificateName:
lib.attrsets.recursiveUpdate {
addSSL = true;
listenAddresses = [vpnIPv4 "[${vpnIPv6}]"];
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../secrets/ca.crt);
sslCertificateKey = sopsPath "certificate-key-${certificateName}";
sslCertificate = pkgs.writeText "${certificateName}.crt" (builtins.readFile ../secrets/pub/${certificateName}.crt);
};
vpnIPv4 = config.state.vpn.ipv4;
vpnIPv6 = config.state.vpn.ipv6;
in {
imports = [
inputs.nixos-hardware.nixosModules.common-cpu-intel #-cpu-only
../modules/nginx-reverse-proxy.nix
../hardware/asrock-z370-i3-black-box.nix
./faunus-ater/modules/gogs.nix
./faunus-ater/modules/home-assistant.nix
./faunus-ater/modules/hydra.nix
./faunus-ater/modules/komga.nix
./faunus-ater/modules/nix-serve.nix
./faunus-ater/modules/mealie.nix
./faunus-ater/modules/paperless.nix
./faunus-ater/modules/photoprism.nix
./faunus-ater/modules/timetagger.nix
./faunus-ater/modules/trilium.nix
];
config = {
networking.hostName = "faunus-ater";
@ -52,36 +50,6 @@ in {
cpuFreqGovernor = "powersave";
};
# === Git.home, because everything else sucks ===
services.gogs = {
enable = true;
stateDir = "/data/dirty/gogs";
appName = "Malte's Secret Git Stash";
cookieSecure = true;
database.passwordFile = sopsPath "gogs-database-password";
httpPort = config.state.services.git.port;
rootUrl = "https://git.tammena.me/";
domain = "git.tammena.me";
# FIXME: Remove after upstream fix of database type
extraConfig = ''
[database]
TYPE = sqlite3
[auth]
DISABLE_REGISTRATION = true
SHOW_REGISTRATION_BUTTON = false
[server]
SSH_PORT = 22222
'';
};
services.nginx.virtualHosts."git.home" = mkVirtHost "git-home" {
locations."/" = {
proxyPass = "http://${config.services.gogs.httpAddress}:${builtins.toString config.services.gogs.httpPort}";
proxyWebsockets = true;
};
};
virtualisation.oci-containers.backend = "podman";
virtualisation.podman = {
enable = true;
@ -97,260 +65,6 @@ in {
};
};
virtualisation.oci-containers.containers."timetagger" = {
image = "ghcr.io/almarklein/timetagger:v23.2.1";
ports = ["5873:5873"];
environment = {
TIMETAGGER_BIND = "0.0.0.0:5873";
TIMETAGGER_DATADIR = "/root/_timetagger";
TIMETAGGER_LOG_LEVEL = "info";
TIMETAGGER_CREDENTIALS = "malte:$2a$08$P.e3SD0cnPK0P4mFYShELuoa37.1e1dEqE8MWa6LJ/kSJfje1BdBi,marie:$2a$08$ubOZWO510y5bgwIl0O4Ne.dKZdWoHqEMzvs56L6esqvLfBJ/6OgYm";
};
volumes = [
"/data/dirty/timetagger:/root/_timetagger"
];
};
services.nginx.virtualHosts."time.home" = mkVirtHost "time-home" {
locations."/" = {
proxyPass = "http://127.0.0.1:5873";
proxyWebsockets = true;
};
};
virtualisation.oci-containers.containers."mealie" = {
image = "ghcr.io/mealie-recipes/mealie:v1.0.0-RC2";
ports = let port = builtins.toString config.state.services.eat.port; in ["${port}:${port}"];
environment = {
PUID = builtins.toString config.users.users.mealie.uid;
PGID = builtins.toString config.users.groups.mealie.gid;
ALLOW_SIGNUP = "false";
TZ = "Europe/Berlin";
BASE_URL = "https://eat.tammena.me";
TOKEN_TIME = "8760";
};
volumes = [
"/data/dirty/mealie:/app/data"
];
};
users.users.mealie = {
isSystemUser = true;
group = "mealie";
};
users.groups.mealie = {};
services.nginx.virtualHosts."eat.home" = mkVirtHost "eat-home" {
locations."/" = {
proxyPass = "http://127.0.0.1:${builtins.toString config.state.services.eat.port}";
proxyWebsockets = true;
};
};
services.nginx.virtualHosts."todo.home" = mkVirtHost "todo-home" {
locations."/" = {
proxyPass = "http://127.0.0.1:7372";
proxyWebsockets = true;
};
};
services.nginx.virtualHosts."config.home" = mkVirtHost "config-home" {
locations."/" = {
proxyPass = "http://127.0.0.1:8123";
proxyWebsockets = true;
};
};
virtualisation.oci-containers.containers.home-assistant = {
volumes = ["/data/dirty/home-assistant:/config"];
environment.TZ = "Europe/Berlin";
image = "ghcr.io/home-assistant/home-assistant:2023.9";
ports = [
"8123:8123"
"1400:1400/tcp"
];
extraOptions = [
# TODO: Fix the path of the zigbee controller using udev
"--device=/dev/serial/by-id/usb-Silicon_Labs_Sonoff_Zigbee_3.0_USB_Dongle_Plus_0001-if00-port0"
"--device=/dev/ttyUSB0"
"--cap-add=CAP_NET_RAW,CAP_NET_BIND_SERVICE"
];
};
# For SONOS
networking.firewall.allowedTCPPorts = [1400];
# === HYDRA & Friends. ===
services.hydra = {
enable = true;
package = pkgs.hydra;
notificationSender = "hydra@home";
hydraURL = "http://faunus-ater:${builtins.toString config.services.hydra.port}";
minimumDiskFree = 10;
useSubstitutes = true;
};
services.nix-serve = {
enable = true;
secretKeyFile = sopsPath "nix-store-signing-key";
# FIXME: Remove once fixed upstream
package = pkgs.nix-serve.override {
nix = pkgs.nixVersions.nix_2_12;
};
};
# Build on other machines aswell if possible
nix.buildMachines = [
{
hostName = "localhost";
maxJobs = 4;
speedFactor = 1;
sshKey = sopsPath "hydra-overseer-key";
sshUser = "hydra-minion";
systems = ["x86_64-linux" "i686-linux"];
}
{
hostName = "helix-texta";
maxJobs = 4;
speedFactor = 2;
sshKey = sopsPath "hydra-overseer-key";
sshUser = "hydra-minion";
supportedFeatures = ["kvm" "big-parallel"];
systems = ["x86_64-linux" "i686-linux"];
}
{
hostName = "murex-pecten";
maxJobs = 4;
speedFactor = 4;
sshKey = sopsPath "hydra-overseer-key";
sshUser = "hydra-minion";
supportedFeatures = ["kvm" "big-parallel"];
systems = ["x86_64-linux" "i686-linux"];
}
];
# TODO: This doesn't seem to work
programs.ssh.extraConfig = ''
Host *
StrictHostKeyChecking accept-new
'';
nix.extraOptions = ''
allowed-uris = http:// https://
'';
systemd.services."hydra-initial-setup" = {
description = "Setup hydra admin password once";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
LoadCredential = "USER_PW:${sopsPath "hydra-admin-password"}";
};
wantedBy = lib.singleton "multi-user.target";
requires = lib.singleton "hydra-init.service";
after = lib.singleton "hydra-init.service";
environment = {
inherit (config.systemd.services.hydra-init.environment) HYDRA_DBI;
};
script = let
hydra-create-user = "${pkgs.hydra}/bin/hydra-create-user";
in ''
if [ ! -e ~hydra/.setup-is-complete ]; then
# create admin user
${hydra-create-user} admin --full-name 'Admin Mc. Admining' --email-address 'admin@faunus-ater' --password "$USER_PW" --role admin || exit 1
# done
touch ~hydra/.setup-is-complete
fi
'';
};
services.nginx.virtualHosts = {
"hydra.home" = mkVirtHost "hydra-home" {
locations."/" = {
proxyPass = "http://localhost:${builtins.toString config.services.hydra.port}";
};
};
"cache.home" = mkVirtHost "cache-home" {
locations."/" = {
proxyPass = "http://localhost:${builtins.toString config.services.nix-serve.port}";
};
};
};
# === PAPERLESS service, save me! ===
services.paperless = {
enable = true;
address = "0.0.0.0";
port = config.state.services.doc.port;
passwordFile = sopsPath "paperless-admin-password";
dataDir = "/data/dirty/paperless";
extraConfig = {
PAPERLESS_CONSUMER_DELETE_DUPLICATES = true;
PAPERLESS_CONSUMER_RECURSIVE = true;
PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS = true;
PAPERLESS_FILENAME_FORMAT = "{created_year}/{correspondent}/{created_year}-{created_month}-{created_day}-{document_type}-{title}-{tag_list}";
PAPERLESS_OCR_LANGUAGE = "deu";
PAPERLESS_URL = "https://doc.tammena.me";
};
};
services.nginx.virtualHosts."doc.home" = mkVirtHost "doc-home" {
locations."/" = {
proxyPass = "http://localhost:${builtins.toString config.services.paperless.port}";
proxyWebsockets = true;
};
};
# === Komga, for my reading needs ===
services.komga = {
enable = true;
port = config.state.services.read.port;
stateDir = "/data/dirty/komga";
};
services.nginx.virtualHosts."read.home" = mkVirtHost "read-home" {
locations."/" = {
proxyPass = "http://[::1]:${builtins.toString config.services.komga.port}";
proxyWebsockets = true;
};
};
# === Trilium ===
services.trilium-server = {
enable = true;
port = 10302;
dataDir = "/data/dirty/trilium";
};
services.nginx.virtualHosts."note.home" = mkVirtHost "note-home" {
locations."/" = {
proxyPass = "http://${config.services.trilium-server.host}:${builtins.toString config.services.trilium-server.port}";
proxyWebsockets = true;
};
};
# === Photoprism ===
services.photoprism = {
enable = true;
port = config.state.services.foto.port;
address = "0.0.0.0";
storagePath = "/data/dirty/photoprism/storage";
originalsPath = "/data/dirty/photoprism/originals";
importPath = "/data/dirty/photoprism/import";
passwordFile = sopsPath "photoprism-admin-password";
settings = {
PHOTOPRISM_SESSION_MAXAGE = "31536000";
PHOTOPRISM_SESSION_TIMEOUT = "31536000";
PHOTOPRISM_UPLOAD_NSFW = "true";
PHOTOPRISM_DETECT_NSFW = "true";
PHOTOPRISM_SITE_URL = "https://foto.tammena.me";
PHOTOPRISM_SITE_TITLE = "PhotoPrism";
PHOTOPRISM_SITE_CAPTION = "All the pictures!";
PHOTOPRISM_SITE_DESCRIPTION = "";
PHOTOPRISM_SITE_AUTHOR = "";
};
};
# TODO: Why does it not work without these? :/
systemd.services.photoprism.serviceConfig.User = lib.mkForce null;
systemd.services.photoprism.serviceConfig.Group = lib.mkForce null;
systemd.services.photoprism.serviceConfig.DynamicUser = lib.mkForce false;
systemd.services.photoprism.serviceConfig.SystemCallFilter = lib.mkForce [];
services.nginx.virtualHosts."foto.home" = mkVirtHost "foto-home" {
locations."/" = {
proxyPass = "http://${config.services.photoprism.address}:${builtins.toString config.services.photoprism.port}";
proxyWebsockets = true;
};
extraConfig = ''
client_max_body_size 800M;
'';
};
# === Restic User Backup ===
services.resticConfigured = {
enable = true;
@ -381,43 +95,8 @@ in {
# === RUNTIME SECRETS ===
sops.defaultSopsFile = ../secrets/hosts/faunus-ater/secrets.yaml;
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
sops.secrets = let
nginxSecret = {
owner = config.users.users.nginx.name;
mode = "0400";
};
in {
"certificate-key-config-home" = nginxSecret;
"certificate-key-todo-home" = nginxSecret;
"certificate-key-time-home" = nginxSecret;
"certificate-key-hydra-home" = nginxSecret;
"certificate-key-cache-home" = nginxSecret;
"certificate-key-doc-home" = nginxSecret;
"certificate-key-read-home" = nginxSecret;
"certificate-key-note-home" = nginxSecret;
"certificate-key-foto-home" = nginxSecret;
"certificate-key-listen-home" = nginxSecret;
"certificate-key-git-home" = nginxSecret;
"certificate-key-eat-home" = nginxSecret;
"paperless-admin-password" = {};
"photoprism-admin-password" = {};
"nginx-cert-key" = nginxSecret;
"nginx-cert-crt" = nginxSecret;
"fritzbox-exporter-env" = {};
sops.secrets = {
"internal-restic-password" = {};
"nix-store-signing-key" = {};
"hydra-admin-password" = {
owner = config.users.users.hydra.name;
mode = "0400";
};
"hydra-overseer-key" = {
owner = config.users.users.hydra.name;
mode = "0440";
};
"gogs-database-password" = {
owner = config.users.users.gogs.name;
mode = "0400";
};
};
# All services that run here, that should be exposed need to be exposed on the VPN

57
hosts/faunus-ater/modules/gogs.nix Normal file
View file

@ -0,0 +1,57 @@
{
pkgs,
config,
...
}: {
services.gogs = {
enable = true;
stateDir = "/data/dirty/gogs";
appName = "Malte's Secret Git Stash";
cookieSecure = true;
database.passwordFile = config.sops.secrets."gogs-database-password".path;
httpPort = config.state.services.git.port;
rootUrl = "https://git.tammena.me/";
domain = "git.tammena.me";
extraConfig = builtins.trace "Has upstream fixed the database type for gogs?" ''
[database]
TYPE = sqlite3
[auth]
DISABLE_REGISTRATION = true
SHOW_REGISTRATION_BUTTON = false
[server]
SSH_PORT = 22222
'';
};
# Configure nginx reverse proxy
services.nginx.virtualHosts."git.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-git-tammena-me".path;
sslCertificate = pkgs.writeText "git-tammena-me.crt" (builtins.readFile ../../../secrets/pub/git-tammena-me.crt);
serverAliases = [
"git.home"
];
locations."/" = {
proxyPass = "http://${config.services.gogs.httpAddress}:${builtins.toString config.services.gogs.httpPort}";
proxyWebsockets = true;
};
};
# Secrets
sops.secrets = {
"gogs-database-password" = {
owner = config.users.users.gogs.name;
mode = "0400";
};
"certificate-key-git-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
};
}

47
hosts/faunus-ater/modules/home-assistant.nix Normal file
View file

@ -0,0 +1,47 @@
{
pkgs,
config,
...
}: {
virtualisation.oci-containers.containers.home-assistant = {
volumes = ["/data/dirty/home-assistant:/config"];
environment.TZ = "Europe/Berlin";
image = "ghcr.io/home-assistant/home-assistant:2023.9";
ports = [
"8123:8123"
"1400:1400/tcp"
];
extraOptions = [
# TODO: Fix the path of the zigbee controller using udev
"--device=/dev/serial/by-id/usb-Silicon_Labs_Sonoff_Zigbee_3.0_USB_Dongle_Plus_0001-if00-port0"
"--device=/dev/ttyUSB0"
"--cap-add=CAP_NET_RAW,CAP_NET_BIND_SERVICE"
];
};
# Configure nginx reverse proxy
services.nginx.virtualHosts."config.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-config-tammena-me".path;
sslCertificate = pkgs.writeText "config-tammena-me.crt" (builtins.readFile ../../../secrets/pub/config-tammena-me.crt);
serverAliases = [
"config.home"
];
locations."/" = {
proxyPass = "http://127.0.0.1:8123";
proxyWebsockets = true;
};
};
# Open ports for SONOS communication
networking.firewall.allowedTCPPorts = [1400 2342];
# Secrets
sops.secrets."certificate-key-config-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
}

108
hosts/faunus-ater/modules/hydra.nix Normal file
View file

@ -0,0 +1,108 @@
{
pkgs,
lib,
config,
...
}: {
services.hydra = {
enable = true;
package = pkgs.hydra;
notificationSender = "hydra@home";
hydraURL = "http://faunus-ater:${builtins.toString config.services.hydra.port}";
minimumDiskFree = 10;
useSubstitutes = true;
};
# Build on other machines aswell if possible
nix.buildMachines = [
{
hostName = "localhost";
maxJobs = 4;
speedFactor = 1;
sshKey = config.sops.secrets."hydra-overseer-key".path;
sshUser = "hydra-minion";
systems = ["x86_64-linux" "i686-linux"];
}
{
hostName = "helix-texta";
maxJobs = 4;
speedFactor = 2;
sshKey = config.sops.secrets."hydra-overseer-key".path;
sshUser = "hydra-minion";
supportedFeatures = ["kvm" "big-parallel"];
systems = ["x86_64-linux" "i686-linux"];
}
{
hostName = "murex-pecten";
maxJobs = 4;
speedFactor = 4;
sshKey = config.sops.secrets."hydra-overseer-key".path;
sshUser = "hydra-minion";
supportedFeatures = ["kvm" "big-parallel"];
systems = ["x86_64-linux" "i686-linux"];
}
];
# TODO: This doesn't seem to work
programs.ssh.extraConfig = ''
Host *
StrictHostKeyChecking accept-new
'';
nix.extraOptions = ''
allowed-uris = http:// https://
'';
systemd.services."hydra-initial-setup" = {
description = "Setup hydra admin password once";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
LoadCredential = "USER_PW:${config.sops.secrets."hydra-admin-password".path}";
};
wantedBy = lib.singleton "multi-user.target";
requires = lib.singleton "hydra-init.service";
after = lib.singleton "hydra-init.service";
environment = {
inherit (config.systemd.services.hydra-init.environment) HYDRA_DBI;
};
script = let
hydra-create-user = "${pkgs.hydra}/bin/hydra-create-user";
in ''
if [ ! -e ~hydra/.setup-is-complete ]; then
# create admin user
${hydra-create-user} admin --full-name 'Admin Mc. Admining' --email-address 'admin@faunus-ater' --password "$USER_PW" --role admin || exit 1
# done
touch ~hydra/.setup-is-complete
fi
'';
};
# Configure nginx reverse proxy
services.nginx.virtualHosts = {
"hydra.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-hydra-tammena-me".path;
sslCertificate = pkgs.writeText "hydra-tammena-me.crt" (builtins.readFile ../../../secrets/pub/hydra-tammena-me.crt);
locations."/" = {
proxyPass = "http://localhost:${builtins.toString config.services.hydra.port}";
};
};
};
# Secrets
sops.secrets = {
"hydra-admin-password" = {
owner = config.users.users.hydra.name;
mode = "0400";
};
"hydra-overseer-key" = {
owner = config.users.users.hydra.name;
mode = "0440";
};
"certificate-key-hydra-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
};
}

30
hosts/faunus-ater/modules/komga.nix Normal file
View file

@ -0,0 +1,30 @@
{
pkgs,
config,
...
}: {
services.komga = {
enable = true;
port = config.state.services.read.port;
stateDir = "/data/dirty/komga";
};
# Configure nginx reverse proxy
services.nginx.virtualHosts."read.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-read-tammena-me".path;
sslCertificate = pkgs.writeText "read-tammena-me.crt" (builtins.readFile ../../../secrets/pub/read-tammena-me.crt);
locations."/" = {
proxyPass = "http://[::1]:${builtins.toString config.services.komga.port}";
proxyWebsockets = true;
};
};
# Secrets
sops.secrets."certificate-key-read-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
}

51
hosts/faunus-ater/modules/mealie.nix Normal file
View file

@ -0,0 +1,51 @@
{
pkgs,
config,
...
}: {
virtualisation.oci-containers.containers."mealie" = {
image = "ghcr.io/mealie-recipes/mealie:v1.0.0-RC2";
ports = let port = builtins.toString config.state.services.eat.port; in ["${port}:${port}"];
environment = {
PUID = builtins.toString config.users.users.mealie.uid;
PGID = builtins.toString config.users.groups.mealie.gid;
ALLOW_SIGNUP = "false";
TZ = "Europe/Berlin";
BASE_URL = "https://eat.tammena.me";
TOKEN_TIME = "8760";
};
volumes = [
"/data/dirty/mealie:/app/data"
];
};
# Create user and group for the data
users.users.mealie = {
isSystemUser = true;
group = "mealie";
};
users.groups.mealie = {};
# Configure nginx reverse proxy
services.nginx.virtualHosts."eat.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-eat-tammena-me".path;
sslCertificate = pkgs.writeText "eat-tammena-me.crt" (builtins.readFile ../../../secrets/pub/eat-tammena-me.crt);
serverAliases = [
"eat.home"
];
locations."/" = {
proxyPass = "http://127.0.0.1:${builtins.toString config.state.services.eat.port}";
proxyWebsockets = true;
};
};
# Secrets
sops.secrets."certificate-key-eat-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
}

41
hosts/faunus-ater/modules/nix-serve.nix Normal file
View file

@ -0,0 +1,41 @@
{
pkgs,
config,
...
}: {
services.nix-serve = {
enable = true;
secretKeyFile = config.sops.secrets."nix-store-signing-key".path;
package = builtins.trace "Has upstream fixed the build issue around nix-serve?" pkgs.nix-serve.override {
nix = pkgs.nixVersions.nix_2_12;
};
};
# Configure nginx reverse proxy
services.nginx.virtualHosts = {
"cache.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-cache-tammena-me".path;
sslCertificate = pkgs.writeText "cache-tammena-me.crt" (builtins.readFile ../../../secrets/pub/cache-tammena-me.crt);
serverAliases = [
"cache.home"
];
locations."/" = {
proxyPass = "http://localhost:${builtins.toString config.services.nix-serve.port}";
};
};
};
# Secrets
sops.secrets = {
"nix-store-signing-key" = {};
"certificate-key-cache-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
};
}

47
hosts/faunus-ater/modules/paperless.nix Normal file
View file

@ -0,0 +1,47 @@
{
pkgs,
config,
...
}: {
services.paperless = {
enable = true;
address = "0.0.0.0";
port = config.state.services.doc.port;
passwordFile = config.sops.secrets."paperless-admin-password".path;
dataDir = "/data/dirty/paperless";
extraConfig = {
PAPERLESS_CONSUMER_DELETE_DUPLICATES = true;
PAPERLESS_CONSUMER_RECURSIVE = true;
PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS = true;
PAPERLESS_FILENAME_FORMAT = "{created_year}/{correspondent}/{created_year}-{created_month}-{created_day}-{document_type}-{title}-{tag_list}";
PAPERLESS_OCR_LANGUAGE = "deu";
PAPERLESS_URL = "https://doc.tammena.me";
};
};
# Configure nginx reverse proxy
services.nginx.virtualHosts."doc.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-doc-tammena-me".path;
sslCertificate = pkgs.writeText "doc-tammena-me.crt" (builtins.readFile ../../../secrets/pub/doc-tammena-me.crt);
serverAliases = [
"doc.home"
];
locations."/" = {
proxyPass = "http://localhost:${builtins.toString config.services.paperless.port}";
proxyWebsockets = true;
};
};
# Secrets
sops.secrets = {
"certificate-key-doc-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
"paperless-admin-password" = {};
};
}

66
hosts/faunus-ater/modules/photoprism.nix Normal file
View file

@ -0,0 +1,66 @@
{
pkgs,
lib,
config,
...
}: {
services.photoprism = {
enable = true;
# Use the port specified in my global config
port = config.state.services.foto.port;
address = "0.0.0.0";
# Configure paths
storagePath = "/data/dirty/photoprism/storage";
originalsPath = "/data/dirty/photoprism/originals";
importPath = "/data/dirty/photoprism/import";
passwordFile = config.sops.secrets."photoprism-admin-password".path;
# Additional settings
settings = {
PHOTOPRISM_SESSION_MAXAGE = "31536000";
PHOTOPRISM_SESSION_TIMEOUT = "31536000";
PHOTOPRISM_UPLOAD_NSFW = "true";
PHOTOPRISM_DETECT_NSFW = "true";
PHOTOPRISM_SITE_URL = "https://foto.tammena.me";
PHOTOPRISM_SITE_TITLE = "PhotoPrism";
PHOTOPRISM_SITE_CAPTION = "All the pictures!";
PHOTOPRISM_SITE_DESCRIPTION = "";
PHOTOPRISM_SITE_AUTHOR = "";
};
};
# TODO: Why does it not work without these? :/
systemd.services.photoprism.serviceConfig.User = lib.mkForce null;
systemd.services.photoprism.serviceConfig.Group = lib.mkForce null;
systemd.services.photoprism.serviceConfig.DynamicUser = lib.mkForce false;
systemd.services.photoprism.serviceConfig.SystemCallFilter = lib.mkForce [];
# Configure nginx reverse proxy
services.nginx.virtualHosts."foto.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-foto-tammena-me".path;
sslCertificate = pkgs.writeText "foto-tammena-me.crt" (builtins.readFile ../../../secrets/pub/foto-tammena-me.crt);
serverAliases = [
"foto.home"
];
locations."/" = {
proxyPass = "http://${config.services.photoprism.address}:${builtins.toString config.services.photoprism.port}";
proxyWebsockets = true;
};
extraConfig = ''
client_max_body_size 800M;
'';
};
# Secrets
sops.secrets = {
"certificate-key-foto-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
"photoprism-admin-password" = {};
};
}

42
hosts/faunus-ater/modules/timetagger.nix Normal file
View file

@ -0,0 +1,42 @@
{
pkgs,
config,
...
}: {
virtualisation.oci-containers.containers."timetagger" = {
image = "ghcr.io/almarklein/timetagger:v23.2.1";
ports = ["5873:5873"];
environment = {
TIMETAGGER_BIND = "0.0.0.0:5873";
TIMETAGGER_DATADIR = "/root/_timetagger";
TIMETAGGER_LOG_LEVEL = "info";
TIMETAGGER_CREDENTIALS = "malte:$2a$08$NAbUfqRJhoy/rI9MoAHyNeXNQ2v7mh9zUbcG/naH0W6RkP9cCxfH6,marie:$2a$08$ubOZWO510y5bgwIl0O4Ne.dKZdWoHqEMzvs56L6esqvLfBJ/6OgYm";
};
volumes = [
"/data/dirty/timetagger:/root/_timetagger"
];
};
# Configure nginx reverse proxy
services.nginx.virtualHosts."time.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-time-tammena-me".path;
sslCertificate = pkgs.writeText "time-tammena-me.crt" (builtins.readFile ../../../secrets/pub/time-tammena-me.crt);
serverAliases = [
"time.home"
];
locations."/" = {
proxyPass = "http://127.0.0.1:5873";
proxyWebsockets = true;
};
};
# Secrets
sops.secrets."certificate-key-time-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
}

32
hosts/faunus-ater/modules/trilium.nix Normal file
View file

@ -0,0 +1,32 @@
{
pkgs,
config,
...
}: {
services.trilium-server = {
enable = true;
port = 10302;
dataDir = "/data/dirty/trilium";
};
services.nginx.virtualHosts."note.tammena.me" = {
addSSL = true;
sslTrustedCertificate = pkgs.writeText "ca.crt" (builtins.readFile ../../../secrets/ca.crt);
sslCertificateKey = config.sops.secrets."certificate-key-note-tammena-me".path;
sslCertificate = pkgs.writeText "note-tammena-me.crt" (builtins.readFile ../../../secrets/pub/note-tammena-me.crt);
serverAliases = [
"note.home"
];
locations."/" = {
proxyPass = "http://${config.services.trilium-server.host}:${builtins.toString config.services.trilium-server.port}";
proxyWebsockets = true;
};
};
# Secrets
sops.secrets."certificate-key-note-tammena-me" = {
owner = config.users.users.nginx.name;
mode = "0400";
};
}

29
secrets/hosts/faunus-ater/secrets.yaml
View file

@ -4,22 +4,17 @@ photoprism-admin-password: ENC[AES256_GCM,data:q5hfATh3vUCXMnjiPHw7aoeuaXsxgPg0R
internal-restic-password: ENC[AES256_GCM,data:TJvbnuPgrCCRznqHAs7R/WYTgZ+hKiNUnpHTqroNgw9p0w==,iv:JtcaM2bCtZzM91IdkYrmbBhWQ/wWdFzX2fxDGuFIWrY=,tag:5HesBXgxu28QOGYS6WjJdg==,type:str]
hydra-admin-password: ENC[AES256_GCM,data:VzZdQDAspirq2Ad5cd3KV3+06966aSEHrXTQ6A0=,iv:06fFTSaH1o+q+PioSbEMU/VutYwj+Jin/wXnAWOiV/w=,tag:cjoPs0oUJ437URwBpE5vVA==,type:str]
nix-store-signing-key: ENC[AES256_GCM,data:crx32AFBIwM1AS9aBUzocK6YHWfNqoJuY3N6S4NepuVOYwOj+IgcGc2o1V1rFRyrfAFYo/eok2HE0et1VTVMMgkVLvSuCpH6B+Ehv/EIXZNA4EsvSinLaU0POsDZw6LkmGqX,iv:icNWx1l2j6yHRrby1TbVBXNpKrz9vyqwZ//Vlb0sJzI=,tag:zAg7jl6w8pTlwrG/ENFtvQ==,type:str]
fritzbox-exporter-env: ENC[AES256_GCM,data:8FtqoSCvK6z0Jk7AN0MWGcdBT4h6Xak4BOf4FKkjtisGLE2UYCyh8Gg6IA5gKajuSEhhAV3fhK0QhV/o9BleSQ==,iv:sBfszNAZAtBSTaMqJuKXry+hjUyWeXE3j0jTv8nKQpE=,tag:rbLEnZRRSs1eHsZa4mfOdA==,type:str]
nginx-cert-key: ENC[AES256_GCM,data:uwghAFbTeYMYuyd7deas2BkeQITcADGfYllZvZuFeaMElF3S0ySJ3+F5HwblhRyP1OzIujgxd3xSTkclHqrKrNrADiEkjLalITn1UMRL2EWcEOmLTEZ89K3P9WyEXtPkaPBSrPS0zT4F2JaZ+dlS81svZ2kAokAS7P9v4Pu2g5PJ7vQbgrKdTGMBmcfF82JG/eef6AxGsVbCWJnPeOFd7Qski8LPcd3ZfDua5PofthaKD0Do9BnXlTsKdetLHvzUnS4kt5b5baBr0MF96zpLYLALCuuhicW8nMrfC4uZMjpnEMA++N2czihQWp5wnV1CNZUNkfqQEKhd8r6trKoJqEacHCUsPDvAQ734fGFUYuzW76t5z7QcpvY0ZAKDJGXoWhqAS1QXop9jM5UTGOY=,iv:kR8z7QXGJh72SIezOH90H7FOzW+XzIf5q87Q8nE1rkQ=,tag:XYLJ3IwBUm+XCqMnESfyHA==,type:str]
nginx-cert-crt: ENC[AES256_GCM,data:F0hG8DEhFfA+VlpXIB3dGoo9GGSPELBHjFwYrTkqRFtIrWqaAXguRAR+Su5nTghKnMBPOnp7h5We5+whf2S6V5uPfbVfsWpQ1Q6rQWXtZdCHGhBlB94z/LI7cDIsthwPkdHX9wdAOweu99VzKuftnP30bKVTHK1vGnsxkV24d4CwH6mTrd8zhHdC1fVp3ykZ9+hUmyO/hc9tMgXYSiXcPnpQShPjBXzn23YxYlEKOFDzGnTVqcLrSycdGgpuoXunV4UP4esgjYPL1wJ8kZfAUbJac6iWLgk/UFcpOoYiktKr3pXzatvrZZ0pc1lG5TpfkrH2pGzKV+r0V/PMHI6M409kHWEfR3MyQ3IP9xTIjgohA6BMlsb1fnq2qR0pnwSApqXpuUGf2/DqDjkoV5TLSmQntaWhQt/PFSRe0lhfSrsDBY5Fpf+9DVwTqRhvyDiorrOrcTDY2XVpWY5c3QK2hkRq0+FkIR3qGBCffHZmC5hCvoXg8Bs1lxyEM/CXOXPhaxSwvYttaW7wcEj/E8Npu6Hctl8BjqiBC/ldaRp7qliOsRib77Wd8CwKcFmaGFEYxmkDLhvwHphHF0vDSy1j41KCF8jjKZVfM2kzb6LT6OmEDjPzEACL5Jqr/yrgb89cG29dqTX79UyHBp2OqC2v3Q4fQy3eHJz28asbhUgRZJXj21iUwZOv2xtN6tYfQbSstr0g8916nKasv8tWTXtVFdToBUYTR3mBSWyS8KGujRXEVwOosI5kBXYGMpCpz02HmxSNw1uxcW8VF2ctOi9ou4//xDARLg869OFHb6FgUi7SevAS5ee7yxSwD+wL3+TSQJZLDEv4lQyA3vep41QUKMxe6DsxYRPqD1ev0EWEzrcNXQVK,iv:s1oe8pU0/xZfHfvDUISG5782jx5GzKrbk1o9J/66G2U=,tag:pG1D69y5nWx0v9ohPwSeTw==,type:str]
hydra-overseer-key: ENC[AES256_GCM,data:x0rp0SMYvQcbivYFz4H2gyEoQbiVm0kCKmeYu8n2ALPMR10Q0ynOkj16UkfJIVAXnI8j8NhGScBjXWiwxi2WUhZI0r5HiAF+BvBFp1mkcWrP+N5/ulLuR2YS71bJpb5OSiJ4q1F4nmO1Kmhv2rylcQWB1BeKj2WLXsxo2W/J+9wOcJ10BU77vgfpdgE+7W2kVPbaX6C2F85t1wu4mVy9gdSp2U4r7j/+T5ZZ8DFAiHUAhZ8OoVSDuwHj1Ud8siEHff07ACsnQlSO0Xt+1m0hq03gY26LnepzdkFkncb/D9K7NlbWZzVO659fW4262wQ2dJHO7+dIMy4tK4/KdYv5UX3kTK734UEYruRRHRcRcWzLjFq1MpQBAdratCmDHxfuyFa3nkPhO8twqN4b51w0J7stp0uTAD/YF/dmuv0vUFPqbPzH+grGEhfs/qp1vnrDz0G5kj/78jp6IdQP52I2ukEMZ29pz81o9WA6AWrALwgaHG+UPyskSLFNBuY/Mux+kXCZ+rZtsLqiEp1PIt1vxGUMtKhVIN6knLOcOahVuja39KINczNytB20nsxL8H3pTsIQV3XXRPFz7bikBLWoqA74zq6IxT5wCZtTwoYmE5PiPLCCDUETwPEHJqW1tpDOLEBpn+3bnQbX35vwz+w0qAad0ndXYOiVIZK4vBbkjH3AEYWCCfm+KuduqdVU01E8kZakB15oK5IGHSMeNrz9iEv4hpG54FK5lh6eqS2iVeqj4uKN0jEUzVSjTBoI3iZbgZKEjxD+Xz1napErAtuZu1iCt5cW6HCeKBOVJQk8WsMpmgrB6wT4pOFvY5zPfRv+4cs8Cm8jD+i59G+S5J+TD+rlRSSPLPUSka1pPNeUXieP53TTkoB5LV3sSfn88+SBkNFbOIoy2Nce6eNzkYvE2auGZ91GcHqbH1OEnzutQqBqdZUmDmLlHqtfKWA4oaGCv0yTOxouzqDfokeMklsXBnWRs7UsfCkR+1qrG9IaFJxOYFEKR7yAsqnmkLlVgmH3GYhgAOwNugRXwNzD3UaQ16b9xlE8Oe7DZZdDliOLZbCUpjvg6Ud/EwbYudH1nNGidKrgz+6dY4zfw4MQm/Gl9XHg7euTJRSVTZQxbw3DyPIykXA50HmnPZi9B4AFvUI6sZtu3e2ZgWo1D+SasAh44fiQYGwVPWLvONiWO/3EIwiL1wO6kGxCARhcUmyYGazwwgjVVr1NuSgmri6hSeuJLXbat/S2p69zIKx3NBTFUZ5xiVLxiB+XCPttcoAckauTghubmT0HvINwaZmec7ABZxEUP6rJUTfhuZihOywDopTp8KoAlHXJjNm9+f2EJzxphOyG2Ke1MBIR0IU4551dERmwdQTrQdMTMEIooRMT4IDbW6b+JUYgQvV3WLujQ6YLuHDuwQ/tivIcegIkwsc+ZUOYiZ+naoTIkgjSQsXrsgOjULKZDgFcnMwY+fJ2lAcm3pu3wse9qYDKyhxpf6/fZJ1JD/9hvEyJaH+h69TKsRRkJo+PlFGb2DjaYUi3j9lujjDvNNX0MLidguQw9Mi9jYXCo6o4MwQXKMizjtTXEVRg8RSi28BsHijanLXnXhSwgFnAo3Usb67xzP11rKBG9af8kJBNvXaVR0pjhC6un+JI0LuJxiu3dVBnZMB18z5C+rqX3RJsyGIL/RLN/xhSG9i4R5hdzaO08G1qdcLtzK1ym6j5oDwXQVchPAeY//BxNtgIo3oqHSDpPJqnXg2rjK62WIMBZxya/0QSyjTHu06L7z0rjSLv/YI/vsbIn1OxsVw4fu1lDG/o5CnQKr/9FDEsZd/PHBJSAhjmg5fVl6n0E38pXuiXNIU8Rr9SVimvER3muJXc6yIU7uXpnMwkH/ZEwWMnT0o6p+SlaxzU10e67PGbW1ovGGCUemz3yg0qjAnIxwnYxtDPTwFVl8BhEIXcN6MzMC7Ncq5JlNr2rjqrbwYO8LeagfDiq8KWygGKP+sZZL7eVkPIJB8cK1NIS22uXNzvsVXKSeksh14jRs/QAAiRM0hfm3CFIdULu5k8DNSmGgjxLf9gNjS8Ej3x9/V828aPyGrBrwZm3Tri66eufuxnNNteBAuzTjU5Pzf/hEai737PZTeRq8sizAn501ZiBUvslalsOw1VB2c+MukgCKzCKga3TUqnSx7HIkWv0C9TXJeXRuPs+czu/9/0SidA1p4mv6woK66+EHXJiTLXbb78DT390e3EHs/5rTkP5udVOpLLP7b4fjGVU959fIQLH5MOTIdINfj8XCQ1Ujts63Jor1RZeNErWADOVBcdnqjT03uh63G0d3A3RUBS+fUu6evx0ChEntbX3QbkDwV0P2rBtDhipccE1rW6tWPJhv278HysTPiwwsQadmdkLGMrJm4XQsYvAaTDtKnNzJUuVSKlnUilzEHEpBfiH4kKBgoXz06ZMEL8ameDfYFEyQwVU+NgRHtJtYE8lZErGYz0a+JJCgHPUiR13VGiNsO5eGBK04Wu4QjxCz4Wu347NOY0bR4Dj/d9td+TMeBPjfID1Ru5txZkuNzhee/qzU7Nqdw7BoOnOxf3QPWNv89vgnpQawsDPfGV6oIPs9hddlsxiNWFaQ4r+a6KdVBYw45XaHZ1MVdHUaV4SfIm30oRWkHWwiFjnlvi1VMxfXvpTu1CxkCSbtyWBRIcVDsypdv+QECsYwYY2KDFZETTm8Vva4SgGJohpprOlgUNuINSA31vHERg48Qbi4XrZeyi61B3I/1GWTOQ4WGAQ/HNnI9VnxTgcC9IcincadoRadhk7qHAtnZA8W52vxbjydJRQxnP+lxWkayxYhxXwAEn0eYP0t1qvhF6V6iaD69s9ZEqhhQkKpjwDrtKnJgPvv31YOCr6lLYmkzp+oqIYSeDzpf3Z0DimNFzL/URtPzeFt2VSAw56eXPze6lHe3+I5RbL7AIDhKwlqeUC3qOZvYm810vAeCmU74IIZ7C11tgIIK16Cwq8CF1CPRlthEfFI+76Q+3/4Hot6ev4naBFVxjqfays6CwoGaA7IYKkYX8yZvCZhi3y/lnO70yt8KFrVQKOgAUTaxdv6Y80uGvburcuHH3N7XmVljJFz8htbD0/qv6O7hfdm69g01V2dIuHXosUuqUT/RQgV+IeLJniMrKLxN1m1PHMncumA6nF9af6a4ua2H1thNjt0OwIBzx0mifWl511YyoUFZYmypVvdqHmo3ljns7GEA0RycAZxpeiVwwiQO6h9WbgbtVwAJnh1t1H37JkNNX+tSAd7n032ZWpczDQUpjxgM6wGPbiZYl7T6tR6ecEV8w+kGUaV+u7AV97p45tG7KMeqYFSItE7kJE1yoAaK4C8hcct7pK6ehdyyy4zjMtOzAKaql5z1oVrjC0OkQ/WI8BmOk39GKOGlrJFVbS1XKrOXRKZP+vet0IRPUhwQ2l90r7O30MmtWgNuPorIUgeY+D7/PJIGehx20azEIOBclJbwxG9UalUhorZiREMakgvocSw54NUXcZcMAVVYB45j+yXSuLVI/zGaMn8IzC13tAf+E3LKrUgeDa5nFPq5GNprqEKnjj3+fl5CwZb9vZYXNeLq7FY5/3deWwiPsJG1e4M8H4a0bPFbyQscj93bD1QiL8eauy2NtoGpopXnEteWtjOiMXV2oJ0soHsDPhEu0xiIlSS9QloDdNfYeJLRuQOHy8DCNLCaRp491998truKk8zMUOpQPFKEi1o8CcoIUvADF7i+EcNPMBhdy5+HgVZHus82mPv/e0+GYi/wQ+MIc93BT2R5KslAfBpSKw+VCv4dKP3TXkkH3krsbu2V6k15bhyEB22UCWQ854drhqFL0JtLOx1IzNElHi7r/jZg6Gd+XSrKll3it3BRyY2XKDEsvfaDTpn47y2ae2htzF8adIe9YNPVzcqVyAfY1+xjmXdiNRRVtq3L2+hNLIedtsG6vbnWXmqUWLeptTbshUckQ77O/hw4wfkqMDa0yxRDFMZUbRiGyFLwz1GmhI5TZ2b2cL3HCO4p1vQeLdKFWsCKFrjeJ6BzYRBn6Ba1U4cb4ZNknxtuJ33J5YzE2WiT7uV8VcAYLxwdAhGktfu1LDMIgztCamkZGlpqkzT9VcHT4QWLi0/WL/7ff0ukL3QwL3O0H9NDXciCTR2HQsPPXq7fzv4D9oE0wAibmJbsI0P0cwnfgeTlJLY0ffN7+ZPs1SzWz7YpaBoxKm4g5rRClh23JCXqtPD65VPtZijaoB7gafGvkBWNy7ryyqSJc1TeCJ5qa8bRHajkaDv9PuEIA9AJ/SODVIdRxyJj8wbXMQuGohXLESLZxPcJE/JBKWfrVAcl0ctkRNXWrbFeQo89NgdT8MWMYiWMfNE3EJqBP5h16FkRagrDUq8HlOpHtFG3EU1VSNaNGlRPmirgDTdQHOvj8kSpnGdyXOrptiWSdMgYWqhqlXRaK8yTMyb0Aot8wg6NuuICsuHZ3rhzi55jcCC9htT3lionJ2qh8eD705mF/c5j9,iv:hQyOucsZMBQoWJXDWs18C9pzcBtk69RaHjD4vZFqzCk=,tag:ncYl3yfCOgUsFTBdoCVypg==,type:str]
certificate-key-config-home: ENC[AES256_GCM,data:aUjZY1dOKYqTJmilVb8vfGKwwZAFYGny/F2B9AwI1Z7TiyCL5Z4Z7tO81+ZHCM6Cjbf3GgArmc1ulSxQXem9DY0wmo0GY6FFs2qSVU5XYs0D8psIrDrK1evQujZmHWlVzPVMyjmbZ2Pwxak15G33AIg4PDt7PsqlXWtPL454BEB07qOQg8qVx6LOPb8TKvYRk7nToZsMjEzxbufZtiFMfyOY0tFjU2anaycuUQ6OfS/9Yfx+N8yf7hDJUh84NkaRSYm20hLOBxIwI/J7tsgB+la3MLc7EVX9TfbwBPQj557dAY+kLht35Oi11/MsGjkvKrC+GTEVi0C94N5Rq9OmDxvp4gtpeiTy2O5WtBw9c4knyy1DtoiVDXSoeh+2f8rMgDdUUaph53oR+fXLtkQ=,iv:Ewvqyvn/FZYwRlT7OSQgg/UKdgHIaTlojf9Fv2B4DM4=,tag:134dToZ04kswk9v/9oikfA==,type:str]
certificate-key-todo-home: ENC[AES256_GCM,data:/Lwf7FEI75dR/RdJELdmYayXYJxY5cb6e9XZ/ISAgk94J1e6UpI2oDW4kh2IImnbwpZrw4OaBH0xzkGoVHtzPDO7rV3MqyLxl6JnUl/gox7sOAIMB/9CsEnhX0/clOUOwbYi4ndVtkywcxMnNei7mw+2LMcGX8x2uxw+RNT0nnA4c36laJ3AOBcpew0PCm/RYiFY+xqiE6X27h3DostWFWXItuPk/ZeOIc+0VsJwy01aU81UftZnivg0E8yJkaUfgcDxsK0iYJ0llxd+/t735TeSayNDUdn7koB6+lwdqbLiaSwvEZ4CzdR5CvodkwXEuLCIzpjzGaBHZWOrASZd60D62zfP1IRrdkn21A2GtO3VOo5im3TW2TX6qGSRsiE7VhYmvMuzN2pG7v6Q/1Q=,iv:eeTW1LIEVpbDMNT0cZQYtilJeK3KO1ZkIrYAjgfIyqk=,tag:/1n0nwGf3ruoorZrexmv4w==,type:str]
certificate-key-time-home: ENC[AES256_GCM,data:q0p5xKoYEPX7Xq4XA7SKdDb+CUiibHNOseMgyQS5uGqanT+y2R+x98LqK8aNXRiZtxiDxEoWnhTJCjLZhOkqSg97VCnlwYDfJsWL6Zxj3kxbTfrziq0fN+prjAV3DTt8S+wPoabsq9bvla0q5yCZdAerc+AkGfYhZmpb6piL6D8Atrt9L7sW6o/HYUOk9VJifR8vJXJQKgdf+K70P0uLwOUPnqcEtNMj+n14oYL32/st7wDi9gbcUp3WIEh6Cf/9zl2PKeUA+uCX6TdtKvfL55QyF8Rs/VUkMbmfwJpS6iCb9PFo5rLqwMAzSqgJCMiMg1Zs9bCYP0+1D2jJ2nPYu5owxnAzVfTmNBMUHLtfDhlGokFEn/cd7z2K3t+fsUl2CtLG6+x7Tq3C/MFu3hM=,iv:xPHkMyDvCmKT7cqrCgX+9GanfWIZw3MPnKc9KQANXFs=,tag:LmV+a+SRbisI1p2aaYqE0Q==,type:str]
certificate-key-hydra-home: ENC[AES256_GCM,data:3/T2Gmfn89EBn2zRo2iXayeVpVjvDyhVfmNO/1M6z0Iy4eP4liOQKSc71GrJ+2JJS+DEb0wBGuuWs4NoeNPsVyO7wAEms5KWi5/puO9WHvLv3tJaW5AVCTwQZj2FzqfLNALjx4iG9GilSbVadElK7SDurDTHB4KNFR6DzS38Hax4PF2mPIhhI2+0I1V8xkcnsfcyorMeS7ROQYvAqCG48k24U0IVVJgwjX3iDcM87udlZf4Ne1EtIN0UnJzxr7tbHqZd45axSPRRe11jrtE0OdMPyoXkwE6ojHT2L7v0QJX1RpxSaU/UmIBEeY0MMW7DG59U/9fPdKkfayJVkvrS0ilS2NN9kpJO/g4ljc3G5DgUvchPfrF5dNUHGTv4yD25U2LQ2B4CXEbIZTQd7f0=,iv:LCJqB+wh+itHcHkFUQR1uUcSWKBWcbkW+rIC95Ml8RA=,tag:IouMHFRjwMqtMdSoMHa7Tw==,type:str]
certificate-key-cache-home: ENC[AES256_GCM,data:6PuGHnP1jIoEPQSc01Rs07kiBwevrTlEQWJv4Gx4Y3fFra3e64VlAo6XEvYsD4XBfS0Uz384jfiRSDjeoqVNA88BCV+Xlg+IyhIKAYSx246ubWuVYW47NtRvPajU8BS4I4Tnl1D1yPPom7teYhfcWxDievaq/43cpArdZUHnRSzxplQ4nBeJDIdE6VD0Gy8txrFgYnakQIEvpsUszwaerWYwZRSPjezXMOideV2UCYkTpjkTYt+a6jwPpJf2/mwkAhAd/QAgsxgSd4d3VHgdgwh4TLeVBSUumEKQlpZ7izQCiV0KwNQvwZEzbT5P6UgyzW7fcVLNrrJOMPBy040EschSgkUt8V+HtY2fDQ+j1N7QT78pvFQvzoybcRAKq3u3oaS0Pmpmf7f45SDvCNI=,iv:bwJlkjdiPbQgQ752/Igkwo8T5zpWvNj0NYMzTx3+cI8=,tag:To7kbDtWtr1bIKLXyKFRGg==,type:str]
certificate-key-doc-home: ENC[AES256_GCM,data:PKCbbnYCizvUljhqVqckVYhmTXNTrFQrRGEvZi7r9Ji+wJvcuKR7ddoVKR5Ubegc3nYR82N1hKe1XU0eUNyyxVxXwf1c3FBuPCyxhR2pPKIosuwPoEzhcDlFq8WCQEn5cmZFpUIqh8IVQY8ePc4+WFs0FaQiGb9ZYjA3JIZtR8UXjkuizU1JBjVEngjLA23cXJdnwZd6HOBq6Lae+78KqTdg2TG5iHixMG7Tr1NV/OyPJ235+Hqgl/12+qwby4NgOyDS73ismE7RRwJYpsHhxOYWbuJryVyCwwSxW3tVTwF1xYDPkgftxIuy/AdvpGTk5rxF/EDjKt92Ig8yliUF0VN9Ej8e/cREgztuoFE5jj4hfWZaCne0QA/GrovWa8JXL4Vf5JzV5638O9Dr0As=,iv:y8ZVLFsr8a7PX+NRsEUlX/bri8Jw6ne1EJ18pz0adHo=,tag:WHaJk8P9jVKGhuFjIAcEzA==,type:str]
certificate-key-read-home: ENC[AES256_GCM,data:36IAlvuk3n8MX8/5OtULkUM4X7xntkmDXTAkfTmmU4wNThTBs13zaAHPclT9T/bxBQE5Wj42M1E7CLNQ1YnX823mp1ySmnIf4gKr2yisLBfeZdel+swapuEcGFh4dwo39uA8hajg5PTSJnZN50a34y8l0gqKh7p3RBlfFSwtZYUoKCeKu47Wz5bCNRg5WPfFf4iUoDAAwgAO67dvZ8VjsaJ4Gms0UW14G8TRAGdoFYB+gT4SDMuRrbxJl5EA1Yfi3btCYjlrAzJzR97cmG9WwOOGHWbWxcKsfc06ApXykR1rLckkjc2FsulsCSZ6g5jn4OhoeM6lJVWE/hW21vX/xnuPtMvy+dTq1/GW5NyZPiJJHQ/TwHYzeJsThsjvszYm2vSze3JIKZu48cW/aEE=,iv:hiRA0asRtgctHiyWrrFOXUkqCu6WGsdZ0IKyFv7rJYA=,tag:ImKlwKLNv/X0+IP99wS7Rw==,type:str]
certificate-key-note-home: ENC[AES256_GCM,data:yuJwbgO/i6GzAawc9s6CAhwd/59vurhtbBA8DhL6Gq+jPVf7ttHPDWcpJzcF2STAQL+JkL4Ap2/rcW6YnEzYZHjfeHX60l8rW6yItPlmlrYmwIiaHFYGt2bF9awSepB5pAR2P3JPUENlC0kgpVwKGQ/OS0YFEBmprXZ/kjIuEN7SrrfBA4m+c5W5/yaWq8TiuVRmyL+1ak2I9WK5qPmbjX4qhTkFuzQzvLQM6K1LtzmPHwni3z3gNCFKE0onm2Ns/+neSP/zRJNlMkIzAb/Ab/en0lGJEklOMmbn/hNezZXzxe93rwag8Am8Kdo382gGgXnUrgU/Qr9tdxtOAuy0r6YnT4KCIs+jF37KCYYsppjqrRKTRqivZQxwYjEIAj45ATHSNd+gNSM/aAlQnd4=,iv:9AH2y48oPvjPxMdxyDFdpUYwydAjmIQRcb1vi80eMTM=,tag:iWZwCIkjPYzztdo0bsXcGw==,type:str]
certificate-key-foto-home: ENC[AES256_GCM,data:0qAB2o30aHbpUQQ89YXWjMK2FBf1vtCHcGm/4Z6VcuhwdUV0wRa0Wb+WKuuNoT4Bbp6tZZqbjzlU68lv/rHqnKReZ6sr5u5HZwgbWpxnVORrfF7JEgkaP1F8NRsyodqIblwMP9bir6uQWRxof0OTXgnJhZU84QJItDBfsD0pfExmDQW5WlAAyrAVL13z/TBfddVPn3vU+CQIRnYt5RKtDNvaOa7XmXu8V7DuZJYYxUhnJfejFSpihoBo/Oxe/TwXzvxfTVYgbFYa/SZiBm6eGQbhO5ST3WJ0JDP3kT8mSmfqzXBLdBPJ2R+A8fF9ayLlRq4aEdFjUJQi1ojIuR6F1eSoxrIdSrDbz4+gZM4fJc2LAxjhdfg4j50Xwf6xOcdpAcz/GVGP93R1jWwo46I=,iv:SV0gXtwKTpVo3FtD7W0NpvZfaS0eFoNVP/F6k6zm+vw=,tag:NrDCn8QDudEIIbWQwPxI3Q==,type:str]
certificate-key-listen-home: ENC[AES256_GCM,data:QhQnk7LYQqfel7aX16mZW0b7SEH7/BacwZVPSnLVqtnTQu3/05cu78K4svzE3p0Gw4alV1w54SMds83ly6orUKP5I+4yqNUlxyXW+U6e6biQy5cznZxbdRtjygb6TKkDB7uYq+f4VSGZuzXHK0YTSzrwcIRjztEkvNVZgqlAt5dlz+tnkSa8Gn+lN2zoC2HTS4OhYJIk/d7YCE47QChC/+2joTeyrogSbq56uIvv5eb8G98iDiUcrTYr91MyNH21S0BVGD0X2C3lu1iwdmOs5t5D9nl7KBdvj82/paK78U00fzIwlKgZMLQK0Qm2/O2JFyVNy6I/vFbQ2ORWGIUyHqK61IXgq/4ugOeQ5oINpNF64B9Z5Jv3TXYXMYivBwko6LUmsaBhW6vBc1rRmh8=,iv:JxeP7NEPKErmKu0+q6IxaxLoUTc6wsDUPWxwdrprEoM=,tag:nEcOYrZwCIv6Sx1Y0MirLA==,type:str]
certificate-key-git-home: ENC[AES256_GCM,data:w9Cs0pepymB5P9SxF7eA2LdmnZO7jYUX355oQgJm94UsbNaleFE7QRs64qmv15jjMGNdie+Ux9LUSmqare3QCSS24JwErBHy1RSnwYwCKhdw8MtOBXT9qq07oO9lakd47SCb7rZLlxymwGPbvryOyPOKzb/bXyRc+c+3mYzac0CoG25WQjSbs8Qe18BLdgPCMe6o1i8qJeqBn74b4PDPgphNY3sbaQolKCyMYRk1aI72hARnXd7yJ2i8aQzSk2wsK0t71EMqaYo8k9uoOfMppcdrswHiNsc6TytZJNhSeqVCgrXIhqqeIvrXh706QmP9lgHA6K+exmkx7tL12tcNzz0BFJf8ayV5UPG58HgRqThvns17EJlbQN+e6pPFTI2Nxlfm7+53hD53TIxkYK0=,iv:LOGPPpteywTk1xa0Uhpl+W0WyAm08EqPFKbnsh1gBL8=,tag:ogMS5FZCdT3+ndOVMq/1wA==,type:str]
certificate-key-eat-home: ENC[AES256_GCM,data:UdXwY5wuF/o6ybUfZjKQpN8BcMr9dR63aWjzEgEh+WEazoFw+utzXODxGx88f2Bldyc6aQD3YptPiQZUd/2t2cY5BDa5rX8QsSkMVPlKkT91+XqilFDM3nK8rEQR9W5XS0hoSXdzmO9+IJ39yEm1riyf8QIqKzRjXQ4FW5M+AfbBWBk3Y80QUHZqu2FQfrhikJ7qz5ZvnZ+yOYF0rhjlr/sIVBMycyPVbdak73vGhpfsBIBKkq1q+4xsDGkx+vfrMLi80en7HFAdOg7TLL1MtxzrsNgiSRbokJUMhnryv6FBX0WdKsoK1aG1P1vtzqT3+jYwOt4Tf9PQcEd66hzUpnBk3m4MVB1hM53gpmNEaYEmDQ7cLGEc1BNyT0Z4m8TAAHPVnkESqZrXUirpfXM=,iv:RiuPEkidAy4pmvgAhv+kTi46DLpKy0xqAKSRL4RonvY=,tag:mbV6h1U2wWvMiGfIid/u4Q==,type:str]
certificate-key-foto-tammena-me: ENC[AES256_GCM,data:BNabWgck7TKuH9lRdmdqiBrN4nFHXNsWey1B+o3sIFRbKZGzNDxsfOBm0WH3W8m0IGq/pls/dZhfoWegZdxcKoSjv/41XOP6+feB7XONGkQI3a8Hn88JttoY5OV0VoLP93kDFqWQchFDpsd5JR3g7Mpci5YB8YXJPSLyZnsTmDH97I6yoXTw40fwy5IfjnXhPWTzPKMNkfUFEZqDUiMBRs1+/mYeaNMu0LVObutjY4YgUi9jN1CPhyhOdpqQwOQ/jhvxmyqyNmWikmlyTi+BiySz3baQggIW43Ef9Zc6a+d5RE9Qo9zw7C7jNce0hR0R4yJ5lOt7C4bXpZPYYYGrsgyCTRaeF3P5PX+9OgvJJY7a7x+mCROeRxGdP9Rj/3qaO9B6fsDM5O1gpBIXBYw=,iv:DPOKS7NTqkXDhGaJt34CPlhw+wkjg9jh4ABe2153Trc=,tag:M6GLgUBosz9YcuFDeRogYg==,type:str]
certificate-key-config-tammena-me: ENC[AES256_GCM,data:0+iGC4CzS9iYSXyk9IU5Wz7W3LSrzM0lbaMIUNZ90dV4/njlXkUVXaolouRK0taMgIS8OT4QmRaOD6LlHQfyy512oKoWw6y6So599Qj3jlZiRLGVrrJ8MlRJ4Fnl0tZa9YPOEKquNo1VBpoPhazk743YUqVIySxOOynl+P9qv5f4bDXCG6Nj78cWj75QcB4to3Zzkx+yVeTc2jKwWtLxSxdCGgJtxgCokkVZW/bU78g8Th+zdICXYweZsmj0MuSD1+j4akauHJykyvjt5Lu74laR6vwDQ0EC/ThJr7OiaBKzihYcfAO7zh4EkF7gBTZfiDEcBoxEcLwB6A8NXxFqdg7lTvkhyloVLN0yTOAh3nnkBaVmLAO8n19qOuPLRfhf9FFYJmAR48XZCHT20kM=,iv:kT9DEeX5yDpA4UpPHnrd1vFOD3QvXKrYetO0Ssz62tQ=,tag:49P+3XqjlwZT54KHyJjKQg==,type:str]
certificate-key-git-tammena-me: ENC[AES256_GCM,data:L+2OETTRnyZ7Ce5xFVrBs24GaGqGyvllk9g1K5XgMzRFx8ygkwrUqAVSOgvHJXWEOCud1sJ9SDujd3d3/DnM158Bd3T+Lp5fpD4g8gI+4H2+alHx92T8TrhwbEruj0Osb27i++nqg6yFdUD6OlRQ8YDoB2RgR0wXKsHpBwwZmyZhUKpXNDAlWKYisgtqpIUApBUqbpOJS1wlMtoELYwtW2UqZsLLWK8/Xw6DVRc8U9CPhKPzj5HERTI2cxAAhifTHv7k7dQsUi5U1YSCofeKfGoBL6DkBi4CtEpQX5CxTZ76VzkQxaKlkoheivntnps1vm+hz/RRY5iL4rBlIpzFiGqx+8K9ydEBGW91MKxv5rrgtVAb0/tM3hW6GgchHgm4oB8rJV9kEz+jkLQ0vAo=,iv:9IJG6uIGj89ZbI4Y2F7fOki7abjWDwKFUrLy5HX4eMs=,tag:pTBW7PLUfBqB441kv83gsw==,type:str]
certificate-key-time-tammena-me: ENC[AES256_GCM,data:KUKXyyC6E3ki7TwEyvthDZbW4PU6IOBLr+w5T6dXRegfKvqvgkK8rweRrf6qFQzacw0oHJNEbqv5l0cZdbzzF5OemGVa2F19yZ+VFPfPHwmtwnif3+JOzx2i6myN8PaYL5db3pSLv+QrfCr0G44bYYNEajx7g5Ce0EJkpE7UjZgod9X8JY1EkXoqAd+C2+0bVQnLi6mhp8z6dmVnK7EmXlmNva3en35Nm4YzqG2H0BUlyzSpoO+vWBgmG2Skbl4McHO7LIwAoWRuIyERDn48osAm7is3RfMMnHXCAlRqMWtojhMnRxmkn/SdEccEaaZepu6Q3anuMKZrARe1xJobaRMTe0cM47Ui0IHVhEE4dYQ/nVAoP7gj9fowvQn+GsqdtCho7kkI5gJiEQ5K12Y=,iv:zQ05Rwsg185m/G9XD8vSwtcuao/2Av7HNRfw4S3hpmU=,tag:jfpROZrA8SYIkp+kbLA4pA==,type:str]
certificate-key-eat-tammena-me: ENC[AES256_GCM,data:5/kzPG/J14NZbO/dTWoc0hsUBes07w9IIYOtyqAVdZ4XnEQyX2ZdYQYg4RWZ1ipFh1cMRbmgC5xhcp/Q+LY6OYovXb8Gw3TwDmwVlwbGZNo5UUcik1W0CnhzXw2y1XIrTF9efJBMgxwRAZQiYztu56lST+4BjC7pcwRMciftXUhYJ9XETblQSUxKww2aPrBfBwwAPRA/yazDJCqWbEU3vWewqSou6vaYDXSGBWif1/Zdgqt7HVOfwj6WJzy7k+9JT2Bg2FE7hwBtM9siDS8lsNj/l142wCWDlN7f+qME4C9wEBxuyJfpBUEQoNCscMmUnMkEmWLDZ/g+8Ez5PqXVel40tzq1pohO4xZVv3VlxiPMOXuijxSGslT0eYAp62vXue1Ii2whs8uonxmheFE=,iv:oodyOk9HESC4LsOZ11a0/DeD0rYltDH3+iDVlSsC/n4=,tag:hXoZId9xjFTC2DQSLU0SPw==,type:str]
certificate-key-doc-tammena-me: ENC[AES256_GCM,data:OzatonCK6tOI432B1JcvWoCbWP85hSkyKwJ3YkQk/G1yyMS1Jlk/TOc5+Cn5fegSDvRL/Qq+dTKEAE5YvPt4o9Ytg+WlQw6JjThquHHhAiR3sEz4y3/Jh+fLPQazQfwdHnU1onpclTuomAQCdIGdBu6fROevAhkaGRkZ8Hd6REzFmexcGjl1Ed4sllsxtNNanRTaaYYUXHkwGnJ2NzSGOoH7BfLookAzLxjwxyOmSZTKSAKDUKNEJnUcKQPAx50kUMgF5KIzctaHcpW091w6QQqp4zN2J2tdzkmnWl3Yl9E9otUDJ/3snmM2uRo/t7qpJYlNiqDeEeT8oWQ443N9FX10KpbpkmLjtlg4LnmbKRlnzQ3gGaXz9lIhxTA7gYPP0sis+0Ws+VAJdZMims0=,iv:+/+/kXxu8DgQdAhxsXBgBxVe9JMBINcq2L2/UnMaN1g=,tag:1yEr4EOw7ta1t7kH9qMtwg==,type:str]
certificate-key-note-tammena-me: ENC[AES256_GCM,data:TWKmWVmHWp+hSfcwNKUAlha965y7rvXI1XYJGr4Vr/8t37xxsXwzRknKkDb944IgOJD5j+b/RP7GVnoZgF7bPdEigvSFN6RagYE3zaqobYlXGSB+sWJc8d+z0jguiiNIPkGpicgoX6cM/Sh8v34IcgHiKywHoRC8YFjktxm+NoxUMYHNErjvDayORSjuW2mljyMfz71YC8KzCGmawXhEAz8x9vuwBqIY+XSRD72pMTC5kT7jBxMSZzpWI+XzLVobmPFBTIftfqHmCJqRlA15ZAwEiMOlDjDiLOYQHjAIHmWDJAD8bvYxF6ANSEaHRb8/r5K0v0o1V0WiCD3PKAUrZPQQ3u9nhT6OpFOs88iVgOqDHHN/On8FK0OlR6G3KWW6K65rd24takkSXHuQaVI=,iv:Rm3Bx3DCAM7fJ0py1sxumJCsInd+E6hP2kjhXDBcYus=,tag:COhpghXTmiKr+2J2BVLipg==,type:str]
certificate-key-read-tammena-me: ENC[AES256_GCM,data:Cb0SZkaqArT1GCXsacNBOaIG5BwiyjxtGU6aMJVp4I3/ccITcTpIyQlQWKaGDoSK0CQOl7LtbVBm0BlqUvTDXAyWJx1/doaf3Mlzdx8T7NhAWw7He6Lv1ntayqi1sQLGlY3rD7yqF+hHALfVoQNRd+MsvD7r6QFV9tsKYHART+RZJNPObj9Dznddzv0KIUnO+vEdzuMzbTRraVyjYN2Mx09ueKFJiVNQ5dND/EzA8m05A+ezCvYSqmN66fjuHPxycIkI5BbCq4PPbKUFLW31GMLQ73TQGdkhF6t1hzBEcmZfiFNyBUlWy8WwkIqHUxawDsPOc3o3npoMRixlpSowo6FRunQ+gmAVw3AoTw1OmwsMAPzrlSCRHuoTCnCHIvN3CzCmPyUTxjSMlOtWRas=,iv:LEfleSXCK2sOTWOLQ4CDf9XiojEIESyChwp/gXmCQo4=,tag:DAHl9c8b5Nj6H3QSAuqGkA==,type:str]
certificate-key-hydra-tammena-me: ENC[AES256_GCM,data:CxAvCuYu8Ftz4ths00roPjsK81/foNbWnQwolButgyAFrVh0Tx3ATpnpF5ck4W1Fpt8l9f5zQ5S2OykDlZu9loB9OkW5UhvdjxMqUxXJ76258NTVgqOLH062BAPLJmX4Oq4LSBJLMqj9teb9tFSkbEb7xnrba/PCLTJk6gP94TumkcYT/LZUfLl/7nQOqDckzem/7/pDcjkvVO2MO8sd5kbsTwzqfnW4hj6pTbhAmTa6X/o4pWMlcEZXclGOmQNN69vKWYKr0//t+nkvAujQ0g7FmJKIEysDCiaG0L5ZYCvtqmq32deGBfJRrZxS/x49Urg4cUPk5cj8/wP4ByEt5ykwDm1p8MP4E5Pz4PtlLYRMz4XFA73blR6U9aERAu6Mg8OcyJzmCYvqpfN8BTM=,iv:5A3J5yeCI2JU2GXdH1iKNWAVAqirdGzXCwoujwOB2bk=,tag:B073+3aobpOA2QU2BOjdHA==,type:str]
certificate-key-cache-tammena-me: ENC[AES256_GCM,data:ieanG2LnohzctjLggzx1b1IVcxcAaDQi/HPEAg7M8l8qespVKwSLBe31gIEQ2fQXtpmpESy6P4IhSPhVw7W0XyNe4656VycgFuo3JasjeGzfpH9DqXWYa+4wjT62p2gW4mnE8QbpKQ1s17hDkWPgNhrK7ya50ascXsazKD/XMoxdoIBKhFjfICWl+RqL2j1tRmB4U/w2MNQ3GVHBwK6xGy1uauDStR1Ndpz+Ed/fpEmodYyjvHrN2czykab2kD4BCqHISYgyf9y2wkBHSKMj6o1xJWRqAavOWW9YkQTlx7MbFypUOP6j1TYeeJZGAPNhiOFBeMTYapM645spoOECM0KSdAVHQmzIhl9zZ1rA5hx/wXk6OsIjbLRTd6lm8aAr6M9aN5wqLQpcu/ybFq8=,iv:8fP4uxYrZQ1n+0VYhX1Z6lae2GZu/PPqGgJjjtlAzrM=,tag:T95fhh7fTaVN8TR/2dU/0g==,type:str]
sops:
kms: []
gcp_kms: []
@ -35,8 +30,8 @@ sops:
ZzFxdmlXaTRCY2tUZndBSDlNeUVROVUKH1CxbcdwHR3ELn9YlGvO6YbGGg++wGZv
97ez/ErXEOq/6IF6HzV3I9BsVV4WCJI2VTP8Lbiwt59qg5riH7CGJQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-08T07:11:51Z"
mac: ENC[AES256_GCM,data:reqpsliDo+9wAkc6+SAwKrbyZH5oDI2O2qrJ3IfSJt/dGdFh/VupAdRIgaOMPmfdf+QREVfhIrQ2vHlEf7QrHUBcseTusuojgItrBw7r9xrwD0q9uPLxFFNhV7Oeo9iCrH/+uNZIhqGqJqeMglWROPx9mLQm0ZYp92skgWRJ06E=,iv:seRleBnn8hZvO8wfK/jPOw8Ts+DNOJny2XeZGU00W5U=,tag:pa08lf1CCDC4DOxc12p+zA==,type:str]
lastmodified: "2024-01-15T13:55:25Z"
mac: ENC[AES256_GCM,data:e929YjmaBHOYYtSIN3hcEQ1+qWfEZ1hZjexixhCqmLH45zDAes0WIKhtSBWrC5YS3GZ0Q3hQi+1oYz+DVy9qJRwYITAZP9okn5+7+rRT7A4DoNnUf+v3vsXJUQ/ozRnOxP2UWupMBUU2BgKpESeyh4jqhSnp3GSuXAzPThhEuNU=,iv:GjZJnvQf+xvGLu/x8w9YXxx+hE+aI+Z5l+S2HHD5JQU=,tag:FTb6rhDx7sh5rOECxS/hBw==,type:str]
pgp:
- created_at: "2023-11-06T16:58:30Z"
enc: |

11
secrets/pub/cache-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBozCCAUmgAwIBAgIUGpvnmF34XGE9m+FiyJWUtpACo/IwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM2MzhaFw0yNDExMDUy
MTM2MzhaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABKFpzCJ0CB3y+ecW6K08E1LWnN2dXLFzfQrblIP+2/q1B9+x9TltVl9XAHZ+
KHDt4xtBH/1m9pHIq1o4i1eI3xyjezB5MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATAVBgNVHREEDjAMggpjYWNoZS5ob21lMB0GA1UdDgQWBBQxM8gI
E08BQOT+TeOeyaddOUDjjDAfBgNVHSMEGDAWgBQA+twP2yay+C3XJDsZsiKtZZlP
qzAKBggqhkjOPQQDAgNIADBFAiEAs8aGInkoEZj3VOn9EhEipcU08jLPE4IogKZ0
P7HTxF8CIEFJ0GCDzH0BGIkXPzSUqp+VPSUVB++0MUD6c3xZZymU
-----END CERTIFICATE-----

12
secrets/pub/cache-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBtzCCAV2gAwIBAgIUAihiVIfcHwp5k/5AQKQc2vfOcakwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUxMzU0NDFaFw0yNTAxMTQx
MzU0NDFaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABHmnodW1K3deu+YD9Ehqzd64PesSWJjWSBjF2vL2dYRx1H5ey2sHmWNesA/u
oleD4qgGwpiZ9dBDkjpXF7DiQ7SjgY4wgYswCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCcGA1UdEQQgMB6CEGNhY2hlLnRhbW1lbmEubWWCCmNhY2hl
LmhvbWUwHQYDVR0OBBYEFPMaOh5/PTMCoeNoONj51+k+BpmYMB8GA1UdIwQYMBaA
FAD63A/bJrL4LdckOxmyIq1lmU+rMAoGCCqGSM49BAMCA0gAMEUCIQCi/j0slUib
RHcseQdx/vlpXM3JGqjB2hZyNWtPq7+6nAIgWGZZNZSC1aoHhlNNlqZK8N/6EkWq
jsawPYL3y+KvscI=
-----END CERTIFICATE-----

11
secrets/pub/config-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUBe0/igRlSLxWtYVB6xPKncE5YJIwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM2NDNaFw0yNDExMDUy
MTM2NDNaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABCJSihwWx0hbnJ2yRoEkQQ395bYunBUUn5YM41Lzbeg9vHTuFewwDXwXJQnm
K9PNZrnKbB0zSfl2JZqeSPnVhqmjfDB6MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATAWBgNVHREEDzANggtjb25maWcuaG9tZTAdBgNVHQ4EFgQUXMd9
uBsy7oEgQUMbvgL+0pShvggwHwYDVR0jBBgwFoAUAPrcD9smsvgt1yQ7GbIirWWZ
T6swCgYIKoZIzj0EAwIDSAAwRQIgXxwMmnhlKp9g5RfH8DY0jfZC09q6PpceAf4G
3lgDkJ4CIQCbM7jzCEHbOhhKaacqyrUzkqKlXbKyCFMcd0GsswPWvQ==
-----END CERTIFICATE-----

12
secrets/pub/config-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBuTCCAV+gAwIBAgIURzwwBAEwaT2hwpHSkIJ/S5aP39owCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUxMDQ2MjBaFw0yNTAxMTQx
MDQ2MjBaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABLGvXF+e+H277acWRTEe1GTq+uBI3nbwS0B8KDS40GwhvxqqTPcLb2RdEY5R
bfTzrI/z64AqD2tnuqZmlO+raWqjgZAwgY0wCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCkGA1UdEQQiMCCCEWNvbmZpZy50YW1tZW5hLm1lggtjb25m
aWcuaG9tZTAdBgNVHQ4EFgQUCrC3WomB4WMhuiu+cwYEMnG26OwwHwYDVR0jBBgw
FoAUAPrcD9smsvgt1yQ7GbIirWWZT6swCgYIKoZIzj0EAwIDSAAwRQIhAL5YqX0Z
Sfb6aAIU0slh6sBDKR2uDBrIyBxpFIpcngc5AiBvcxM83useEM/ebpDDLmrNuuN1
1hhoial90jAb56Ilow==
-----END CERTIFICATE-----

11
secrets/pub/doc-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBoTCCAUegAwIBAgIUW/AL1DY1Wl1feUogSmMApjII1lswCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM2NDhaFw0yNDExMDUy
MTM2NDhaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABMAEd5oBHECI17m2N1ijHK0SCtLjp+FJjSxYr8RPK7odWmaXZbG970LonW0p
SPGxY0f4ob9wGRKOafFyXw7Nu5OjeTB3MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATATBgNVHREEDDAKgghkb2MuaG9tZTAdBgNVHQ4EFgQUskMR9iLb
kBosNZT/puPMtgw816wwHwYDVR0jBBgwFoAUAPrcD9smsvgt1yQ7GbIirWWZT6sw
CgYIKoZIzj0EAwIDSAAwRQIgVhl81ZO4N+gykDY41pSD/OT3N9S2gQ4JJdA/ya4L
FSECIQD9oIzu8VpWvlggjLQIf6SOuRTLWngYsHwuNpnCv8pCVA==
-----END CERTIFICATE-----

12
secrets/pub/doc-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBsjCCAVmgAwIBAgIUaZcBhcj0tgq+rDHQX3fpl1T6C4YwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUxMTU1NThaFw0yNTAxMTQx
MTU1NThaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABEe4rsuV6RtMDwsHj9T2fHkDzp55yeuxpB4ArmtTYXdUXcpuLgeO4CC/Xnzi
8H3jm0YdVM39b+YEQtvEQ8QCrsmjgYowgYcwCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCMGA1UdEQQcMBqCDmRvYy50YW1tZW5hLm1lgghkb2MuaG9t
ZTAdBgNVHQ4EFgQUZn7af9gGy8xMoaKmkupgnn+QzkgwHwYDVR0jBBgwFoAUAPrc
D9smsvgt1yQ7GbIirWWZT6swCgYIKoZIzj0EAwIDRwAwRAIgCV5d3o6rB4xJ47S/
c9aGrjb/V/JVECUAGuImzHCKe4ICIBoWg0C9uXmDmN1Dzwk2Wil3IhLaQbtpS/Xl
JrGneSNv
-----END CERTIFICATE-----

11
secrets/pub/eat-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBoTCCAUegAwIBAgIUXX7hG5icEqtRroxsclad4zGeRHMwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMDgwNzExNTBaFw0yNTAxMDcw
NzExNTBaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABAEQY2ndpQJA2uAWFj6UYuW+LBqE5UWSEBcOc/AWZke1htTWRJXSxtpxSWvS
AAGka2IIcVhDEQl4dwrfBlRZcjajeTB3MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATATBgNVHREEDDAKgghlYXQuaG9tZTAdBgNVHQ4EFgQUMS5TV1f1
K1YW7kOwDqr7ify+cbUwHwYDVR0jBBgwFoAUAPrcD9smsvgt1yQ7GbIirWWZT6sw
CgYIKoZIzj0EAwIDSAAwRQIgGqLC30CZIXw5yjKXfK2kanwr9t2C+iv1APZixiVR
Rw8CIQCLy+lN8DXyl3hVau8LSoYT3Rb1QqiUownWc7pOl8YZwQ==
-----END CERTIFICATE-----

12
secrets/pub/eat-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBszCCAVmgAwIBAgIUFI2uY4gltCP0DqsDtFdGAYADGGYwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUxMTMxMDdaFw0yNTAxMTQx
MTMxMDdaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABAtZWWDUZWsSiKqVQ7JTL8GD6btHnmnsX2ASpPve8hFoKkOC4J28uACJrpKt
XqjUBfG2sbbRGtlnUwDYcXbqAvWjgYowgYcwCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCMGA1UdEQQcMBqCDmVhdC50YW1tZW5hLm1lgghlYXQuaG9t
ZTAdBgNVHQ4EFgQUPqP1CcqpkdGXRA2e8B2VpUgfWdIwHwYDVR0jBBgwFoAUAPrc
D9smsvgt1yQ7GbIirWWZT6swCgYIKoZIzj0EAwIDSAAwRQIhALHPWMFUuv9v+l+n
Z3a+QPj45ZQXO+sGTov7n0B6sj4zAiBgjPp1l0gc3X7UHt6cg1tPmfjTo7ihrd3J
akVc0wtO6Q==
-----END CERTIFICATE-----

11
secrets/pub/foto-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBojCCAUigAwIBAgIUVpjqyd+Edrj7vTHsbo/1PqLKDAwwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM2NTNaFw0yNDExMDUy
MTM2NTNaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABJgbnt2+Ay6EfPb+Xl7ip+f1lXvUoVXzmM2GOEMZU+MrDfyaRY8eFAydrM2V
Uter/vMTkK9zt68PaISJqqE2bJejejB4MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATAUBgNVHREEDTALgglmb3RvLmhvbWUwHQYDVR0OBBYEFMHGabKi
4aV8dWe7QeHEn0MYxma5MB8GA1UdIwQYMBaAFAD63A/bJrL4LdckOxmyIq1lmU+r
MAoGCCqGSM49BAMCA0gAMEUCIDbgZQuV/xN147/y7TPV+o6Lfke9hIKhVpyqSz8H
66UwAiEAzKbn46lCU48tU+5kLBvtb8+Rp7lGvA6BUSEZT0Nh1U4=
-----END CERTIFICATE-----

12
secrets/pub/foto-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBtTCCAVugAwIBAgIUQ/doNRIc6CFrvfrOYaKOkeZhr54wCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUwOTUxMDFaFw0yNTAxMTQw
OTUxMDFaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABCfwsATCkahm6hK8yXj/AFAFl2PvHK8mP1wEIwqaDkAMB6NZxGbIXRWV3EWh
mO2FOtcAzw3BZJ9JRqONUt4Tqy2jgYwwgYkwCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCUGA1UdEQQeMByCD2ZvdG8udGFtbWVuYS5tZYIJZm90by5o
b21lMB0GA1UdDgQWBBT+Oqu08k9fgdye+91GnTSmVXRQ3zAfBgNVHSMEGDAWgBQA
+twP2yay+C3XJDsZsiKtZZlPqzAKBggqhkjOPQQDAgNIADBFAiBvviDi3DE2Fw47
BIeHuXKymB2T2JzzWNWD3M/7Ev9p4QIhAIDwhhiQsQGycvWGbv9pTCsdhcQUvfu1
+uxBDy+JeCm0
-----END CERTIFICATE-----

11
secrets/pub/git-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBojCCAUegAwIBAgIUJ1TbroT/cDUKvtV76CxQ/HV+mmowCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM2NThaFw0yNDExMDUy
MTM2NThaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABBFvb2rQueGRAScn/iECvKyfrfLgA/QcXslYBRotfob4MEyX4Cd9qHWoXjEu
TX0hgWU3rgX2nQW8lfKm8FCzWN+jeTB3MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATATBgNVHREEDDAKgghnaXQuaG9tZTAdBgNVHQ4EFgQUhOaWUQ1g
vjWPHsU+Q+e0RSuX6wgwHwYDVR0jBBgwFoAUAPrcD9smsvgt1yQ7GbIirWWZT6sw
CgYIKoZIzj0EAwIDSQAwRgIhAIQ4LJ5u5kIoD9CW91j4ZaNrTrbIOBk2iGdJ6Jdq
JMo6AiEA51DWhjj4QAP17zl3EjlHpn16fmcZgaPN6EXW8DVN99g=
-----END CERTIFICATE-----

12
secrets/pub/git-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBsjCCAVmgAwIBAgIUOicGfKYRE93gnpPrYFkjGpJp1cAwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUxMTE1MDBaFw0yNTAxMTQx
MTE1MDBaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABCwVBS2jduRyQT0cfv4j12/vH/hPTsaCyxcP18JzS9T48OvKW0E4kAU16naT
Nhs2VHD5iVALvfx7JGN+wjqlY6KjgYowgYcwCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCMGA1UdEQQcMBqCDmdpdC50YW1tZW5hLm1lgghnaXQuaG9t
ZTAdBgNVHQ4EFgQUrsm2SxReJA38LOQQ3FSfFKKJDAMwHwYDVR0jBBgwFoAUAPrc
D9smsvgt1yQ7GbIirWWZT6swCgYIKoZIzj0EAwIDRwAwRAIgUxuBWqwiiL39N/R6
8WLk8WCSTBqcbTVMvLthi26P2GgCIF2mm7L8hQO1PyaahCMSYSl1bPY+dasjrbIb
TFNSMcnf
-----END CERTIFICATE-----

11
secrets/pub/hydra-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBojCCAUmgAwIBAgIUO//krssOXRxiZH29f5q+Iv/iCtowCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM3MDNaFw0yNDExMDUy
MTM3MDNaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABDcUAK23ojmiy8JB/js8P+8hIBwoqP4EL4V8zL4FUIYdqlX32IXIe78up+mk
EQ+zR/MoIdzUu5mzcRA4+M/9n4ujezB5MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATAVBgNVHREEDjAMggpoeWRyYS5ob21lMB0GA1UdDgQWBBTUMAAP
VtAE9zn6nTBy2HlSAc03KDAfBgNVHSMEGDAWgBQA+twP2yay+C3XJDsZsiKtZZlP
qzAKBggqhkjOPQQDAgNHADBEAiAcX6Vmne+0om+DyPbwNC3OWR926H93NIRfX7AL
ZrjGYQIgUc30oiGeknUroTS/nyvlAMgY9ppmJIhPLJhUWIV8Noc=
-----END CERTIFICATE-----

12
secrets/pub/hydra-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBtjCCAV2gAwIBAgIUZLSvgkuc+bseO8gUyXvUPNwilfowCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUxMzQzMjlaFw0yNTAxMTQx
MzQzMjlaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABGAVj6fMw4lqUQq6w2uXuA0T2zeXztYRuTs8cYCSvS8tLf+48xI1t3LSAVDS
sCkyJKL3IeMbVd7bNQB2wixfrzejgY4wgYswCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCcGA1UdEQQgMB6CEGh5ZHJhLnRhbW1lbmEubWWCCmh5ZHJh
LmhvbWUwHQYDVR0OBBYEFB50XIm1B6tLpXrYi44CYTa4v5cyMB8GA1UdIwQYMBaA
FAD63A/bJrL4LdckOxmyIq1lmU+rMAoGCCqGSM49BAMCA0cAMEQCIC0wwVvnpSq1
jWufW3sol1+hTRVuvJ+0qFkliYyPldMFAiB5cPXQkNzTKsGLs7vB4lSFCDTLwaDM
9TQL+09ZGLtwZA==
-----END CERTIFICATE-----

11
secrets/pub/listen-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBozCCAUqgAwIBAgIUGIp9MdhcUu2/TP0Y8SvTRdjKIbcwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM3MDhaFw0yNDExMDUy
MTM3MDhaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABBkKuR+zl254Fnj73EzckBLZQrnBG1mPG7ZdD5rDmLfBJAamwZ+rAJPEiLU6
YlRq+qJXVPxzBXSl/tb7FR90kLCjfDB6MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATAWBgNVHREEDzANggtsaXN0ZW4uaG9tZTAdBgNVHQ4EFgQUrXPk
d/UHZXennBLNBrMAaM2/e30wHwYDVR0jBBgwFoAUAPrcD9smsvgt1yQ7GbIirWWZ
T6swCgYIKoZIzj0EAwIDRwAwRAIgKsTz8xbWW2SJ6JWrOxbYWjdEoHNHtUPRz63g
Sgd25QcCIAV7hyUMlK82n3wISb2p7cJcr3neLw+9FnjqMSYvfZAh
-----END CERTIFICATE-----

11
secrets/pub/note-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBojCCAUigAwIBAgIUKpRgJ/eny+erl6FSDFFl5oVH8bMwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM3MTRaFw0yNDExMDUy
MTM3MTRaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABJTvH2lfhUu6qSLXxUEfTrPhGac5/GVTqdkcZnLpyHVTi2R8+Y1hYBw9YJ+K
icU716roI1iHF5QXrzbaIHB0rdqjejB4MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATAUBgNVHREEDTALgglub3RlLmhvbWUwHQYDVR0OBBYEFLE6OzKR
8RuyLLP1v6545EkC6m28MB8GA1UdIwQYMBaAFAD63A/bJrL4LdckOxmyIq1lmU+r
MAoGCCqGSM49BAMCA0gAMEUCIQDxLku/C2UKnUJp81gi1pD3I/gMbhvGmM00/iLQ
Xn8MAgIgfAvLgmeBbpaTpbHjL4OZUb952grxBlhouUzwZwzjxjc=
-----END CERTIFICATE-----

12
secrets/pub/note-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBtTCCAVugAwIBAgIUSLhaixi7eqlkH7q6qlIEI4L5o5wwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUxMTU3MzlaFw0yNTAxMTQx
MTU3MzlaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABIVE0bfzak2x5Y2L3DKzp0IOZRE7xibe4HICvI7inlw/H32oNQ6wcvJpnM5e
l/BHRCNfak+5Jooay1u6GQ164/ejgYwwgYkwCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCUGA1UdEQQeMByCD25vdGUudGFtbWVuYS5tZYIJbm90ZS5o
b21lMB0GA1UdDgQWBBQHz58dp3RToVngbtQ44oezzzYCjzAfBgNVHSMEGDAWgBQA
+twP2yay+C3XJDsZsiKtZZlPqzAKBggqhkjOPQQDAgNIADBFAiEAj1bNt0dHVVqU
rUxDSR7/cWghSIG3q/qzAiXaN2w999sCIDZuuRKamVtewcT+X6XQUzDANS3oG8D6
6HJ/bs506bcS
-----END CERTIFICATE-----

11
secrets/pub/read-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBojCCAUigAwIBAgIUeMK7eDYAgZhaRyrQtNHsJfbcuBowCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM3MThaFw0yNDExMDUy
MTM3MThaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABKB/xWm8HLXXpYvl5mqQo/So0P7cKBrFiLQcds4yBKLAconO0K+Wu00nhr2Z
fqJQGq7Cwutzmg1k0g2HbxDCRqyjejB4MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATAUBgNVHREEDTALgglyZWFkLmhvbWUwHQYDVR0OBBYEFJwlCbpi
vPO7WzVzKcd0vd0xcCJHMB8GA1UdIwQYMBaAFAD63A/bJrL4LdckOxmyIq1lmU+r
MAoGCCqGSM49BAMCA0gAMEUCIAcB1FlC0kwIOhU3EzzieMTO9gg5U5ivw+QLVjiS
VbJxAiEApPVNQ3guRw2HRJS7dEboEisEQ+1QhN0Sc70jqQsvhJg=
-----END CERTIFICATE-----

12
secrets/pub/read-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBtDCCAVugAwIBAgIUSdrPXvzKwL0R7NBRlXOP4LWiUYMwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUxMTU5NDFaFw0yNTAxMTQx
MTU5NDFaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABCZVBuM+qy2EpPo82XOyITL0og54D0m1jO8Ntopmr0reyEgYBx1PXPCtyF4Y
R5gyWTb3Zbky0mtQtAeDz2Pg+9ajgYwwgYkwCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCUGA1UdEQQeMByCD3JlYWQudGFtbWVuYS5tZYIJcmVhZC5o
b21lMB0GA1UdDgQWBBRHuT6FvppOR1xWrACauZenrMpJJjAfBgNVHSMEGDAWgBQA
+twP2yay+C3XJDsZsiKtZZlPqzAKBggqhkjOPQQDAgNHADBEAiBi79sOuE183Djy
VOViIJ6gWxT9SFpZb+KcD5U6wX8IVAIgT/dE8rJP+TKuxK4Sd4Iwlqmnt/tnWGfZ
HkExA+gYgDo=
-----END CERTIFICATE-----

11
secrets/pub/time-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBojCCAUigAwIBAgIULs6L9cehoEJOEwq+Z8Q+Sw9AciMwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM3MjlaFw0yNDExMDUy
MTM3MjlaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABC5/10Uf9s19Bj5AKR2ql49jc0D2SlQg8/iRBA92wgvxP0N9nMZMgbVlSkQS
5WKDb26CUIqg2r5BzQWRxKCwRRWjejB4MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATAUBgNVHREEDTALggl0aW1lLmhvbWUwHQYDVR0OBBYEFJbh/q3u
AjraRSJK04xMEQyEWDEqMB8GA1UdIwQYMBaAFAD63A/bJrL4LdckOxmyIq1lmU+r
MAoGCCqGSM49BAMCA0gAMEUCIQCGUk6CYBN+tWKT46UEEHLy73dz7Q4ZSH+WmKBZ
F0YVzQIgDQRR9rxA6rJuW13JRLkWzo9GQmE1JOWlj+/29z144gs=
-----END CERTIFICATE-----

12
secrets/pub/time-tammena-me.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBtDCCAVugAwIBAgIUUEIYVksaJsjInYDel3Ws78iHQNAwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yNDAxMTUxMTE5NDBaFw0yNTAxMTQx
MTE5NDBaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABN4R4Mz3f0/DzcS3I/LelbwLLxBv++uaOS6H2uIyOCPPuxkNXpC88y1IIEBC
UmORM3vzWHpUalTjnCKyPPCNtgujgYwwgYkwCwYDVR0PBAQDAgXgMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMCUGA1UdEQQeMByCD3RpbWUudGFtbWVuYS5tZYIJdGltZS5o
b21lMB0GA1UdDgQWBBS0W625dKWNkBYcHFvT1lvVUtUziTAfBgNVHSMEGDAWgBQA
+twP2yay+C3XJDsZsiKtZZlPqzAKBggqhkjOPQQDAgNHADBEAiAsSG0+7Y9qdm2k
VTJlKaX8fOAWs716veznghb4qBXIKAIgOl6C9EQlIr1ZiGPI+5SqvH4hA0OIXMlF
963ulXUw6ew=
-----END CERTIFICATE-----

11
secrets/pub/todo-home.crt
View file

@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBoTCCAUigAwIBAgIUG2UOR05kg1jHUY7EEr5stkdtoHIwCgYIKoZIzj0EAwIw
FTETMBEGA1UEAwwKTXkgSG9tZSBDQTAeFw0yMzExMDYyMTM3MzRaFw0yNDExMDUy
MTM3MzRaMBExDzANBgNVBAMMBiouaG9tZTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABHCThIGyNATeoFwfklHdzT93CzyVcQFL8N+sw53pyxZJQUUk3M719NNyQ9qM
TREzrqe1XrLocd0goF8ArOb6KRCjejB4MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAK
BggrBgEFBQcDATAUBgNVHREEDTALggl0b2RvLmhvbWUwHQYDVR0OBBYEFPmAYh9X
/0Tgdxxnj0bz+fqOcpT4MB8GA1UdIwQYMBaAFAD63A/bJrL4LdckOxmyIq1lmU+r
MAoGCCqGSM49BAMCA0cAMEQCIBOYNBJByszSG4jTf1l+6NIC7yc//C7KxQ5M98WH
WSQUAiBcyyi0Cu6MpnVm7aiuDW5s3U+2NwPzMT64/8nDjFj9xg==
-----END CERTIFICATE-----