From bc72aaffc0dea885d93e313c41bdebb108b85312 Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:07:19 +0100 Subject: [PATCH 01/15] Add machine bernese --- machines/bernese/configuration.nix | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 machines/bernese/configuration.nix diff --git a/machines/bernese/configuration.nix b/machines/bernese/configuration.nix new file mode 100644 index 0000000..090666a --- /dev/null +++ b/machines/bernese/configuration.nix @@ -0,0 +1,7 @@ +{ + imports = [ + + ]; + + # New machine! +} From 859159d286e81df3de40af87b824b7863da666fe Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:10:34 +0100 Subject: [PATCH 02/15] machines/bernese/facter.json: update hardware configuration --- machines/bernese/facter.json | 2022 ++++++++++++++++++++++++++++++++++ 1 file changed, 2022 insertions(+) create mode 100644 machines/bernese/facter.json diff --git a/machines/bernese/facter.json b/machines/bernese/facter.json new file mode 100644 index 0000000..2293fbd --- /dev/null +++ b/machines/bernese/facter.json @@ -0,0 +1,2022 @@ +{ + "version": 1, + "system": "x86_64-linux", + "virtualisation": "kvm", + "hardware": { + "bios": { + "apm_info": { + "supported": false, + "enabled": false, + "version": 0, + "sub_version": 0, + "bios_flags": 0 + }, + "vbe_info": { + "version": 0, + "video_memory": 0 + }, + "pnp": true, + "pnp_id": 0, + "lba_support": false, + "low_memory_size": 654336, + "smbios_version": 768 + }, + "bridge": [ + { + "index": 10, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "0001", + "value": 1 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.0", + "sysfs_bus_id": "0000:00:1f.0", + "resources": [ + { + "type": "irq", + "base": 11, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4272242688, + "range": 256, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 259, + "header_type": 1, + "secondary_bus": 3, + "irq": 11, + "prog_if": 0 + }, + "module_alias": "pci:v00001B36d00000001sv00000000sd00000000bc06sc04i00" + }, + { + "index": 11, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0001", + "name": "ISA bridge", + "value": 1 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7000", + "value": 28672 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "model": "Intel ISA bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:01.0", + "sysfs_bus_id": "0000:00:01.0", + "detail": { + "function": 0, + "command": 259, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d00007000sv00001AF4sd00001100bc06sc01i00" + }, + { + "index": 12, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 30 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "0001", + "value": 1 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:1e.0", + "sysfs_bus_id": "0000:00:1e.0", + "resources": [ + { + "type": "irq", + "base": 10, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4272238592, + "range": 256, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 259, + "header_type": 1, + "secondary_bus": 2, + "irq": 10, + "prog_if": 0 + }, + "module_alias": "pci:v00001B36d00000001sv00000000sd00000000bc06sc04i00" + }, + { + "index": 13, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0000", + "name": "Host bridge", + "value": 0 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1237", + "value": 4663 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "Intel Host bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:00.0", + "sysfs_bus_id": "0000:00:00.0", + "detail": { + "function": 0, + "command": 259, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d00001237sv00001AF4sd00001100bc06sc00i00" + }, + { + "index": 14, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0080", + "name": "Bridge", + "value": 128 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7113", + "value": 28947 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0003", + "value": 3 + }, + "model": "Intel Bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:01.3", + "sysfs_bus_id": "0000:00:01.3", + "resources": [ + { + "type": "irq", + "base": 9, + "triggered": 0, + "enabled": true + } + ], + "detail": { + "function": 3, + "command": 259, + "header_type": 0, + "secondary_bus": 0, + "irq": 9, + "prog_if": 0 + }, + "driver": "piix4_smbus", + "driver_module": "i2c_piix4", + "drivers": [ + "piix4_smbus" + ], + "driver_modules": [ + "i2c_piix4" + ], + "module_alias": "pci:v00008086d00007113sv00001AF4sd00001100bc06sc80i00" + }, + { + "index": 19, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 5 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "0001", + "value": 1 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:05.0", + "sysfs_bus_id": "0000:00:05.0", + "resources": [ + { + "type": "irq", + "base": 11, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4272230400, + "range": 256, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 263, + "header_type": 1, + "secondary_bus": 1, + "irq": 11, + "prog_if": 0 + }, + "module_alias": "pci:v00001B36d00000001sv00000000sd00000000bc06sc04i00" + } + ], + "cdrom": [ + { + "index": 24, + "attached_to": 17, + "class_list": [ + "cdrom", + "scsi", + "block_device" + ], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 1, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0002", + "name": "CD-ROM", + "value": 2 + }, + "pci_interface": { + "hex": "0003", + "name": "DVD", + "value": 3 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU DVD-ROM", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU DVD-ROM", + "sysfs_id": "/class/block/sr0", + "sysfs_bus_id": "1:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:01.1/ata2/host1/target1:0:0/1:0:0:0", + "unix_device_name": "/dev/sr0", + "unix_device_number": { + "type": 98, + "major": 11, + "minor": 0, + "range": 1 + }, + "unix_device_names": [ + "/dev/cdrom", + "/dev/disk/by-id/ata-QEMU_DVD-ROM_QM00003", + "/dev/disk/by-label/nixos-25.05-x86_64", + "/dev/disk/by-path/pci-0000:00:01.1-ata-2", + "/dev/disk/by-path/pci-0000:00:01.1-ata-2.0", + "/dev/disk/by-uuid/1980-01-01-00-00-00-00", + "/dev/root", + "/dev/sr0" + ], + "unix_device_name2": "/dev/sg0", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 0, + "range": 1 + }, + "driver": "ata_piix", + "driver_module": "ata_piix", + "drivers": [ + "ata_piix", + "sr" + ], + "driver_modules": [ + "ata_piix", + "sr_mod" + ] + } + ], + "cpu": [ + { + "architecture": "x86_64", + "vendor_name": "GenuineIntel", + "family": 15, + "model": 107, + "stepping": 1, + "features": [ + "fpu", + "de", + "pse", + "tsc", + "msr", + "pae", + "mce", + "cx8", + "apic", + "sep", + "mtrr", + "pge", + "mca", + "cmov", + "pat", + "pse36", + "clflush", + "mmx", + "fxsr", + "sse", + "sse2", + "ht", + "syscall", + "nx", + "lm", + "constant_tsc", + "nopl", + "xtopology", + "cpuid", + "tsc_known_freq", + "pni", + "ssse3", + "cx16", + "sse4_1", + "sse4_2", + "x2apic", + "popcnt", + "aes", + "hypervisor", + "lahf_lm", + "cpuid_fault", + "pti" + ], + "bugs": [ + "cpu_meltdown", + "spectre_v1", + "spectre_v2", + "spec_store_bypass", + "l1tf", + "mds", + "swapgs", + "itlb_multihit", + "mmio_unknown", + "bhi", + "its" + ], + "bogo": 4787.99, + "cache": 16384, + "units": 4, + "physical_id": 0, + "siblings": 4, + "cores": 4, + "fpu": true, + "fpu_exception": true, + "cpuid_level": 13, + "write_protect": false, + "clflush_size": 64, + "cache_alignment": 128, + "address_sizes": { + "physical": "0x28", + "virtual": "0x30" + } + } + ], + "disk": [ + { + "index": 25, + "attached_to": 21, + "class_list": [ + "disk", + "scsi", + "block_device" + ], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 2, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0000", + "name": "Disk", + "value": 0 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU HARDDISK", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU HARDDISK", + "sysfs_id": "/class/block/sda", + "sysfs_bus_id": "2:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:05.0/0000:01:01.0/virtio2/host2/target2:0:0/2:0:0:0", + "unix_device_name": "/dev/sda", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 0, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0", + "/dev/disk/by-path/pci-0000:01:01.0-scsi-0:0:0:0", + "/dev/sda" + ], + "unix_device_name2": "/dev/sg1", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 1, + "range": 1 + }, + "rom_id": "0x80", + "resources": [ + { + "type": "disk_geo", + "cylinders": 16709, + "heads": 255, + "sectors": 63, + "size": "0x0", + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 268435456, + "value_2": 512 + } + ], + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": [ + "sd", + "virtio_scsi" + ], + "driver_modules": [ + "sd_mod", + "virtio_scsi" + ] + } + ], + "graphics_card": [ + { + "index": 18, + "attached_to": 0, + "class_list": [ + "graphics_card", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0003", + "name": "Display controller", + "value": 3 + }, + "sub_class": { + "hex": "0000", + "name": "VGA compatible controller", + "value": 0 + }, + "pci_interface": { + "hex": "0000", + "name": "VGA", + "value": 0 + }, + "vendor": { + "hex": "1234", + "value": 4660 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1111", + "value": 4369 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "VGA compatible controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0", + "sysfs_bus_id": "0000:00:02.0", + "resources": [ + { + "type": "mem", + "base": 4227858432, + "range": 16777216, + "enabled": true, + "access": "read_only", + "prefetch": "no" + }, + { + "type": "mem", + "base": 4272226304, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 786432, + "range": 131072, + "enabled": false, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 259, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 0 + }, + "driver": "bochs-drm", + "driver_module": "bochs", + "drivers": [ + "bochs-drm" + ], + "driver_modules": [ + "bochs" + ], + "module_alias": "pci:v00001234d00001111sv00001AF4sd00001100bc03sc00i00" + } + ], + "hub": [ + { + "index": 26, + "attached_to": 9, + "class_list": [ + "usb", + "hub" + ], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "010a", + "name": "Hub", + "value": 266 + }, + "vendor": { + "hex": "1d6b", + "name": "Linux 6.14.10 uhci_hcd", + "value": 7531 + }, + "device": { + "hex": "0001", + "name": "UHCI Host Controller", + "value": 1 + }, + "revision": { + "hex": "0000", + "name": "6.14", + "value": 0 + }, + "serial": "0000:00:01.2", + "model": "Linux 6.14.10 uhci_hcd UHCI Host Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-0:1.0", + "sysfs_bus_id": "1-0:1.0", + "resources": [ + { + "type": "baud", + "speed": 12000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 0, + "interface_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "hub", + "driver_module": "usbcore", + "drivers": [ + "hub" + ], + "driver_modules": [ + "usbcore" + ], + "module_alias": "usb:v1D6Bp0001d0614dc09dsc00dp00ic09isc00ip00in00" + } + ], + "memory": [ + { + "index": 7, + "attached_to": 0, + "class_list": [ + "memory" + ], + "base_class": { + "hex": "0101", + "name": "Internally Used Class", + "value": 257 + }, + "sub_class": { + "hex": "0002", + "name": "Main Memory", + "value": 2 + }, + "model": "Main Memory", + "resources": [ + { + "type": "mem", + "base": 0, + "range": 8330162176, + "enabled": true, + "access": "read_write", + "prefetch": "unknown" + }, + { + "type": "phys_mem", + "range": 8589934592 + } + ] + } + ], + "monitor": [ + { + "index": 23, + "attached_to": 18, + "class_list": [ + "monitor" + ], + "base_class": { + "hex": "0100", + "name": "Monitor", + "value": 256 + }, + "sub_class": { + "hex": "0002", + "name": "LCD Monitor", + "value": 2 + }, + "vendor": { + "hex": "4914", + "value": 18708 + }, + "device": { + "hex": "1234", + "name": "QEMU Monitor", + "value": 4660 + }, + "serial": "0", + "model": "QEMU Monitor", + "resources": [ + { + "type": "monitor", + "width": 1024, + "height": 768, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1280, + "height": 800, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1600, + "height": 1200, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1920, + "height": 1080, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 2048, + "height": 1152, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 640, + "height": 480, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 800, + "height": 600, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "size", + "unit": "mm", + "value_1": 325, + "value_2": 203 + } + ], + "detail": { + "manufacture_year": 2014, + "manufacture_week": 42, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "clock": 107300, + "width": 1280, + "height": 800, + "width_millimetres": 325, + "height_millimetres": 203, + "horizontal_flag": 45, + "vertical_flag": 45, + "vendor": "", + "name": "QEMU Monitor" + }, + "driver_info": { + "type": "display", + "width": 2048, + "height": 1152, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "bandwidth": 0, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "horizontal_flag": 45, + "vertical_flag": 45 + } + } + ], + "mouse": [ + { + "index": 27, + "attached_to": 26, + "class_list": [ + "mouse", + "usb" + ], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0105", + "name": "Mouse", + "value": 261 + }, + "sub_class": { + "hex": "0003", + "name": "USB Mouse", + "value": 3 + }, + "vendor": { + "hex": "0627", + "name": "QEMU", + "value": 1575 + }, + "device": { + "hex": "0001", + "name": "QEMU USB Tablet", + "value": 1 + }, + "serial": "28754-0000:00:01.2-1", + "compat_vendor": "Unknown", + "compat_device": "Generic USB Mouse", + "model": "QEMU USB Tablet", + "sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0", + "sysfs_bus_id": "1-1:1.0", + "unix_device_name": "/dev/input/mice", + "unix_device_number": { + "type": 99, + "major": 13, + "minor": 63, + "range": 1 + }, + "unix_device_names": [ + "/dev/input/mice" + ], + "unix_device_name2": "/dev/input/mouse0", + "unix_device_number2": { + "type": 99, + "major": 13, + "minor": 32, + "range": 1 + }, + "resources": [ + { + "type": "baud", + "speed": 12000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 0, + "interface_class": { + "hex": "0003", + "name": "hid", + "value": 3 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "usbhid", + "driver_module": "usbhid", + "drivers": [ + "usbhid" + ], + "driver_modules": [ + "usbhid" + ], + "driver_info": { + "type": "mouse", + "db_entry_0": [ + "explorerps/2", + "exps2" + ], + "xf86": "explorerps/2", + "gpm": "exps2", + "buttons": -1, + "wheels": -1 + }, + "module_alias": "usb:v0627p0001d0000dc00dsc00dp00ic03isc00ip00in00" + } + ], + "network_controller": [ + { + "index": 20, + "attached_to": 15, + "class_list": [ + "network_controller" + ], + "bus_type": { + "hex": "008f", + "name": "Virtio", + "value": 143 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": "Virtio", + "device": "Ethernet Card 0", + "model": "Virtio Ethernet Card 0", + "sysfs_id": "/devices/pci0000:00/0000:00:12.0/virtio1", + "sysfs_bus_id": "virtio1", + "unix_device_name": "ens18", + "unix_device_names": [ + "ens18" + ], + "resources": [ + { + "type": "hwaddr", + "address": 98 + }, + { + "type": "phwaddr", + "address": 98 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": [ + "virtio_net" + ], + "driver_modules": [ + "virtio_net" + ], + "module_alias": "virtio:d00000001v00001AF4" + } + ], + "network_interface": [ + { + "index": 28, + "attached_to": 0, + "class_list": [ + "network_interface" + ], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0000", + "name": "Loopback", + "value": 0 + }, + "model": "Loopback network interface", + "sysfs_id": "/class/net/lo", + "unix_device_name": "lo", + "unix_device_names": [ + "lo" + ] + }, + { + "index": 29, + "attached_to": 20, + "class_list": [ + "network_interface" + ], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0001", + "name": "Ethernet", + "value": 1 + }, + "model": "Ethernet network interface", + "sysfs_id": "/class/net/ens18", + "sysfs_device_link": "/devices/pci0000:00/0000:00:12.0/virtio1", + "unix_device_name": "ens18", + "unix_device_names": [ + "ens18" + ], + "resources": [ + { + "type": "hwaddr", + "address": 98 + }, + { + "type": "phwaddr", + "address": 98 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": [ + "virtio_net" + ], + "driver_modules": [ + "virtio_net" + ] + } + ], + "pci": [ + { + "index": 15, + "attached_to": 0, + "class_list": [ + "pci", + "unknown" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 18 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1000", + "value": 4096 + }, + "sub_device": { + "hex": "0001", + "value": 1 + }, + "model": "Ethernet controller", + "sysfs_id": "/devices/pci0000:00/0000:00:12.0", + "sysfs_bus_id": "0000:00:12.0", + "resources": [ + { + "type": "io", + "base": 61536, + "range": 32, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 10, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4250943488, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + }, + { + "type": "mem", + "base": 4271898624, + "range": 262144, + "enabled": false, + "access": "read_only", + "prefetch": "no" + }, + { + "type": "mem", + "base": 4272234496, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 0, + "secondary_bus": 0, + "irq": 10, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001000sv00001AF4sd00000001bc02sc00i00" + }, + { + "index": 16, + "attached_to": 0, + "class_list": [ + "pci", + "unknown" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 3 + }, + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "00ff", + "value": 255 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1002", + "value": 4098 + }, + "sub_device": { + "hex": "0005", + "value": 5 + }, + "model": "Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:03.0", + "sysfs_bus_id": "0000:00:03.0", + "resources": [ + { + "type": "io", + "base": 61440, + "range": 64, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 10, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4250927104, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 263, + "header_type": 0, + "secondary_bus": 0, + "irq": 10, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001002sv00001AF4sd00000005bc00scFFi00" + } + ], + "storage_controller": [ + { + "index": 8, + "attached_to": 19, + "class_list": [ + "storage_controller", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 1, + "number": 1 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0000", + "name": "SCSI storage controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1004", + "value": 4100 + }, + "sub_device": { + "hex": "0008", + "value": 8 + }, + "model": "SCSI storage controller", + "sysfs_id": "/devices/pci0000:00/0000:00:05.0/0000:01:01.0", + "sysfs_bus_id": "0000:01:01.0", + "resources": [ + { + "type": "io", + "base": 57344, + "range": 64, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 10, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4248829952, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + }, + { + "type": "mem", + "base": 4269801472, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 0, + "secondary_bus": 0, + "irq": 10, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001004sv00001AF4sd00000008bc01sc00i00" + }, + { + "index": 17, + "attached_to": 0, + "class_list": [ + "storage_controller", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0001", + "name": "IDE interface", + "value": 1 + }, + "pci_interface": { + "hex": "0080", + "value": 128 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7010", + "value": 28688 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "model": "Intel IDE interface", + "sysfs_id": "/devices/pci0000:00/0000:00:01.1", + "sysfs_bus_id": "0000:00:01.1", + "resources": [ + { + "type": "io", + "base": 1014, + "range": 1, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 368, + "range": 8, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 496, + "range": 8, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 61568, + "range": 16, + "enabled": true, + "access": "read_write" + }, + { + "type": "io", + "base": 886, + "range": 1, + "enabled": true, + "access": "read_write" + } + ], + "detail": { + "function": 1, + "command": 263, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 128 + }, + "driver": "ata_piix", + "driver_module": "ata_piix", + "drivers": [ + "ata_piix" + ], + "driver_modules": [ + "ata_piix" + ], + "module_alias": "pci:v00008086d00007010sv00001AF4sd00001100bc01sc01i80" + } + ], + "system": { + "form_factor": "desktop" + }, + "unknown": [ + { + "index": 21, + "attached_to": 8, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:05.0/0000:01:01.0/virtio2", + "sysfs_bus_id": "virtio2", + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": [ + "virtio_scsi" + ], + "driver_modules": [ + "virtio_scsi" + ], + "module_alias": "virtio:d00000008v00001AF4" + }, + { + "index": 22, + "attached_to": 16, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:03.0/virtio0", + "sysfs_bus_id": "virtio0", + "driver": "virtio_balloon", + "driver_module": "virtio_balloon", + "drivers": [ + "virtio_balloon" + ], + "driver_modules": [ + "virtio_balloon" + ], + "module_alias": "virtio:d00000005v00001AF4" + } + ], + "usb_controller": [ + { + "index": 9, + "attached_to": 0, + "class_list": [ + "usb_controller", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "000c", + "name": "Serial bus controller", + "value": 12 + }, + "sub_class": { + "hex": "0003", + "name": "USB Controller", + "value": 3 + }, + "pci_interface": { + "hex": "0000", + "name": "UHCI", + "value": 0 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "7020", + "value": 28704 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Intel USB Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:01.2", + "sysfs_bus_id": "0000:00:01.2", + "resources": [ + { + "type": "io", + "base": 61504, + "range": 32, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 11, + "triggered": 0, + "enabled": true + } + ], + "detail": { + "function": 2, + "command": 263, + "header_type": 0, + "secondary_bus": 0, + "irq": 11, + "prog_if": 0 + }, + "driver": "uhci_hcd", + "driver_module": "uhci_hcd", + "drivers": [ + "uhci_hcd" + ], + "driver_modules": [ + "uhci_hcd" + ], + "driver_info": { + "type": "module", + "db_entry_0": [ + "uhci-hcd" + ], + "active": true, + "modprobe": true, + "names": [ + "uhci-hcd" + ], + "module_args": [ + "" + ], + "conf": "" + }, + "module_alias": "pci:v00008086d00007020sv00001AF4sd00001100bc0Csc03i00" + } + ] + }, + "smbios": { + "bios": { + "handle": 0, + "vendor": "SeaBIOS", + "version": "rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org", + "date": "04/01/2014", + "features": null, + "start_address": "0xe8000", + "rom_size": 65536 + }, + "chassis": [ + { + "handle": 768, + "manufacturer": "QEMU", + "version": "pc-i440fx-8.1", + "chassis_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "lock_present": false, + "bootup_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "power_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "thermal_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "security_state": { + "hex": "0002", + "name": "Unknown", + "value": 2 + }, + "oem": "0x0" + } + ], + "memory_array": [ + { + "handle": 4096, + "location": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "usage": { + "hex": "0003", + "name": "System memory", + "value": 3 + }, + "ecc": { + "hex": "0006", + "name": "Multi-bit", + "value": 6 + }, + "max_size": "0x800800", + "error_handle": 65534, + "slots": 1 + } + ], + "memory_array_mapped_address": [ + { + "handle": 4864, + "array_handle": 4096, + "start_address": "0x0", + "end_address": "0xc0000000", + "part_width": 1 + }, + { + "handle": 4865, + "array_handle": 4096, + "start_address": "0x100000000", + "end_address": "0x240200000", + "part_width": 1 + } + ], + "memory_device": [ + { + "handle": 4352, + "location": "DIMM 0", + "bank_location": "", + "manufacturer": "QEMU", + "part_number": "", + "array_handle": 4096, + "error_handle": 65534, + "width": 0, + "ecc_bits": 0, + "size": 8390656, + "form_factor": { + "hex": "0009", + "name": "DIMM", + "value": 9 + }, + "set": 0, + "memory_type": { + "hex": "0007", + "name": "RAM", + "value": 7 + }, + "memory_type_details": [ + "Other" + ], + "speed": 0 + } + ], + "processor": [ + { + "handle": 1024, + "socket": "CPU 0", + "socket_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "socket_populated": true, + "manufacturer": "QEMU", + "version": "pc-i440fx-8.1", + "part": "", + "processor_type": { + "hex": "0003", + "name": "CPU", + "value": 3 + }, + "processor_family": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "processor_status": { + "hex": "0001", + "name": "Enabled", + "value": 1 + }, + "clock_ext": 0, + "clock_max": 2000, + "cache_handle_l1": 0, + "cache_handle_l2": 0, + "cache_handle_l3": 0 + } + ], + "system": { + "handle": 256, + "manufacturer": "QEMU", + "product": "Standard PC (i440FX + PIIX, 1996)", + "version": "pc-i440fx-8.1", + "wake_up": { + "hex": "0006", + "name": "Power Switch", + "value": 6 + } + } + } +} From 81d10747fd493208b64ab0c146d2f5ba9d6cc7e4 Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:12:40 +0100 Subject: [PATCH 03/15] Set disk schema of machine: bernese to single-disk --- machines/bernese/disko.nix | 50 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 machines/bernese/disko.nix diff --git a/machines/bernese/disko.nix b/machines/bernese/disko.nix new file mode 100644 index 0000000..0a2e5be --- /dev/null +++ b/machines/bernese/disko.nix @@ -0,0 +1,50 @@ +# --- +# schema = "single-disk" +# [placeholders] +# mainDisk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0" +# --- +# This file was automatically generated! +# CHANGING this configuration requires wiping and reinstalling the machine +{ + + boot.loader.grub.efiSupport = true; + boot.loader.grub.efiInstallAsRemovable = true; + boot.loader.grub.enable = true; + disko.devices = { + disk = { + main = { + name = "main-767b01bff8f84057a9c616297691a5ae"; + device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + "boot" = { + size = "1M"; + type = "EF02"; # for grub MBR + priority = 1; + }; + ESP = { + type = "EF00"; + size = "500M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} From 7107736ea397edc6579d4f63d7a256a1944b24b8 Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:14:30 +0100 Subject: [PATCH 04/15] Update secret bernese-age.key --- sops/secrets/bernese-age.key/secret | 18 ++++++++++++++++++ sops/secrets/bernese-age.key/users/pedro | 1 + 2 files changed, 19 insertions(+) create mode 100644 sops/secrets/bernese-age.key/secret create mode 120000 sops/secrets/bernese-age.key/users/pedro diff --git a/sops/secrets/bernese-age.key/secret b/sops/secrets/bernese-age.key/secret new file mode 100644 index 0000000..322efcc --- /dev/null +++ b/sops/secrets/bernese-age.key/secret @@ -0,0 +1,18 @@ +{ + "data": "ENC[AES256_GCM,data:VW96L4+D1+rv3PxMAi25NbOe3Sn6BtyyDMWeFU47po3sqEaVUgYOuNtZSL4pTkk+iNIX2ZsBHO9VpdRv8eY4KsRLbUZqx5PO7bk=,iv:teWRs8mWcTQCaCpQphOk6/Eqy5SIAFd5y3pMIolsDNs=,tag:g2ep49YcscG31pkioDjoOA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3bVd6ai9qYmplMWY0QkVH\ncGV3OWlYRnVscEtVMWxSL2NFZW5jQzRJZm44Cm52Vnl1c1FuME04bXJsdC9EN0VT\nZTIxVlE1MTZxYzk4ZDQyeTdERkZHNnMKLS0tIGhJWEpRZUN3UHZsZGFhWWUvYlBB\nZlFFK2ptVUZTMFd1eDc4TjNLQzRRNk0K0khV3EMFnOiK+wX0JFH78II/r+3aNzZO\nDOlui0a3+w5s5u2CQyF4tngD8NwMqwBAUTnxlxpJw9w1DbUvcMG5wQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxZk9Vb0t6bEx0WVBZMGVo\nbUxxK0xJZUM3aE5CNTczS1MyVGRtUGM3a1MwCjl3YnZBd3dTdkZrWnptbzZZZGNi\nUnZaYlhPcnFYbG1kcGpLaFBzaVVaOU0KLS0tIEt2eVNoUFA1UklxbG9XdVA1bXJl\nY0Nhci9ySHA1SnNwWlpHSEViTWdHMlkKoi0TDrIaXN13CCDa8FrycVGQxDpKI9QR\nEVgRws+Iu+CF/9hK3VJqdeKViohvMOonxfBUwG0+7qxDwIDSLz22hg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:14:30Z", + "mac": "ENC[AES256_GCM,data:azGcGxqBB/seHgw3TIJehutAloqV6b7eUrsUe5pPjU1qOKa0rC0cxjYGo4S+dDOWQ5I8TqlmrOf09hNyKhrYUCdxp2Fh1UYAEUXgtLcoxT1m/K18c4g8LRWbM8rAfoMwKoJWRAwC2WM8Uy2gW7D/Cse8HYJLOUMCzYEclFshn5Q=,iv:6CmRfhqufluS5MMmH5nS6fJmGYrfFfuJTCB5WWb1Pkw=,tag:Sw1V0808vDJFRseubXAD1w==,type:str]", + "version": "3.11.0" + } +} diff --git a/sops/secrets/bernese-age.key/users/pedro b/sops/secrets/bernese-age.key/users/pedro new file mode 120000 index 0000000..c7b3668 --- /dev/null +++ b/sops/secrets/bernese-age.key/users/pedro @@ -0,0 +1 @@ +../../../users/pedro \ No newline at end of file From c53c4ca91d512377c2785716d96301a56532a706 Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:14:36 +0100 Subject: [PATCH 05/15] Add machine bernese to secrets --- sops/machines/bernese/key.json | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100755 sops/machines/bernese/key.json diff --git a/sops/machines/bernese/key.json b/sops/machines/bernese/key.json new file mode 100755 index 0000000..c3ac85f --- /dev/null +++ b/sops/machines/bernese/key.json @@ -0,0 +1,6 @@ +[ + { + "publickey": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "type": "age" + } +] \ No newline at end of file From 0a639d1e551277df84a01f973ff46523ddfa301e Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:14:41 +0100 Subject: [PATCH 06/15] Update vars via generator borgbackup for machine bernese --- .../borgbackup.repokey/machines/bernese | 1 + .../borgbackup/borgbackup.repokey/secret | 22 +++++++++++++++++++ .../borgbackup/borgbackup.repokey/users/pedro | 1 + .../borgbackup/borgbackup.ssh.pub/value | 1 + .../borgbackup.ssh/machines/bernese | 1 + .../bernese/borgbackup/borgbackup.ssh/secret | 22 +++++++++++++++++++ .../borgbackup/borgbackup.ssh/users/pedro | 1 + 7 files changed, 49 insertions(+) create mode 120000 vars/per-machine/bernese/borgbackup/borgbackup.repokey/machines/bernese create mode 100644 vars/per-machine/bernese/borgbackup/borgbackup.repokey/secret create mode 120000 vars/per-machine/bernese/borgbackup/borgbackup.repokey/users/pedro create mode 100644 vars/per-machine/bernese/borgbackup/borgbackup.ssh.pub/value create mode 120000 vars/per-machine/bernese/borgbackup/borgbackup.ssh/machines/bernese create mode 100644 vars/per-machine/bernese/borgbackup/borgbackup.ssh/secret create mode 120000 vars/per-machine/bernese/borgbackup/borgbackup.ssh/users/pedro diff --git a/vars/per-machine/bernese/borgbackup/borgbackup.repokey/machines/bernese b/vars/per-machine/bernese/borgbackup/borgbackup.repokey/machines/bernese new file mode 120000 index 0000000..2c5a0ac --- /dev/null +++ b/vars/per-machine/bernese/borgbackup/borgbackup.repokey/machines/bernese @@ -0,0 +1 @@ +../../../../../../sops/machines/bernese \ No newline at end of file diff --git a/vars/per-machine/bernese/borgbackup/borgbackup.repokey/secret b/vars/per-machine/bernese/borgbackup/borgbackup.repokey/secret new file mode 100644 index 0000000..8d7c910 --- /dev/null +++ b/vars/per-machine/bernese/borgbackup/borgbackup.repokey/secret @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:BWotKi41tTUfN722LsZ8eHx3z2U6puEYgq2yMXM=,iv:aFs73QwU/DIQ/t2RJUrgybrbdvkfl9I087Av7g+KAUs=,tag:01phhzFgnRMpJqvohH7Y2Q==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3YzRoQWRoZkpiT3h0SlQ4\nK04vcDNuWTJ4UEhEK1AvTTRFZTdZTWRocUE4ClNZdVR2RkRyZVFVNUY0bThoVFRo\neWllaGpUUngvUlZ4TitxWWJEV3p5MDAKLS0tIGliTVE3YjJSc25uZ1lHaDdrbkt1\nYVVYS0VIWDlVcGRwclZxMlpieGlIeVkKhDWaajvsgoK2Posh0fK3uL4HaSBz8g1W\nV8bYXf92QbhfnEATqjFc4B1XOfAn59VyZaqqkAXc137Sz0lz8ygRYg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPNXI5Q0lqZnNHaTdRNE9Y\ndGo2YTF6SlFlaEdWN1dEZFZ1a2pobUc5ZUJBCkl3V3lSNzdEWHJlRTM1WXU2TXRj\nRFVxc091U2FZQ1FWU3A4ZlpCQ0VOSVEKLS0tIDlVbEp2dWdISXVSRFRMK21iNUR3\nT0Zrc3pnaWFxNEExdythcVE4QjFIMVUKb8xFxhvbOpUpbWeMeLly3Zplyy5b73dH\nLbwFbOZsuUyAuuSLOT8udY3ozf92z08jnSEoUqnpIPYRNfGXtI4xrA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnODNybUg2UjZ5RVhNY3RQ\nNnhYV29SU2dMQjVKMXU4bWFOSVprcy9zTkNvCkFaSlhXMDd6M3JSYnFiczgvMWov\nSnRjWUhBdklIdmNEUnRuNVVZRGoxTUkKLS0tIEpsSFNKZXBGSGZycTNrSGp5Mjlo\ndUZlU1FjaHVaN3A5RXRIcnBqRlVaUkkKaXvUzKfiWQFOvknXLpfkSG3AtqEAzuBo\nYyyAJNkLzSa4WLAzN5GgAiOlZYnWw0hbmzrLrcPBtkO60+bPNaOsFw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:14:41Z", + "mac": "ENC[AES256_GCM,data:vNc3g5XvIDoXEQJbBcQW34Ro10+e60r+OqOUmJbu4F3rmKQCRVRslueFcoSrOliPrGelZvaY0tGx9aR6pMNpiyNruhKKvLFh0PAQ8njEtgzyb/e+fQkuBIgsJvZ8M8RIKGW8dGu8xN6I4Q4su8IzbFQHgwHD0Lzk19lOYOccrUA=,iv:erbkI0+gUU8JpJoC2MtjhF4b2XGb9j7+WaWAVNL4zYI=,tag:47BCD61lkaE+TG1AiLKiKw==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/borgbackup/borgbackup.repokey/users/pedro b/vars/per-machine/bernese/borgbackup/borgbackup.repokey/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/borgbackup/borgbackup.repokey/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file diff --git a/vars/per-machine/bernese/borgbackup/borgbackup.ssh.pub/value b/vars/per-machine/bernese/borgbackup/borgbackup.ssh.pub/value new file mode 100644 index 0000000..a74001a --- /dev/null +++ b/vars/per-machine/bernese/borgbackup/borgbackup.ssh.pub/value @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDe9v+YLgC6KbmHR39Hk23GU8MWLN0LjUB0+lmoX3QwH diff --git a/vars/per-machine/bernese/borgbackup/borgbackup.ssh/machines/bernese b/vars/per-machine/bernese/borgbackup/borgbackup.ssh/machines/bernese new file mode 120000 index 0000000..2c5a0ac --- /dev/null +++ b/vars/per-machine/bernese/borgbackup/borgbackup.ssh/machines/bernese @@ -0,0 +1 @@ +../../../../../../sops/machines/bernese \ No newline at end of file diff --git a/vars/per-machine/bernese/borgbackup/borgbackup.ssh/secret b/vars/per-machine/bernese/borgbackup/borgbackup.ssh/secret new file mode 100644 index 0000000..f077b56 --- /dev/null +++ b/vars/per-machine/bernese/borgbackup/borgbackup.ssh/secret @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:P9Os2Aon0VtEH9FG0hnkbz4pipG3TMFatffjugytejua8hfi1EAx/z+8BE/qa0VQQDavk+JMmnOxSpmuevY/uLC0Ue4JdMqaRIeyuyv3EcB1w5T/Cm0TLH6/koM9NtRc+iNyUnxFUvqsDhduys+8vCgvUeiFttcmnt3K9bOvLFGKHyW6Ik80awCGNblk/kKu6Q84/nv9Vggo8nnZ+wk7JPyhQsW9H9fAeMgJefii4luvOnECQlvYfkNmhmLIejomMZPq/XbLdi41+YjFPXhoCUHd0OdlMuU/k9ToutCjDh1zpyeJiwPUsK3LQrsyEu4yGSGLRQb2SkCZhUTf0mDtrfSqNOp0FU1RFTlJYJT3aLSPt/di3RSASr+9kIfj1XiYiUDW3NUgqU3IzTJB+sQzpNeRx0dPergx0WoWPBDW0vMchmELXqxfBUpiAF9IRsvJrNaeUoiVlieJJ4yfIRgI2eu63qSzvUdJUjjR0/J+ujyCAIDKf4uIJOmDcue8wXsb5Mpk,iv:vd8XWukJQmTbzgUmSWdxAp6y17fol0+UbeQ2F+znkQQ=,tag:WjB3UJy50Tlc0FWUW7mFFQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqNlZFVXFZMW9NNlg1VU9h\nS0pRcjFTeTd2aGJrRlcvRW5KaXRpVmdEWDJzCjJuVmMyc01XT2c5NDArL3VZaWFw\nZk1qNHdXOGpVamNUMUxPcFZCMFZ0Wk0KLS0tIHFTQldqQVc4ejEvYjhpY2hrN3VT\nWVdNbGlSRngzOFNzVzA0UVl4bU90V0kKQcoSG0vwfRfPtZGRxuPynPrGphMZjsdX\nY2j8DqiwsAoj/jVTmGKbU3rDYF+IIyCxfgTblJRTSto/AOvNfIsPdg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNaVl3SGNaSzBTQzhvNk00\ncWRYdVU2aGwwQWxyRGdXU1BSRWFtVGdwNlFRCjFuVXgwWWlnVVBRUnBCekNkb2V6\nQWFMdWg4MFZpMkNEVDhBMTFuZFAzWEkKLS0tIFFCYStGLzhpWm1ibUNzZHpSZmdw\naHNXMldTaElmRkUwNllHUkIvY2k3VmcK/n0TN1E9npIk6hjyD3CQcUID6j8AxzwY\n2h78HaubCxzU9qYILPk2n2mKfqO6IX6enVRILf/yErN/XV7q4iUOsQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiRlJXaTRkUG1ZN1poU3NQ\nYUd2aWk4eEkwNHBzTFFJQTBPSlFIV3VVdFNRCndXNXlvdFlSM0N2Sk0wNXBVTy8v\nZGlwUUc3K2RzWi9ZVTBPUUdsRllnWXcKLS0tIGNmcUE1ZWo1d2Y4bVd0OEVJRkFv\naXRnN3pvM0hpNVk0UWJ3MFZJYWxiMGcKSW0e9mPiFXIaSkF67dm6sCCxwWyoCbck\ni16AqBjZNRxOXh3AckS6TQVZMtN/wHyhsphRXCUATrcHbnq0qi7Rzw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:14:41Z", + "mac": "ENC[AES256_GCM,data:Mx/1xRhpsxZHJbrTmwC0ooKJ8udUskbEHMRT02V2wYrQYOp+5IOSl7xF/pHBh5jPYhjvHNtLNKVrOcRUQd9GnOq1caAkkkKVgOA1RaoqWSwjzHwfx2ixKbRpmWbryQQJA2irdFl56OlYqPU8506qMQ7hYC5joOnkoV8ojmEFReI=,iv:T5XhIkaprwN7jB2Z9Wic8Ui36lVDKfW/r4J6FNy+TqU=,tag:ndykZT7GND6F+zvFcCzNRA==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/borgbackup/borgbackup.ssh/users/pedro b/vars/per-machine/bernese/borgbackup/borgbackup.ssh/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/borgbackup/borgbackup.ssh/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file From 77523b3ac856cc779800e81116064e43217ed01f Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:14:46 +0100 Subject: [PATCH 07/15] Update vars via generator mycelium for machine bernese --- vars/per-machine/bernese/mycelium/ip/value | 1 + .../bernese/mycelium/key/machines/bernese | 1 + vars/per-machine/bernese/mycelium/key/secret | 22 +++++++++++++++++++ .../bernese/mycelium/key/users/pedro | 1 + .../per-machine/bernese/mycelium/pubkey/value | 1 + 5 files changed, 26 insertions(+) create mode 100644 vars/per-machine/bernese/mycelium/ip/value create mode 120000 vars/per-machine/bernese/mycelium/key/machines/bernese create mode 100644 vars/per-machine/bernese/mycelium/key/secret create mode 120000 vars/per-machine/bernese/mycelium/key/users/pedro create mode 100644 vars/per-machine/bernese/mycelium/pubkey/value diff --git a/vars/per-machine/bernese/mycelium/ip/value b/vars/per-machine/bernese/mycelium/ip/value new file mode 100644 index 0000000..4905eaa --- /dev/null +++ b/vars/per-machine/bernese/mycelium/ip/value @@ -0,0 +1 @@ +5f6:2041:5dc3:6bbe:2bda:c028:d0d7:e498 diff --git a/vars/per-machine/bernese/mycelium/key/machines/bernese b/vars/per-machine/bernese/mycelium/key/machines/bernese new file mode 120000 index 0000000..2c5a0ac --- /dev/null +++ b/vars/per-machine/bernese/mycelium/key/machines/bernese @@ -0,0 +1 @@ +../../../../../../sops/machines/bernese \ No newline at end of file diff --git a/vars/per-machine/bernese/mycelium/key/secret b/vars/per-machine/bernese/mycelium/key/secret new file mode 100644 index 0000000..c079bff --- /dev/null +++ b/vars/per-machine/bernese/mycelium/key/secret @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:MYTu8cxNSW9ihhGUafA5leKncDm0s+dCgZVlz0BMj5o=,iv:2ZcD3ug9jFW8d6yD18lvbUMCkw3mXJ926ztDBYfPnBk=,tag:Vc1W1XWnq5EJB+LgWUwtNA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkMUh2TkpoSTVBNzNrSXFW\ndEZRVVRtUTdYR3NDdVFiS2IrNDA1dE1pM3dJCmY1cy9aVnUxNHFydFFBaE5HMWhN\nM0ZBQWQyNG5lREhjUmdoRU5Yd2dneU0KLS0tIFYzMTlsMlNMaHcrNGVodDFtMllW\nTWRxZVlXbUJlelRtUkpKS29BSk1OV2sKoNCHjTaTWLi67QkvRBFzAS9kjaSmTGfT\nE1prFNbk8dU63FYOk/1QznNWAF6b1ARYZxB2Bit1z1q754eFypCNuA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuaUQrRVJrQnJqUkl2OUVl\ncThnaytLYkczUnd6bDZTSGg1Z0dKMjFlN2xrCldiRm1lWG5YSEZ3VXdrU3FlQVBm\nUmE0TUwrRmtCVEVqbTY5ZW9yTjBsN2cKLS0tIEhTem1yWXZQdkp4V1o2ZnE0QndP\nM2pmc0xtSGQ1TkRPMVFXNVRpVFhOU1EKabJit3vZXfTZOIlzHNz154SlwP/qz22i\nNbvuKnoP2Pi8HPvig2E55NID28G7KqqthQJ85ZJ/2mFBeolDlY+0pw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxSmw5d1B3Y1pCdWlyNWhO\nMVBLT2VHZHVYSWgvM1psMS9JbGltb3hJS3c0CkpqQit0VTh6SGxxZUxCNjNTVy9E\nUGJxTE5aczBQVENsZmlaM21ZT3RMMnMKLS0tIG1SRmdwd3BhOHFudVQyQnFKQ0tL\nTVkydjU4WW9SOGxXRnR2RkFEeG1acm8K0b8ityzF2xEE1uyCvyz0IezXwL9uwOtN\nhGkSht0a5B2AP8ADfG4Ek5DcCwVBI0L6ameEsjescIQIJM+Jca+bCg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:14:46Z", + "mac": "ENC[AES256_GCM,data:vPqnsMh1E28KPRpFXd/pNTyfOIpkmK04zwOODlE5Q+9sjBIMyWNYSE5sZLGumOKcfIBOJNQ70LN7PAf+XYQ8Ng6BT11urVDtvRApgMIugsbTqMDKDwbAQ2KhVrANb+ooFrgIymDfNk+yVtFYhaCf1K3E/mcmcvQVQ5YllRmVZHE=,iv:M870+RQ8GUjJxmjWKaxh+KAD1eVoVq4o/hlo80V92hw=,tag:Ir5pK/EsHcJo8YQRvZO3oA==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/mycelium/key/users/pedro b/vars/per-machine/bernese/mycelium/key/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/mycelium/key/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file diff --git a/vars/per-machine/bernese/mycelium/pubkey/value b/vars/per-machine/bernese/mycelium/pubkey/value new file mode 100644 index 0000000..4cba907 --- /dev/null +++ b/vars/per-machine/bernese/mycelium/pubkey/value @@ -0,0 +1 @@ +26af4399b7dfd419d8cc80a41950c1bf6d80e901d9b1ca237a27993086bf9412 From 244f94fd154e23e40fb2446cfeb2b714287eef61 Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:14:51 +0100 Subject: [PATCH 08/15] Update vars via generator openssh for machine bernese --- .../bernese/openssh/ssh.id_ed25519.pub/value | 1 + .../openssh/ssh.id_ed25519/machines/bernese | 1 + .../bernese/openssh/ssh.id_ed25519/secret | 22 +++++++++++++++++++ .../openssh/ssh.id_ed25519/users/pedro | 1 + 4 files changed, 25 insertions(+) create mode 100644 vars/per-machine/bernese/openssh/ssh.id_ed25519.pub/value create mode 120000 vars/per-machine/bernese/openssh/ssh.id_ed25519/machines/bernese create mode 100644 vars/per-machine/bernese/openssh/ssh.id_ed25519/secret create mode 120000 vars/per-machine/bernese/openssh/ssh.id_ed25519/users/pedro diff --git a/vars/per-machine/bernese/openssh/ssh.id_ed25519.pub/value b/vars/per-machine/bernese/openssh/ssh.id_ed25519.pub/value new file mode 100644 index 0000000..31f1e33 --- /dev/null +++ b/vars/per-machine/bernese/openssh/ssh.id_ed25519.pub/value @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOvJTSMw0GieJYUT0ccnNZMq85sYb2y8IdOAtLO93vuU diff --git a/vars/per-machine/bernese/openssh/ssh.id_ed25519/machines/bernese b/vars/per-machine/bernese/openssh/ssh.id_ed25519/machines/bernese new file mode 120000 index 0000000..2c5a0ac --- /dev/null +++ b/vars/per-machine/bernese/openssh/ssh.id_ed25519/machines/bernese @@ -0,0 +1 @@ +../../../../../../sops/machines/bernese \ No newline at end of file diff --git a/vars/per-machine/bernese/openssh/ssh.id_ed25519/secret b/vars/per-machine/bernese/openssh/ssh.id_ed25519/secret new file mode 100644 index 0000000..a7d48d2 --- /dev/null +++ b/vars/per-machine/bernese/openssh/ssh.id_ed25519/secret @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:mvrk4RqwoVBhpfooirSkSTSimPQBlVggEUly+c9GP72i2rA0f2PrRL0hryYXSqfjcUk+nY+lS7p5E48J82GTT9hD2uvtLTX3r6hLM7W1DHKVTAif0hc20ealQJQCckMRO1SgfMRdy0wjW4rKJJ/Bv0YOTWdYJwWVswpipgWaMj57Xaao7w4u5p+/0rOnDG6YyyeV7ts1KB2aoTwYIHwolpiGtTLDlef2Lisq8d9FghLnuSSqjt+QfGXwPWXGsJvnLoirF1ZNA6J7ydUMH+tkwIm47obc51nLbZ7iG5VcbJv05/B4pYJm1iEVyu7MpBx2Bmj2Z3LQCE/VBxu61jB1lKTD+G53l07nOW+xVHTmMHdAK6/GRZBrX4GicpCgunlowKAnKCj/ZuqRV+1PP73hX2qtLC81nf9b1zF2s9G6wWmRIsXkrAFPYqrH2k3sfF2s5NXjt+8/HRvAZF5ExDZmY8vqrtvI1eHyHl34As+vGPNtI/XEUAz2kEjHn7Hj5t0d7KmF,iv:2JFsfU1FK+sUL25k+MbouvSsGAm4lDo/Getej2RTXNg=,tag:FhpA/QoYULPj8p7aqD9P+g==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5emlnVzJJaVJKMkZFeS9N\nOGd6bWFoY3lkeFZPNVpPTDhJRk5TaERSSlQwClNZOXZjemdlVHBSNUE4TTdMd2ww\nc0V6ZWxvdWJtR3hhNkIrWU1lUUNuYzgKLS0tIHVpN2xPMkdrNnlBWGxLMUg3MDFj\nU0dkNzhPM2lsKzZrS2pJbVA2bkMyMzgKbroAFgTAPu69Z7U7Lpp22D/ZtNk4VZN0\ny3tKMpPqQAFhyK/ucIyYx/1AGf7347nW+zdFOdPK1beuXElG33c54g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvUklIOXB1SEplNTdNNE1N\ndmZsYUpCUnlMSzh0WHI0d0c1OEFjYk9lQ1VJCm9TUUlHN3REdFM3Zkg1MmJUUFgx\nbG1veWxyTUphTHZIcWhGUUdmWXdsUUkKLS0tIGJERlU3TjY3dGZydDhFTjV0Vjkr\nSlJKOEtKYzR0bGU4WkNGVENmRDNncGsKFudyIy5WbUHTytAnzi9xGJw4SKJOmd7G\n2NmI8VADNQsR5oK3IQ6pYrLvmsltqX7d/df89sDv7SuHRoAPu7P0tA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBocTFiUnFNTmp6NCttWm1a\nb1V3d2E0anE0SnoxQjE2dkNHRHpxT3hFQWcwCkxPQzBqZzQzcHZOQ29uYk51cmZr\nTDIyVk15dU8rd3VCRjQ2T25xcVJ2bm8KLS0tIFh6djNyenJxRnowUnRXK2hGS1dz\nYmU0dnhJK1pwL3RWS3U4aXZxWjJPM1UKmkcIg+h6AKokBDj9wqts+34EszJBg5Pe\nN5wfQGP8oVd1uUerA97umVu42MO2JNX42zrMu4Qi7pWdx5wEuV4u3Q==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:14:51Z", + "mac": "ENC[AES256_GCM,data:FVrAzjAucWrTF4jE/jTG5+BpOlWl+KDEmFNrO48ibbvazI4iYG5SN+xkA3gLPRT3UW4Hh44FgzD2F/8Nx/W/29xckV6hrKU9IgnJFbU51g3UCdD9UMd/bvaciz5kt/LY0hy9ertIV5noAra0aEnFoqR3X7+eiIPTn2QRguHdrZo=,iv:DnJltheb56ikJJB03oVQpXVi8c1It21wF9gpUFt5axE=,tag:LxD6viSXxM4ucQzRBKo4xQ==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/openssh/ssh.id_ed25519/users/pedro b/vars/per-machine/bernese/openssh/ssh.id_ed25519/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/openssh/ssh.id_ed25519/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file From a900bdda097a496bf3e6e082924da672291512ea Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:14:56 +0100 Subject: [PATCH 09/15] Update vars via generator root-password for machine bernese --- .../password-hash/machines/bernese | 1 + .../root-password/password-hash/secret | 22 +++++++++++++++++++ .../root-password/password-hash/users/pedro | 1 + .../bernese/root-password/password/secret | 18 +++++++++++++++ .../root-password/password/users/pedro | 1 + 5 files changed, 43 insertions(+) create mode 120000 vars/per-machine/bernese/root-password/password-hash/machines/bernese create mode 100644 vars/per-machine/bernese/root-password/password-hash/secret create mode 120000 vars/per-machine/bernese/root-password/password-hash/users/pedro create mode 100644 vars/per-machine/bernese/root-password/password/secret create mode 120000 vars/per-machine/bernese/root-password/password/users/pedro diff --git a/vars/per-machine/bernese/root-password/password-hash/machines/bernese b/vars/per-machine/bernese/root-password/password-hash/machines/bernese new file mode 120000 index 0000000..2c5a0ac --- /dev/null +++ b/vars/per-machine/bernese/root-password/password-hash/machines/bernese @@ -0,0 +1 @@ +../../../../../../sops/machines/bernese \ No newline at end of file diff --git a/vars/per-machine/bernese/root-password/password-hash/secret b/vars/per-machine/bernese/root-password/password-hash/secret new file mode 100644 index 0000000..83da93e --- /dev/null +++ b/vars/per-machine/bernese/root-password/password-hash/secret @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:rb+N8+7P1lnhRdZ9JSFCqZCRyybXcvV68LOPavD1tTNQ3OtptDhNSGRcYIA4Vm/HTGgzU2DfcBNk1r1Ba3z663aaoTSPaUm1SP2JwcuaPBBGhLw4CelW/b1VBfhXB+S3ZAg5n017nvZemQ==,iv:re62yqflJZkhJzOZwGD7BFb/9Eqq/Uo4njrI58Kk2wU=,tag:cnSixkw5LrM983+0qyNxKw==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCRHc1QWprZTRxWmVJMkdK\nTUlmcmtJemUyMTFkcVA2WVRYOGNQdkthb0hNCnRZYVVQUGoxV3VlSkxlRXc1YVlX\nRkFuN0JMSXFJWStzdmRJMFhKSjZlcjgKLS0tIG9DYUdnM0VPN1RTaXpsRmpzb0dz\nWWpUbEIyajZkeXpFcnRZZG1SWUVhaUEKXT0iaouryxgAUcusmyEc/kOAR3ct/PIU\n6t6k7esWmrkDbBgQ0DsKZKIrUy6Ux83H62syTEtGd8ezE/D3HWhktQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwTFF5dmorRjIwUE1WV3NR\nMDN6ZXZ6UGZvS1ZvUWhQRWtOb3RTN3J6Q1hnClRaU3hvaG5hZi9HRStvTmhwSjdM\nNHBUaEZCZmFzdjRuS3JQZEZGUWZtL28KLS0tIHl4TUpWK21VRnhjNFY4SnVPcEk1\nb1FBeW9KSUtuNDN4SmJNMmNYQkl0S0UKSEcZd0gpOXjaX7E0P+UT7+1H8C+9t7or\ntWBE7TL1jTJ81ydHRmWNsfifrch0Dx9ARVCTSZS6LT41Eux0/PB5dQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxVUdEOSt6bVc3aEpLeTl4\ndlpiejcvdkpMaWIrWDB1WlFMQjR1bTBYeUVBCmNHMTBMS2VJZVN4WEpGQjRGRXgx\nOVNtUnhNcDVLWWpRaGo1UkI5bk9ycXcKLS0tIDhlUkFBQ1J4YVhuc2ZMWFpvRzEz\nb0lSRzJDSnNYUmthV3ZKblM1eWFNbzAKotpRrBPbo25Rb9BiZM70tjOkMwRzT7IA\nk8b9GAyJ087jLF1zxQz5aXJ3CII6VTidbCxYv5jkNlkQdtTyBj9low==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:14:56Z", + "mac": "ENC[AES256_GCM,data:/m5shCIXjFUAPdHrwwjGrG7GuVGS7TNC3HCdxGrCmchq/DjZxeCphzFbyZrYTVq4UH3BU4moZ23K4G/ChxNXxQ5YCWu1rqY/26676ITsjOa44UjBtU4UUqBVhCkV+A3XU70lVfv8v/j8c9N8wD6bI0J/oeOvGIThemDOpHviLls=,iv:u6d3mG008DxL0WpI82o9A72GYEUrOYvbmM92+2fh9l4=,tag:RFvWjwcZL54CtMveHZThHg==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/root-password/password-hash/users/pedro b/vars/per-machine/bernese/root-password/password-hash/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/root-password/password-hash/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file diff --git a/vars/per-machine/bernese/root-password/password/secret b/vars/per-machine/bernese/root-password/password/secret new file mode 100644 index 0000000..353cca2 --- /dev/null +++ b/vars/per-machine/bernese/root-password/password/secret @@ -0,0 +1,18 @@ +{ + "data": "ENC[AES256_GCM,data:+4OpQJ1rg4MM20ZW,iv:ra3uuvG289Y5qkCCGUJjs8CUyYevM+hORA+R9e/SpR4=,tag:wyKch+AUaXPuNf21vXwtTA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNaXFheG9IN054RVRJelh3\nNHJOS01ReW8xTjlKbjUrMzRBQlFSbGtaMW1FCmVUZTFKNmVQemtLUjE2L1ZCNkhm\nN2RLZlc3TTFzcXFKZEE1b2FxL09SajgKLS0tIHFTd2R2SEpoNXlQdHk1aHMyemtG\nYk0rZkZ5SG1KRi9TdHpjOWVLSy92eTAKmKlhagHHz7J3SG0wvcfri7fVFNgn0Jju\nJ4o0E9cw36q4AEeGiUpfBsuo0XpOtVXBn6QEJG/1GS+quItIiHsLxQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWcVIyaGhuNXVCNDNOSUlI\nS1VkUGRZSmo3YktnbUUveTJEbXBjZm1YTFJBCkN3Z29BYUQvNU54MloyTXVYL1RX\nTjM5WHpxa0dBeTNudXVOaG0rYkNsaUEKLS0tIDhLVUJXai9ZcVJZSkZ5UFBEbW9M\nK2dYTFNHQU1kS2w5cTBGY244bTVBQjAK1J03dvHCBkeFg5IxRYbIkp5Ya28SRnK7\n9S5l+g5UXeTBFBz5Pa6H2KaGrmUBlMufJeteKw5E1Ydun409vhQFBQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:14:56Z", + "mac": "ENC[AES256_GCM,data:3+GHVAY3EwBe1Gm1oSXIrhQNarIGOzCGHXFqdlwm2SVmeo5UYEgAev1XZNPOhme33Ntug56i8owXQuiHDVTYHk+/S6So12r0fiITG2IXyDcnRVq0jL9XpPlXpZJuy5TPYr4qkOeePt634KL632r6yLpCWk52fDSvzFVl205VKKA=,iv:U8Hkwo2cZqEvx31nveCEEtlSnIScxgGY20+LNVvqJ4w=,tag:LUhrcGmCqmpXo3gefju17A==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/root-password/password/users/pedro b/vars/per-machine/bernese/root-password/password/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/root-password/password/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file From 739fdc0872c86e8d439e7fb0533ca07024185254 Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:15:01 +0100 Subject: [PATCH 10/15] Update vars via generator state-version for machine bernese --- vars/per-machine/bernese/state-version/version/value | 1 + 1 file changed, 1 insertion(+) create mode 100644 vars/per-machine/bernese/state-version/version/value diff --git a/vars/per-machine/bernese/state-version/version/value b/vars/per-machine/bernese/state-version/version/value new file mode 100644 index 0000000..115ab7a --- /dev/null +++ b/vars/per-machine/bernese/state-version/version/value @@ -0,0 +1 @@ +25.11 \ No newline at end of file From 9eccc1ab0e09dea28e5f88890dfbc7f7f26bad82 Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:15:08 +0100 Subject: [PATCH 11/15] Update vars via generator tor_tor for machine bernese --- .../bernese/tor_tor/hostname/machines/bernese | 1 + .../bernese/tor_tor/hostname/secret | 22 +++++++++++++++++++ .../bernese/tor_tor/hostname/users/pedro | 1 + .../hs_ed25519_secret_key/machines/bernese | 1 + .../tor_tor/hs_ed25519_secret_key/secret | 22 +++++++++++++++++++ .../tor_tor/hs_ed25519_secret_key/users/pedro | 1 + 6 files changed, 48 insertions(+) create mode 120000 vars/per-machine/bernese/tor_tor/hostname/machines/bernese create mode 100644 vars/per-machine/bernese/tor_tor/hostname/secret create mode 120000 vars/per-machine/bernese/tor_tor/hostname/users/pedro create mode 120000 vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/machines/bernese create mode 100644 vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/secret create mode 120000 vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/users/pedro diff --git a/vars/per-machine/bernese/tor_tor/hostname/machines/bernese b/vars/per-machine/bernese/tor_tor/hostname/machines/bernese new file mode 120000 index 0000000..2c5a0ac --- /dev/null +++ b/vars/per-machine/bernese/tor_tor/hostname/machines/bernese @@ -0,0 +1 @@ +../../../../../../sops/machines/bernese \ No newline at end of file diff --git a/vars/per-machine/bernese/tor_tor/hostname/secret b/vars/per-machine/bernese/tor_tor/hostname/secret new file mode 100644 index 0000000..4340d12 --- /dev/null +++ b/vars/per-machine/bernese/tor_tor/hostname/secret @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:uGF3T030voZt39Cg3c2fxvDuOnTMx8/QvMgsDP5NISE706ChwUI3ngo5vlRB6wTwglYEKXLvtY/8TAkatCZq,iv:zzPWJKD+m9LeHaWi5FkpblGYGcvFeeOsRooJMAqE1uQ=,tag:8xiINLQD42QmHWSigCc8ZA==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVWXh4SWVGYUpMR3NlU3dL\nYmpjaHNIT01yamJsOCt6cWhTeXJyb01tVlZVClM1cCt6andpR0pqWHltNVo4Unhs\nOGZwdDNxU0szVEQvUlNrZ21GS2FhQXcKLS0tIENtRDUrQ213RGhyV05nRlBxRGFu\nVktWVVo0bE5SbUlnK296SU8xRXU5ZXcKqnk5mWnLjisyQyyQWRo1PMHaNRceTlmk\nmc1T1pxQlUC52MDFHiRvYZohjjg4qAFSVPknZZHy9MvOss6CNDzLCg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhbjJuZUZpMm1ZUndZVDdF\nVjZZTVA2Wk0xQllXb3o2Z2FOREFXdHRRSnlJCkVoeDNMcGRIWm1Idm5BNEUrY3hY\nL29RVHg3eEd4dyszWE4rN3hWdDJqRG8KLS0tIEdzaGdRaHhPRElaVHBJaVFBdGpj\nSG5VZkhQM0RiQ0dMV0JHL1AzcC90T3MKh6Yu8pBV6xmp2otUIAsbrFR6YHvmfs8r\nbNadT8ZQEW2BRi4w2ELNdFTB/REw2SwmKlL98kdvjNig0h0UFW2HAg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBid3JjRXlDWWE0d3dvUnBV\nS0RWUk5JR3dLUCtQVmlnUzdQSG5nQnArQkNjCkJhR1V4OUsrWVUzazdWZDVLenZn\nWGZEMEhWbFJtY2U0VGxoMWk2N3FzMWMKLS0tIC9FZ0ZHS1NBdUUxcHZrSE9qbnJC\ndE1LOHJTUno2NkZDNENrdFJlTHZJblkKiY6oFXfmakdV9U7LB9ou3XpzMCJQOkHP\n2+a8uXPZ8RSNgE5sfBpSYJn8K62i0kYo7poEiJ+n58/ST3XC7NNQng==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:15:07Z", + "mac": "ENC[AES256_GCM,data:AOOnfq9kGq2u+hxKNTNvrc+SiqPscMGASXWwB/2aWwjxqupAMaidfLaPgv6A7V+RxqzNn33yksTqReFJ9eX31k10sSPNxDTJuDWDmc1p8Rvu7R6SkqZvr07KwbXSplhhsz8eiMWmOFro2Qtz5PYm0QTh/H0UY6ApB7c1wcRH2uk=,iv:7t+/t7z6xqHVQg5RNu/ABhON+IXGLEsZnop2G4J6cKo=,tag:rqgO9YiISFeVy5kAni5y9w==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/tor_tor/hostname/users/pedro b/vars/per-machine/bernese/tor_tor/hostname/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/tor_tor/hostname/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file diff --git a/vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/machines/bernese b/vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/machines/bernese new file mode 120000 index 0000000..2c5a0ac --- /dev/null +++ b/vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/machines/bernese @@ -0,0 +1 @@ +../../../../../../sops/machines/bernese \ No newline at end of file diff --git a/vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/secret b/vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/secret new file mode 100644 index 0000000..ade746d --- /dev/null +++ b/vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/secret @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:luENO7+PfxcMPI98nAVSBRrwNMCIAiBaRV2rMc+4qNZOzPyLxEtmL0eOZQVv7DpEwOQbsM4l5qXIf1yefUbx7VtryYaW2HfqZ6D7GYYtDfRkwKtUAyCeOtlNAYNPqf9y,iv:umYzPTO3s6IK2RGofgn1DgSKVh9jHrZtn6/ZwO5lDyk=,tag:LxfHXvp63ZJf+8vjC3zSWg==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2T1A1VlgycDNOU0FXYlY3\nUmRNb2lIMWIvQTVJNm83L1lqTDhScHJRZG0wCmNlMDl1V2U4RGlPUytoZkZBRjA5\nL1h3YzJZKzRIMlZ0Q2Eyd21lRDBWSTAKLS0tIGRhNnZUZFlNK2RBVk1UdkU2dW50\nVm5Fcm4zRzVHcm85c3A2QTFzdU5nOWcKGGVu1OePWPNIYjTrSRolBI5VEadGg0ad\nSKfMbDDp7ud9CL2nboIl+mADY4XM+TflXwMGt05cYrffsOap0jq6/A==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMdjk0NGtocTY5MW9pWE1G\nTC80cjRhRUVld1NENXhzMy9vVlJGQnNDNmtNCmV4cW05cmplV1oxZ1pnKzQ4eG5O\nRW1yVUNUcnhCc1QxcFQvS0JrRTNpU0UKLS0tIGtxVWdQYmhqLzRkYnB0eWpWaUMy\nTHFqYXVDQnNVYkNkN3JIZGU0dDJzNjQKW7eOdSb48kJu4IbbQrsjcT+tAyQH4yA2\n1/w0kGll1cT/4tswyTVWpjEpyVkX9m8Fei8lBOuJ7hsCQhrpXVk7SA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6R0hqNUR0MWJjcVIyYzdn\ncExnNVhQM2tkTXRVN1ZCWSt6TmpjNHRyQ1NBCitodHRWRHYvNEtJWlpvN0wyWkFF\naTc2b2RMMVc1MnV6eHRtSGR2dFdZQm8KLS0tIE5Sa21JTTdsR3QvR0J0MW94WVNY\nS2FQVlN6clh2SmwvZDljUk5wSml6WWsKsRf05xipeMdXVM6kn70S9KezBuF4hQgg\nZnMFnmn3A7LY+pKNfuIZZe1Q6P7oh8jFBTr9hifAHOI0rZDC62Bauw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:15:08Z", + "mac": "ENC[AES256_GCM,data:VUrv6+/qtWZ96vTqpQEO3KYdNgQXx7qXlOcKu2VaVVtlazAlw43QvvggbAFawllU+KQcZizY5y8DTEPMCIhPeB5D9wutXs33AApfTWNN7BetbCYIP9q8fDZkVHcEeSooSKIj/Xx3LyhrB+RICGeX6kux14hVAroAFyLrqdMuGcQ=,iv:DIZZOBrIwWXmO7GewVi5MlGxNiE+Q2B0aN4Ncnfw+hY=,tag:5oMzpUpWAkQe/vt+8YZtHQ==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/users/pedro b/vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/tor_tor/hs_ed25519_secret_key/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file From ada2f1c7bcf6d341ea83e01c3f0396baa7733bd5 Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:15:12 +0100 Subject: [PATCH 12/15] Update vars via generator user-password-pedro for machine bernese --- .../user-password-hash/machines/bernese | 1 + .../user-password-hash/secret | 22 +++++++++++++++++++ .../user-password-hash/users/pedro | 1 + .../user-password-pedro/user-password/secret | 18 +++++++++++++++ .../user-password/users/pedro | 1 + 5 files changed, 43 insertions(+) create mode 120000 vars/per-machine/bernese/user-password-pedro/user-password-hash/machines/bernese create mode 100644 vars/per-machine/bernese/user-password-pedro/user-password-hash/secret create mode 120000 vars/per-machine/bernese/user-password-pedro/user-password-hash/users/pedro create mode 100644 vars/per-machine/bernese/user-password-pedro/user-password/secret create mode 120000 vars/per-machine/bernese/user-password-pedro/user-password/users/pedro diff --git a/vars/per-machine/bernese/user-password-pedro/user-password-hash/machines/bernese b/vars/per-machine/bernese/user-password-pedro/user-password-hash/machines/bernese new file mode 120000 index 0000000..2c5a0ac --- /dev/null +++ b/vars/per-machine/bernese/user-password-pedro/user-password-hash/machines/bernese @@ -0,0 +1 @@ +../../../../../../sops/machines/bernese \ No newline at end of file diff --git a/vars/per-machine/bernese/user-password-pedro/user-password-hash/secret b/vars/per-machine/bernese/user-password-pedro/user-password-hash/secret new file mode 100644 index 0000000..f77dc0a --- /dev/null +++ b/vars/per-machine/bernese/user-password-pedro/user-password-hash/secret @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:6NvZIxisuw+slyTtcZYHdPWk7mfJkbVsjCEr7HVqNE0y8NpvgchX50BGJNpaBo+7JaNKII17MfG7jK0W0CeUrohurpBFLgKqt9BIKiZo9H36yyLQGOBj2xWNhFkfkQR8xUpOOdC6wsWoOQ==,iv:ttUWXLc2oNoHCxJb4UjQSo96zRHrbRuQW5o0KsNJGZg=,tag:6HfT9oCSC8UnkpQ3HIWWbQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnaHYwNTdialVDWWQwZGMz\nMVhpbTFsbHBJcGVmVkJlbGRaTXo1UjJVcG4wCitiaWRVbWcwdStpd3E4TWlqbFFW\nZlN5YTVqR1hJQ3FYVTFMWkZZODFWNkkKLS0tIGN6TlJlM2ZPakgxZGtLc0V4MXlu\nRFV4dEZSSmVhQnJQMnFCV2tuclVnRVEKqINgzRu5kfZq0lYrSZ6BVCu+DOtnnS1C\nwgVzdmbUnFnBdT9X9ddTRNSIs3kmaFwm0/Ju7lFKZjkuHnoELYUOYQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5Wm9XSXhaTDQ5RFIwbWQx\ndEZtazR6VzFWc1AzVTg2TzNheEtGZzhlM2xRCjkyckNwajdGYzRWRGF1YURBZCtk\nZ2M5Q01CZGtiNm9ub09YaVNrSWZJM0kKLS0tIHFtcTF0V2hNclBYbnp4aFJUNG9p\nUnpKQjk2QXRIcVE3eGhVZU9XbTNxV28KN3l30mMuSl9hXBQte/30uxvCXLHkCV5j\nSsa0sYK1U9QntZV6Cp4QsRut0CGCGALIuVNcE+EaJDeRQpmwCi9BkQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBdDh0T3lyaHJWKzhEb3dz\nbHJHL20yamlpemNDSitidGI4ekJPN2Q5K0RRCk5XeFE3b3VKRng5cXhQMmlNRUFX\neEV6STlBMU5zK1hYYm5Sanc4eFNpM2sKLS0tIGllZTJWSjFYWTdHL3BDWERKckg2\nMXFEeG03ektpaWd6VTNpUUpOZzVGZEkKChqoOpUWTl2pxlt0ze7NJUiHpIcHHsId\nS1gcs9Scswfke5M9vKphyrHwjZ/u+TSaaHF5WNxfsxyZbtW/nRTjxw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:15:12Z", + "mac": "ENC[AES256_GCM,data:3t6gqN9QXgSCuDpfgssF5Fenno87opAh/mRATmfbE0sKC7ijWsaQjKTyr6CoitHqmHjwkIbZ9WQTQuonPBsE5kg8pAqMvfwtVIHAaW3ENII7ttNGT88xIZo6TwuLck0IJJdQv3jSCgX+F4fAms+bqZjNk4rNzM3ZDNaVwtOlnXQ=,iv:FrHr8ZEJB90dNvxpc39rdkr0z5BhbHdaIlEJP7FNUqY=,tag:W56be7+xG2SeEYR4Xip2/g==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/user-password-pedro/user-password-hash/users/pedro b/vars/per-machine/bernese/user-password-pedro/user-password-hash/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/user-password-pedro/user-password-hash/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file diff --git a/vars/per-machine/bernese/user-password-pedro/user-password/secret b/vars/per-machine/bernese/user-password-pedro/user-password/secret new file mode 100644 index 0000000..849f5a2 --- /dev/null +++ b/vars/per-machine/bernese/user-password-pedro/user-password/secret @@ -0,0 +1,18 @@ +{ + "data": "ENC[AES256_GCM,data:29ZvFQJAJop2bNpu,iv:0W3ZKW/OPLrcwbbfE39slT/LIV6dvSybxmxjYki0tXw=,tag:lAmlficL1lkdzuzUy8EwtQ==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJcGJwSTYyQjZ5SXFkVXR0\nSyt6ZHpqaWhsK3pWM0kzbzFRQ0NqRFpVZENzCnF4RkIwdWpxWTFkOWQ4ZE83c1d0\nQ2ZqVGN3a2F1bTgzMlRReUxQMmFGbVkKLS0tIGowMUdFWUtORlZuY0RPaGdjZXJR\nV2haSTlWdGR6bzFOY3NlTzdjblJGcVEKPn7EHg/7LscyZW6Gk+5vaQXvUUoZwAYf\nUfBIM4lFwyqxw41+FLRdYGlCQz9sWMfXPbmXPa+LKtRx0C69SZEVOQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrUlZpQ3pQS24wd0QrRk51\nS3lqVFhUcTlWbnhnRzJKcTB3TXNyTHg0RzE4CkRvN3RqTWtKYm5TU3J2eHJEK1U4\nMWRHQ0N2WnhaZk81R0Q4dUF4LzM3MEUKLS0tIFRtam9VbnhWd2I1UjRlNFR3cXhS\nSy9kaUp3UHVrZGczOVJZRldPQUdXdkkKxdnQWFAzeZc/7v52TjBPRlx9Ej015JLY\nR3+7+049lW72DIK6NZQbvRrF8hl70hx30cq3tN7BW1n5HJcEPsQTBg==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:15:12Z", + "mac": "ENC[AES256_GCM,data:8Wwrvn5G2EP7qWBbzSDEPkbzMcTWmF5XAqIiaQ9egm5c/xJkDNACEAtbQZ0guJ4SmcKpFs/bxcgAp53RDbAITh3PAKQRORBEsNYrifCdGnMc+cKk4cR+tzBApr0q+fNBvA9uFNw9ER/xt9B1VG5Xi8SSdplNbJcmI8m2OLEW+jA=,iv:k0OXZfZ61qR23i5J1r129depYxA7vqPNRNTnCTbDIrk=,tag:7TfFAsfRSDQqUrd3V1fFkA==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/user-password-pedro/user-password/users/pedro b/vars/per-machine/bernese/user-password-pedro/user-password/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/user-password-pedro/user-password/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file From e629b2cc250f8aed11a8a155c613c7e9e482c31c Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:15:19 +0100 Subject: [PATCH 13/15] Update vars via generator yggdrasil for machine bernese --- .../bernese/yggdrasil/address/value | 1 + .../yggdrasil/privateKey/machines/bernese | 1 + .../bernese/yggdrasil/privateKey/secret | 22 +++++++++++++++++++ .../bernese/yggdrasil/privateKey/users/pedro | 1 + .../bernese/yggdrasil/publicKey/value | 3 +++ 5 files changed, 28 insertions(+) create mode 100644 vars/per-machine/bernese/yggdrasil/address/value create mode 120000 vars/per-machine/bernese/yggdrasil/privateKey/machines/bernese create mode 100644 vars/per-machine/bernese/yggdrasil/privateKey/secret create mode 120000 vars/per-machine/bernese/yggdrasil/privateKey/users/pedro create mode 100644 vars/per-machine/bernese/yggdrasil/publicKey/value diff --git a/vars/per-machine/bernese/yggdrasil/address/value b/vars/per-machine/bernese/yggdrasil/address/value new file mode 100644 index 0000000..93c7f77 --- /dev/null +++ b/vars/per-machine/bernese/yggdrasil/address/value @@ -0,0 +1 @@ +201:f80a:466:b126:756d:8cb4:fcd6:15bd \ No newline at end of file diff --git a/vars/per-machine/bernese/yggdrasil/privateKey/machines/bernese b/vars/per-machine/bernese/yggdrasil/privateKey/machines/bernese new file mode 120000 index 0000000..2c5a0ac --- /dev/null +++ b/vars/per-machine/bernese/yggdrasil/privateKey/machines/bernese @@ -0,0 +1 @@ +../../../../../../sops/machines/bernese \ No newline at end of file diff --git a/vars/per-machine/bernese/yggdrasil/privateKey/secret b/vars/per-machine/bernese/yggdrasil/privateKey/secret new file mode 100644 index 0000000..05ccb2d --- /dev/null +++ b/vars/per-machine/bernese/yggdrasil/privateKey/secret @@ -0,0 +1,22 @@ +{ + "data": "ENC[AES256_GCM,data:LDibjOx042/jI2ov9q3TbczW6JXpLCLrz0kzlM2ZXxwe8NX+A47My1RtY828zqFpTeqCoK03yGbP0v5ZEDt+Wq27/Hj/ZLeAuo5WVmi6jyUwdALT1G3jFiiSXovj0ISv0BzdhjQeADOfE20yzIDEee/Hwn71ocI=,iv:oJtUunFLSGBG05hgJ4aBw1vWHXb2GRQhDewQsSKkKG0=,tag:Nr49AwUUD0EvtOnYLyXM/w==,type:str]", + "sops": { + "age": [ + { + "recipient": "age1la2p9plxwtlauzf00zx5tfaq6pejr47jrn8kkxhhe5utr57e24sq4agxr7", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvV1NxYWM2elk1SXFUek5V\nWktjdG1vOUVBakR1Q1VOU0x0eTVlR0MrRDNrCmhCa2NNRVl2emJuTmVaQ0l1TzFL\neXNGTlZkdTZhRGdBbG4vMEFyNUlndjQKLS0tIG0vc0k3Y3lhRjVzR2p1SCs4TzlO\nWUQzNEcycFlHeUszS3VlZ0lld2ZiekUKqMzO+mar80myRD2anlHFl6G2WCeDqQje\nHZ3ePmdlxzs0Bsd3Glv/WZU9IGk7zj9EFHtefy6SmkgbA/VoTlCl0Q==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCcjVGbE8xK2xWT0tDYzFi\nbXFoRTZvNis0eGFwR2hpNHEvd1RMcE9IVUdVCnVEQjlLeTRyTnNHcUkxRkU5VFRI\ndlMvLzlRRGo4NzZaNmRQUzJ5bWNDMWMKLS0tIDdoQy9yZ0lXOFJtclZ6MW9oRzFa\nNlZBdHRjRVNTcGVzZXZtd2laVnFmQkEKyrIRsZ+U+cDhpgdhj5SFVSEfDYBycSiv\nU24XzBY6v5KpUKfYPlaKH/7CB33Kw0rsC2yyO6g1pckZPZH89Bgepg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBINmtFZ2VKSU1Oemc5aFlC\nZnA2UGs2aVk5UFNxbzZ3RzRnQWpYUHgzdDBnCm9rWnlMRXE3OERsallYSW8wejky\nZWFLSk4wZmlrTUcrNG96TG1tQndiSlUKLS0tIG52aVAvODErbHVzNXUvTUwyNm81\nbnhYSkRBSnUrcUM5enhBNkxNRWFOQVkKUag92FEnmBBFGsGVg1E7QkSoCwf1tCRQ\n7pUd3PeI6+Lb0h9L2JUOLT+m75EKQnOjyXT4tMg0qTTJG8YW4V94nw==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2026-01-05T14:15:19Z", + "mac": "ENC[AES256_GCM,data:Rb4kWa9eQWoqeljWmC6uRcfnmiTdjC1SJ1xtRKvJaCtsgxU/Tm3wUILFw2zU2YV5czGMfM3kJVMBV61OD+cttmEtPTQFeBWgNNC3U1qVgAEtXdreDYtIDlVnJ7CxUCLWxzC/DiASy1l0EaBG4QnegMhBkzZ7b3GJBtHBxFzIQCo=,iv:yW1Z7YeZAz7ULMFPBpHwwYh4gjO4ioCzEezUmoTuSEk=,tag:4Io/vi49uPzSN9UbtF87+g==,type:str]", + "version": "3.11.0" + } +} diff --git a/vars/per-machine/bernese/yggdrasil/privateKey/users/pedro b/vars/per-machine/bernese/yggdrasil/privateKey/users/pedro new file mode 120000 index 0000000..ae0c694 --- /dev/null +++ b/vars/per-machine/bernese/yggdrasil/privateKey/users/pedro @@ -0,0 +1 @@ +../../../../../../sops/users/pedro \ No newline at end of file diff --git a/vars/per-machine/bernese/yggdrasil/publicKey/value b/vars/per-machine/bernese/yggdrasil/publicKey/value new file mode 100644 index 0000000..dfd5dee --- /dev/null +++ b/vars/per-machine/bernese/yggdrasil/publicKey/value @@ -0,0 +1,3 @@ +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEAQf1+5lO2YqSc0sDKepCZZ1RTeRh2X9HfMLylIFQEheI= +-----END PUBLIC KEY----- From a9974f8357d933081adf049bd6cff1555fbd6d5d Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Mon, 5 Jan 2026 15:35:10 +0100 Subject: [PATCH 14/15] update(inventory.json): Installed bernese --- inventory.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/inventory.json b/inventory.json index fe7ff4c..32d4143 100644 --- a/inventory.json +++ b/inventory.json @@ -5,6 +5,9 @@ }, "beagle": { "installedAt": 1760646881 + }, + "bernese": { + "installedAt": 1767623668 } } } \ No newline at end of file From 59f7392c40e2f20611335f60c6e567aeb2c52a41 Mon Sep 17 00:00:00 2001 From: Pedro Rey Anca Date: Tue, 6 Jan 2026 20:46:13 +0100 Subject: [PATCH 15/15] clan: add tags to bernese --- clan.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/clan.nix b/clan.nix index 6e54e4d..20d18b8 100644 --- a/clan.nix +++ b/clan.nix @@ -43,6 +43,14 @@ "vm" ]; }; + bernese = { + tags = [ + "server" + "headless" + "vm" + "media" + ]; + }; }; # Docs: See https://docs.clan.lol/reference/clanServices