wo2w/nixos-config
1
0
Fork 0
Code Issues Pull requests Activity

add onlyoffice to nextcloud and set up ip forwarding

Browse source
This commit is contained in:
wo2wz 2025-09-05 17:45:35 -04:00
parent 5b0f0dc3ce
commit f389f8344f
4 changed files with 84 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

87
modules/nixos/homeserver/caddy.nix
View file

@ -1,21 +1,45 @@
{ config, ... }: { config, pkgs, ... }:
{ {
services = { services = {
caddy = { caddy = {
enable = true; enable = true;
package = pkgs.caddy.withPlugins {
plugins = [ "github.com/WeidiDeng/caddy-cloudflare-ip@v0.0.0-20231130002422-f53b62aa13cb"];
hash = "sha256-mtKyPOEY6qK1/Uz4LQfzqBMxFnfH1vLfvxyo4t4nXck=";
};
extraConfig = ''
(cloudflare-tls) {
tls ${config.sops.secrets."caddy/wo2wz.fyi.crt".path} ${config.sops.secrets."caddy/wo2wz.fyi.key".path}
}
(default-settings) {
encode
header {
Strict-Transport-Security "max-age=15552000;"
X-Frame-Options "SAMEORIGIN"
X-Content-Type-Options "nosniff"
X-Robots-Tag "noindex, nofollow"
-Server
-X-Powered-By
}
}
'';
globalConfig = ''
grace_period 30s
servers {
client_ip_headers CF-Connecting-Ip X-Forwarded-For
trusted_proxies cloudflare {
interval 7d
timeout 15s
}
trusted_proxies_strict
}
'';
virtualHosts = { virtualHosts = {
"drone.taild5f7e6.ts.net".extraConfig = '' "drone.taild5f7e6.ts.net".extraConfig = ''
encode import default-settings
# most of this doesnt matter but why not
header {
Strict-Transport-Security "max-age=31536000;"
X-Frame-Options "SAMEORIGIN"
X-Content-Type-Options "nosniff"
-Server
-X-Powered-By
}
# block connections to admin login # block connections to admin login
respond /admin/* 403 respond /admin/* 403
@ -24,25 +48,14 @@
''; '';
"wo2wz.fyi".extraConfig = '' "wo2wz.fyi".extraConfig = ''
encode import default-settings
import cloudflare-tls
header {
X-Robots-Tag "noindex, nofollow"
-Server
}
respond "not much to see here" respond "not much to see here"
''; '';
"nextcloud.wo2wz.fyi".extraConfig = '' "nextcloud.wo2wz.fyi".extraConfig = ''
encode import default-settings
tls ${config.sops.secrets."caddy/wo2wz.fyi.crt".path} ${config.sops.secrets."caddy/wo2wz.fyi.key".path}
header {
X-Robots-Tag "noindex, nofollow"
-Server
}
root ${config.services.nginx.virtualHosts."localhost:8002".root} root ${config.services.nginx.virtualHosts."localhost:8002".root}
file_server file_server
@ -61,6 +74,7 @@
path /.* /autotest* /occ* /issue* /indie* /db_* /console* path /.* /autotest* /occ* /issue* /indie* /db_* /console*
not path /.well-known/* not path /.well-known/*
} }
respond @forbidden 403 respond @forbidden 403
# make .mjs javascript work for the functionality of some buttons/apps # make .mjs javascript work for the functionality of some buttons/apps
@ -68,18 +82,23 @@
header @mjs Content-Type application/javascript header @mjs Content-Type application/javascript
''; '';
"zipline.wo2wz.fyi".extraConfig = '' "onlyoffice.wo2wz.fyi".extraConfig = ''
encode import default-settings
import cloudflare-tls
# most headers are already configured via cloudflare @blockinternal {
header { path /internal/*
# nobody is gonna find this site through a search engine anyway path /info/*
X-Robots-Tag "noindex, nofollow" not remote_ip 127.0.0.1
-Server
} }
respond @blockinternal 403
# use cloudflare origin certs for https reverse_proxy localhost:8003
tls ${config.sops.secrets."caddy/wo2wz.fyi.crt".path} ${config.sops.secrets."caddy/wo2wz.fyi.key".path} '';
"zipline.wo2wz.fyi".extraConfig = ''
import default-settings
import cloudflare-tls
reverse_proxy localhost:8001 reverse_proxy localhost:8001
''; '';

30
modules/nixos/homeserver/nextcloud.nix
View file

@ -1,14 +1,20 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
users.users.caddy.extraGroups = [ "nextcloud" ]; services.nginx.enable = false; # disable to use caddy instead
services = { users.users.nginx = {
nginx.enable = false; # disable to use caddy instead group = "nginx";
phpfpm.pools.nextcloud.settings = { isSystemUser = true;
"listen.owner" = "caddy"; };
"listen.group" = "caddy"; users.groups.nginx = {};
};
users.users.caddy.extraGroups = [ "nextcloud" ];
services.phpfpm.pools.nextcloud.settings = {
"listen.owner" = "caddy";
"listen.group" = "caddy";
};
services = {
nextcloud = { nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud31; package = pkgs.nextcloud31;
@ -25,8 +31,16 @@
maxUploadSize = "200G"; maxUploadSize = "200G";
extraApps = { extraApps = {
inherit (config.services.nextcloud.package.packages.apps) calendar tasks deck twofactor_webauthn; inherit (config.services.nextcloud.package.packages.apps) calendar deck onlyoffice tasks twofactor_webauthn;
}; };
}; };
# onlyoffice document server for rich document editing
onlyoffice = {
enable = true;
hostname = "localhost";
port = 8003;
jwtSecretFile = config.sops.secrets."onlyoffice/jwt".path;
};
}; };
} }

2
modules/nixos/homeserver/sops.nix
View file

@ -26,6 +26,8 @@
"nextcloud/adminpass" = {}; "nextcloud/adminpass" = {};
"onlyoffice/jwt" = {};
"vaultwarden/secrets.env".restartUnits = [ "vaultwarden.service" ]; "vaultwarden/secrets.env".restartUnits = [ "vaultwarden.service" ];
"zipline/secrets.env".restartUnits = [ "zipline.service" ]; "zipline/secrets.env".restartUnits = [ "zipline.service" ];

6
secrets/secrets.yaml
View file

@ -5,6 +5,8 @@ cloudflared:
8af2892d-d534-4e32-b867-5b79308a99d5.json: ENC[AES256_GCM,data:4fOlt/pNxQ9CSuKf1ZPv9odtdU+Q7NTlO56xGp5yY0AEZrbpljSlTS/b8dON5iVwRoUjUbUui8+jvDri7ad99e+kZUwzDC2S294oaQyPa5Bl4jrYZSFn6SWZbnBzyV5tVN0hoQlIMQ/oU53TvBAtNrj10toePH7iLB12AmqMCBshWEFUViAJqGcZZMrcarAT453FgtpR+f3vR8Wv90SGc7wHXARJZ4NzEIRmYD4dGA==,iv:1Mt9FJTlT7Sv9FvrNY97icXSi757ejt56lhc7OG1dJM=,tag:JxW5Cg6nPzzh4zxi9Wvw0A==,type:str] 8af2892d-d534-4e32-b867-5b79308a99d5.json: ENC[AES256_GCM,data:4fOlt/pNxQ9CSuKf1ZPv9odtdU+Q7NTlO56xGp5yY0AEZrbpljSlTS/b8dON5iVwRoUjUbUui8+jvDri7ad99e+kZUwzDC2S294oaQyPa5Bl4jrYZSFn6SWZbnBzyV5tVN0hoQlIMQ/oU53TvBAtNrj10toePH7iLB12AmqMCBshWEFUViAJqGcZZMrcarAT453FgtpR+f3vR8Wv90SGc7wHXARJZ4NzEIRmYD4dGA==,iv:1Mt9FJTlT7Sv9FvrNY97icXSi757ejt56lhc7OG1dJM=,tag:JxW5Cg6nPzzh4zxi9Wvw0A==,type:str]
nextcloud: nextcloud:
adminpass: ENC[AES256_GCM,data:eSQQkhcXB4s9pnJ1hToGgyEr+rGlMIKHLsU0EemMOng=,iv:USq1winT7GPGVKwDjfF+cFs/dj395zgXyTVQ/x1KNS0=,tag:Me6MKsZwUc4sjZIPfZmk+A==,type:str] adminpass: ENC[AES256_GCM,data:eSQQkhcXB4s9pnJ1hToGgyEr+rGlMIKHLsU0EemMOng=,iv:USq1winT7GPGVKwDjfF+cFs/dj395zgXyTVQ/x1KNS0=,tag:Me6MKsZwUc4sjZIPfZmk+A==,type:str]
onlyoffice:
jwt: ENC[AES256_GCM,data:NVDBwIY6wBFUkm4ry97cbO2uSczzN5IDR17sroVn5hXcMRNNxWitp3hU7qruj4wUEg9BGrCyFgknm6tBss0DAaCnbGAynCdaaaIhYjFLTUx4tHzVXZflWaEM+c0nYaTf2to4B3c2r+DpRRBjlfQbJXjlaW2kpZ07EmWo11a5Tn8=,iv:ZO4TpnVppBHhw5e72x+PqUY5QT6M96s/vZDIDDcnLBE=,tag:PA7WCqwaV9fAeJG+1wiXfg==,type:str]
tailscale: tailscale:
drone.taild5f7e6.ts.net.crt: ENC[AES256_GCM,data:I5K/jdSx8kM1r6o0+lyvDkGrLhJM8djE4fm7hH2m7U602o8b+HMVeSjMe6KuA7hEWLz4n5E5RUO8m2JCIV7pHzBNviR8bctbJtFBl54RkcJEE/sn7XcyTqFZkrEr2Fm5N2v7FYkvnpmuZagzTTc3U3Uioszn17eK5syX3k56TJgEkZu+q22H5QbvnzhiZUsVfVLrgbXBfXApIgrJ53/uJqFIksTma5ZoGFUCVqVifKxI7ej4PXg3gHE8evibQeOrNEloez+UEMlIYg4JxyHBUOhYPuOTpmcBSFfDsJOiocJf/H618UKqFmlulHbz4VppehG6w5z3rxkIqaRzQIin+SdOWAdvMdnuHW71XuDq2rr8LI6UiBq+GZ0vcC6GrTHCAbVgDZksg4kB2WFMYnWZyErLHe0y5lyaTIS+TDjLFydtu+OEANjuM0E9oHQGUeWABrekfexE1dpgtRp4lMK8+NbI7qRq359pc/JwgC6IkWl94iWaVWzPAqOU3ML91I3L3gH+cujRkdjgYmBfEVDTlDh7yehlnA3VjjwiVB3lESESDQYe6qzB+9XPQYNA61Wyords56S1ZLW7Vg04lDiMzIxYUl4In4MWwCygvEKbW+KKB19v7+VoAy9FvBmCAWGMonbW2YrfH910wr2h11PIru2seI/2hQtyrK6JY0/R/o1jINDM7d9ky0PeQzijSJwDAGwIS+F8tXnrL/9wrf574TBTaVK5RQczZ4W2u77WaRwphOttrjcLSSngK7wt3Jr2aceIN7hOqv9DzLE0dvCJXzSm0sTAcBJJTqyoizk9awc86R2IYVxMugwX94YQN4y6MuQes3iO4OwwEfI2xCNhKYNl+fRg2tbS19BFk+kC6q7RmgG86Crqnd20D6CFo9gRLIIsth9VnKflF1jG0mQ/87E5NWymXF/3AiF1Co+a/a3MxrlgOAYgajWQXLuKbTVVPHLRK28Si34/cH9GG4ssJr4P9Whr6v9OUP3qPTwSZQZF8hFhHNFFvGOFIuxGgdKvG3lr3fs0TWcpGswzETWxaC0Xb3foROV4P6Hn6X/rXg8SPQ2+6NUwP721uIR4Q7s6wbAzW7nO5zkPu9neEeO6Vpr3iii4JNZ3efXr1ap6zFM/0/IgBgG4xbvsGQL25/jDVHBpYcQTfpKA7pPr9qh4MSksFYVlWOQO1e9JV3M70+sDuwd0RoPTqAh6CRuH/6ihKMMx9mjExP4KJnnTetrg5Qg/zEaxF0FXto/BNv6ppqYN/xydn6vbXhrgF4HkhrJ0kBur3TP/SRkiMdIlD5FkazYXzAMZNWxkzd3nxr+xI6Kaalz3lux3+Lj4VvNlodwyRz/zwtiNl3pJUe+nPSL6nP/btXmXW5mfPy3S1XJ/QxdsR1QvhF78FZoYKuNSiXIaRi/UocqY0KifRp9l+E3kesaNOim4uTygTDUD9tWnbKY7k1F8swuuXyQ/+wAZIA2dRvcxnD+iNUpLjlLZTtyqEwKz0fDkZ8z9Prfs4Z3OX41UaxMjy6fhps9bdipAEW/vy4zWxsdXRHtLAgS1MJ2rAtngypoDB99uQyDTQHOVwq7IzG8w+nAXmATzI2RAw8uUmez7TCxnx6g0Uzq6lzdRs4L5PnSjcwW9AgRQuYHBn/vOSyMFCiX8ryzf039sCGDd13gr969lhpCXSTOPQGi2qGVvf7KKGF6wPVcWqSR6IK9kEo2gX47HyK551bjUH+Hzys4nOnPSB4Tfl6PWu8Zk5fLVsjYOTp8MIVMNtcH+pMR3XsrW3bfXQv9yJ0kxrWkiYpN6N6r5Bcakdd3KEkhYFjKCBzwqE4T7GKwm9LY+PYn7UmDQD2TfMArS2u/L8JPx3EMtZie6RHvyW0dmCI2VmmyiyZo5iNHzUy3ygQHDfQmnYGo7EEq2pRc47KslK292Ewfapll/Tq3alLm2Xqkr3xGeygzlAVE7//SbHMnEgDkBTVGdJ57hJPUnF7nQodMdx4HvakFv/R6EuybRQP+JXCarWYU+q1sutV6IcA61peLbmfrnGhnp6rkVbFKiRDD8xUQEL32NVReSdqnCs3uYRz8fuh3fZ9gzPoiPKiHXq0F+ZnAJldYF8BKC1HikhnqkfryHhWhOgKMVS7ZywXp7XglmgFaZqfhVhEH+CpBUUDKpKwwEEDFHeEi+dFXCsyqAPbduiICqEyrTNAk/GV6U9tvKpnEsvy83KBi+ykbRpNoyN6Q6rLj6IN11gs2XJ/ewQ2XXu0LFiD+iCTYhLlKnmcWYSUcPV6VC3UuyZiDQJhmiiXl92ZUX7NWxxotF7fksEbgkezO+WwTC+7i4VvtBC8orY3YE5/C0LkLeJ+e5OtMrOSjj2lXg1sb/VSzUSl1N8NGpVVuyfAQgPax+igF66buIziyyUq+9JraRbYTg4zm/twTq+rW6ixo2LAKJubIHUyd1mWFC48qz+133EK6utgB2vsrb+d7dMj+bD+5TiomjfB44bPfTlsOXxsLA+GQ5Hn8xohgrYD8iCddoGN/3v9XBxKdTfShOxkGn1zVbLEeDmbtWJSeU3VP5ggeRr3pm2PK37k4SxA+MOUcJ5kwhuLYdDEL4sbsrDn3AvPAbzM0Ed1EOiiyH9HNBqNZmiJn+TShsQ5tb0zvY6gK+y2Y1XayOBqfY6xzs4npHx2hcCcv9evYGUYg3p3zWe8+Xh7YMPTpVcoLwGrhQ7SL+WTOjEgj5lmZNjq2mKGFmIQ1YALpYMXeCE59EEadHw1ScotB56S6C6yBkkitUPs2RPTF12XTWbLZanP+mGTc96CieauMzF2rdi2XiMvJ8XVff64gqSz4WQgShFs16o3k/VYNSD/vek0dzvwbI62elhjZeP35y71wYdmP4SV02OVfjcpFVoFpCQegPy/Rxd7D3OurQmN0ZxHrhfQ0Obw3mLCeNI3+1F3Q8GYCjLQ2ETGUA1/zLZoX4YD+HcpdtyYBkiY3HVqGilkydXCAWEHht7Eu+NXECLhjguxotxqn47gRv8pLKz2gbJevQyHh/vjHBb9ZtxwHXxoxfe1+/NdG6fD1Fucz67k7QaRcTE4J2SzqTqzO7mCeOmA+/PJQCDpyk5Ygp7R7z8mDmK40hhGwmzogDoqwGSTKLf429Wbx/uQ7OiX2yKdy0XVswj5MeIeVQnw4yvKiejDbz6EYTm776MNTKg+GVtuwzhEayGjLBikrS1M9zsNT5OrbdKJ6oKNZpLOtO3VsXwTfmsvSqJngrlAkIstV/fXoNyRjT1r+SpLOfO4fta7bs/ndxSx0T9uHsnQIIBna1Zq48yTHwM+WFW/Cw46DRCXl1jIZ0xHS9aJV7vzjpTSiJYLExPIg1/dL1dXQ79mXsdBxJWII9Ryy42vGnwYkSC+XcbpZ8WYg1yl7eSdmdc6lKQlFqyIvhu6sfP6S0fljy6SnbQjGZPJxqyzaqpibEfcdx7/nABuOT1Rev7XvB+s/5RaYOyGLFrZIH3V5+GFSNtNy7SwjifKRTGsfjEOPM+GyY7lIIHrDwe7FFylg8/69AqeIiZCpB9GM2Ob9D7Jjt6n/RRofe6znia1GNleHgCAsktaQQK7ee+zCA5CcTiHecOUn4+aECa6c/5UEIz5JWsFfjWsbopqMuIyGg85SM+Li9KhxMAwVKhUTcymEmid4Er/v4+W2UAQ/3KrMk9hE7u5NzqoVsCoogvGc9QQGqBYIwRndJvATD9d4sNHvPF39Ad/wJFNzVDK9bjLlfeT9arDFt2xb3XZpDf7beUUnCtyYk9p2sSc9pSbh2iVYAIAYfUMelgtFG1EPOVlmhQR7GmzN1xG4NBMGqV5O/P5X3pO2FlEZIrELi8xacF/kP,iv:let5DG6B4Dy1UWmldZPQ5dfUTU4q3Rc+WXdUXgjI8Wk=,tag:vIlcLk2mbCY5lwmI0iC00w==,type:str] drone.taild5f7e6.ts.net.crt: ENC[AES256_GCM,data:I5K/jdSx8kM1r6o0+lyvDkGrLhJM8djE4fm7hH2m7U602o8b+HMVeSjMe6KuA7hEWLz4n5E5RUO8m2JCIV7pHzBNviR8bctbJtFBl54RkcJEE/sn7XcyTqFZkrEr2Fm5N2v7FYkvnpmuZagzTTc3U3Uioszn17eK5syX3k56TJgEkZu+q22H5QbvnzhiZUsVfVLrgbXBfXApIgrJ53/uJqFIksTma5ZoGFUCVqVifKxI7ej4PXg3gHE8evibQeOrNEloez+UEMlIYg4JxyHBUOhYPuOTpmcBSFfDsJOiocJf/H618UKqFmlulHbz4VppehG6w5z3rxkIqaRzQIin+SdOWAdvMdnuHW71XuDq2rr8LI6UiBq+GZ0vcC6GrTHCAbVgDZksg4kB2WFMYnWZyErLHe0y5lyaTIS+TDjLFydtu+OEANjuM0E9oHQGUeWABrekfexE1dpgtRp4lMK8+NbI7qRq359pc/JwgC6IkWl94iWaVWzPAqOU3ML91I3L3gH+cujRkdjgYmBfEVDTlDh7yehlnA3VjjwiVB3lESESDQYe6qzB+9XPQYNA61Wyords56S1ZLW7Vg04lDiMzIxYUl4In4MWwCygvEKbW+KKB19v7+VoAy9FvBmCAWGMonbW2YrfH910wr2h11PIru2seI/2hQtyrK6JY0/R/o1jINDM7d9ky0PeQzijSJwDAGwIS+F8tXnrL/9wrf574TBTaVK5RQczZ4W2u77WaRwphOttrjcLSSngK7wt3Jr2aceIN7hOqv9DzLE0dvCJXzSm0sTAcBJJTqyoizk9awc86R2IYVxMugwX94YQN4y6MuQes3iO4OwwEfI2xCNhKYNl+fRg2tbS19BFk+kC6q7RmgG86Crqnd20D6CFo9gRLIIsth9VnKflF1jG0mQ/87E5NWymXF/3AiF1Co+a/a3MxrlgOAYgajWQXLuKbTVVPHLRK28Si34/cH9GG4ssJr4P9Whr6v9OUP3qPTwSZQZF8hFhHNFFvGOFIuxGgdKvG3lr3fs0TWcpGswzETWxaC0Xb3foROV4P6Hn6X/rXg8SPQ2+6NUwP721uIR4Q7s6wbAzW7nO5zkPu9neEeO6Vpr3iii4JNZ3efXr1ap6zFM/0/IgBgG4xbvsGQL25/jDVHBpYcQTfpKA7pPr9qh4MSksFYVlWOQO1e9JV3M70+sDuwd0RoPTqAh6CRuH/6ihKMMx9mjExP4KJnnTetrg5Qg/zEaxF0FXto/BNv6ppqYN/xydn6vbXhrgF4HkhrJ0kBur3TP/SRkiMdIlD5FkazYXzAMZNWxkzd3nxr+xI6Kaalz3lux3+Lj4VvNlodwyRz/zwtiNl3pJUe+nPSL6nP/btXmXW5mfPy3S1XJ/QxdsR1QvhF78FZoYKuNSiXIaRi/UocqY0KifRp9l+E3kesaNOim4uTygTDUD9tWnbKY7k1F8swuuXyQ/+wAZIA2dRvcxnD+iNUpLjlLZTtyqEwKz0fDkZ8z9Prfs4Z3OX41UaxMjy6fhps9bdipAEW/vy4zWxsdXRHtLAgS1MJ2rAtngypoDB99uQyDTQHOVwq7IzG8w+nAXmATzI2RAw8uUmez7TCxnx6g0Uzq6lzdRs4L5PnSjcwW9AgRQuYHBn/vOSyMFCiX8ryzf039sCGDd13gr969lhpCXSTOPQGi2qGVvf7KKGF6wPVcWqSR6IK9kEo2gX47HyK551bjUH+Hzys4nOnPSB4Tfl6PWu8Zk5fLVsjYOTp8MIVMNtcH+pMR3XsrW3bfXQv9yJ0kxrWkiYpN6N6r5Bcakdd3KEkhYFjKCBzwqE4T7GKwm9LY+PYn7UmDQD2TfMArS2u/L8JPx3EMtZie6RHvyW0dmCI2VmmyiyZo5iNHzUy3ygQHDfQmnYGo7EEq2pRc47KslK292Ewfapll/Tq3alLm2Xqkr3xGeygzlAVE7//SbHMnEgDkBTVGdJ57hJPUnF7nQodMdx4HvakFv/R6EuybRQP+JXCarWYU+q1sutV6IcA61peLbmfrnGhnp6rkVbFKiRDD8xUQEL32NVReSdqnCs3uYRz8fuh3fZ9gzPoiPKiHXq0F+ZnAJldYF8BKC1HikhnqkfryHhWhOgKMVS7ZywXp7XglmgFaZqfhVhEH+CpBUUDKpKwwEEDFHeEi+dFXCsyqAPbduiICqEyrTNAk/GV6U9tvKpnEsvy83KBi+ykbRpNoyN6Q6rLj6IN11gs2XJ/ewQ2XXu0LFiD+iCTYhLlKnmcWYSUcPV6VC3UuyZiDQJhmiiXl92ZUX7NWxxotF7fksEbgkezO+WwTC+7i4VvtBC8orY3YE5/C0LkLeJ+e5OtMrOSjj2lXg1sb/VSzUSl1N8NGpVVuyfAQgPax+igF66buIziyyUq+9JraRbYTg4zm/twTq+rW6ixo2LAKJubIHUyd1mWFC48qz+133EK6utgB2vsrb+d7dMj+bD+5TiomjfB44bPfTlsOXxsLA+GQ5Hn8xohgrYD8iCddoGN/3v9XBxKdTfShOxkGn1zVbLEeDmbtWJSeU3VP5ggeRr3pm2PK37k4SxA+MOUcJ5kwhuLYdDEL4sbsrDn3AvPAbzM0Ed1EOiiyH9HNBqNZmiJn+TShsQ5tb0zvY6gK+y2Y1XayOBqfY6xzs4npHx2hcCcv9evYGUYg3p3zWe8+Xh7YMPTpVcoLwGrhQ7SL+WTOjEgj5lmZNjq2mKGFmIQ1YALpYMXeCE59EEadHw1ScotB56S6C6yBkkitUPs2RPTF12XTWbLZanP+mGTc96CieauMzF2rdi2XiMvJ8XVff64gqSz4WQgShFs16o3k/VYNSD/vek0dzvwbI62elhjZeP35y71wYdmP4SV02OVfjcpFVoFpCQegPy/Rxd7D3OurQmN0ZxHrhfQ0Obw3mLCeNI3+1F3Q8GYCjLQ2ETGUA1/zLZoX4YD+HcpdtyYBkiY3HVqGilkydXCAWEHht7Eu+NXECLhjguxotxqn47gRv8pLKz2gbJevQyHh/vjHBb9ZtxwHXxoxfe1+/NdG6fD1Fucz67k7QaRcTE4J2SzqTqzO7mCeOmA+/PJQCDpyk5Ygp7R7z8mDmK40hhGwmzogDoqwGSTKLf429Wbx/uQ7OiX2yKdy0XVswj5MeIeVQnw4yvKiejDbz6EYTm776MNTKg+GVtuwzhEayGjLBikrS1M9zsNT5OrbdKJ6oKNZpLOtO3VsXwTfmsvSqJngrlAkIstV/fXoNyRjT1r+SpLOfO4fta7bs/ndxSx0T9uHsnQIIBna1Zq48yTHwM+WFW/Cw46DRCXl1jIZ0xHS9aJV7vzjpTSiJYLExPIg1/dL1dXQ79mXsdBxJWII9Ryy42vGnwYkSC+XcbpZ8WYg1yl7eSdmdc6lKQlFqyIvhu6sfP6S0fljy6SnbQjGZPJxqyzaqpibEfcdx7/nABuOT1Rev7XvB+s/5RaYOyGLFrZIH3V5+GFSNtNy7SwjifKRTGsfjEOPM+GyY7lIIHrDwe7FFylg8/69AqeIiZCpB9GM2Ob9D7Jjt6n/RRofe6znia1GNleHgCAsktaQQK7ee+zCA5CcTiHecOUn4+aECa6c/5UEIz5JWsFfjWsbopqMuIyGg85SM+Li9KhxMAwVKhUTcymEmid4Er/v4+W2UAQ/3KrMk9hE7u5NzqoVsCoogvGc9QQGqBYIwRndJvATD9d4sNHvPF39Ad/wJFNzVDK9bjLlfeT9arDFt2xb3XZpDf7beUUnCtyYk9p2sSc9pSbh2iVYAIAYfUMelgtFG1EPOVlmhQR7GmzN1xG4NBMGqV5O/P5X3pO2FlEZIrELi8xacF/kP,iv:let5DG6B4Dy1UWmldZPQ5dfUTU4q3Rc+WXdUXgjI8Wk=,tag:vIlcLk2mbCY5lwmI0iC00w==,type:str]
drone.taild5f7e6.ts.net.key: ENC[AES256_GCM,data:PYx24EEH4evfSC+TxJ8myVs6A4nMMCVPD4IhA5DmwHbB13li7O8q/+45MpdXimEXN3abvucgSQnPDnpQ2OZyLK7ym03abrlFZneQXe3IcuDX2EHMIRq5nFN6VESt3yB2PFOb1aEXYeCBj8bkeebi9zirg7BJz3jRChYsP+BBsMCXtMN+w5VtFDhsh87rBmXo4O9zO95S8NkG9R9+f/fBN7AF5K4hR0eldJe+86QP7fKjDYDiATucuU0Up3uqx6vMcFfiH9UnhMy287Hm6NJQ3oKbVUeT4Vz7/lHCamkWU7083ig=,iv:b83/uKx0j5gwLdGIwpQtAEsx9FZ2y4kATD78iJyWYlY=,tag:5QCcCweEk8bX6CDW77AYlQ==,type:str] drone.taild5f7e6.ts.net.key: ENC[AES256_GCM,data:PYx24EEH4evfSC+TxJ8myVs6A4nMMCVPD4IhA5DmwHbB13li7O8q/+45MpdXimEXN3abvucgSQnPDnpQ2OZyLK7ym03abrlFZneQXe3IcuDX2EHMIRq5nFN6VESt3yB2PFOb1aEXYeCBj8bkeebi9zirg7BJz3jRChYsP+BBsMCXtMN+w5VtFDhsh87rBmXo4O9zO95S8NkG9R9+f/fBN7AF5K4hR0eldJe+86QP7fKjDYDiATucuU0Up3uqx6vMcFfiH9UnhMy287Hm6NJQ3oKbVUeT4Vz7/lHCamkWU7083ig=,iv:b83/uKx0j5gwLdGIwpQtAEsx9FZ2y4kATD78iJyWYlY=,tag:5QCcCweEk8bX6CDW77AYlQ==,type:str]
@ -23,7 +25,7 @@ sops:
N0U5bkt4aXJOS3N0Z2N4YTg4TDVUVncKCQLUTMmdM/IPzV3NDRhPdta1tvXxy/6P N0U5bkt4aXJOS3N0Z2N4YTg4TDVUVncKCQLUTMmdM/IPzV3NDRhPdta1tvXxy/6P
RYbLzlUryw+tqfTp8nDrdxyOWScLNzPOswAq0Qf7VMcEQ5bJEkAOhQ== RYbLzlUryw+tqfTp8nDrdxyOWScLNzPOswAq0Qf7VMcEQ5bJEkAOhQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-12T20:35:10Z" lastmodified: "2025-09-01T18:38:50Z"
mac: ENC[AES256_GCM,data:zoZOy9jZw1ZHnXkkbh1xv4JgeLlWHik56uWYF0VmIurWsC8gQ6Db88FdQiN9Iqko9aPg9taxVdjcz7wx8j4CzP+jYlnD2LiPbgqKgspL/ZnoPUFLp9poffC72y9hxMJQ1etkvzXQjKNL/UQisx5LoLxqNPO7GMq97Sw+7uZ39Rk=,iv:VE60K5gs6RdFXGKvPkkHJBuU7/ZL5HHQ7LDxRdWJ7ac=,tag:PpPmtHZ/qZf12HVS6RuCxg==,type:str] mac: ENC[AES256_GCM,data:KnSzm4tWvMMkHSLZjgF2gzlujGKYCpsG6A2jcV5Z7KtdPXHyF35u6Ug+0oUYpnAZIVYy9Y4an/e/IZ7mL3Kk1TngrCf1+XRpzcWJRuqW2yaRzcqPhcy2xEQSFVLvMXW3U4SDGuQ5Ent5zuLI42O/xeO0XZabKNy863eJ0NHOwJc=,iv:0osjbyEOh49v6DEvyQ34hE8Zy6G6pmZ6Kqw/eZ3D5ys=,tag:iu5wQBGH5fIc4NSoNUX9eA==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.10.2 version: 3.10.2