peprolinbot/frues-clan
1
0
Fork 0
Code Issues Pull requests 1 Wiki Activity Actions

Compare commits

base: peprolinbot:4c262bb9510f7dd9bf8c539511ac6a74c882d1f2
Branches Tags
peprolinbot:main
peprolinbot:flake-update
...
compare: peprolinbot:df874049afdc6f33e8c9ff03ac29f2bee5cdf9c2
Branches Tags
peprolinbot:flake-update
peprolinbot:main

10 commits
4c262bb951 ... df874049af

Author SHA1 Message Date
Pedro Rey Anca
df874049af
Update flake.lock 2025-08-21 15:59:00 +02:00
Pedro Rey Anca
f4f85dc91a
Use clan vars instead of secrets 2025-08-21 15:48:27 +02:00
Pedro Rey Anca
0f7761b8f9
Update vars via generator tg-ha-door for machine aresix 2025-08-21 15:43:46 +02:00
Pedro Rey Anca
3d192b0a6b
Update vars via generator duckdns for machine aresix 2025-08-21 13:15:34 +02:00
Pedro Rey Anca
99faaad480
Remove secret duckdns-token 2025-08-21 13:05:21 +02:00
Pedro Rey Anca
13e1773fb9
Add recommended nginx settings and optimisations 2025-08-19 13:21:06 +02:00
Pedro Rey Anca
a3123cfdec
Move networking stuff to separate file 2025-08-19 13:20:35 +02:00
Pedro Rey Anca
4011299399
Configure aresix 2025-08-14 15:58:36 +02:00
Pedro Rey Anca
cb8d24c6ce
Add aresix to secret 2025-08-14 15:08:32 +02:00
Pedro Rey Anca
a12822d8d7
Update secret tg-ha-door-creds 2025-08-14 15:07:05 +02:00
17 changed files with 416 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

240
flake.lock generated
View file

@ -14,11 +14,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1754493613, "lastModified": 1755781116,
"narHash": "sha256-dI4LG8519Q8xWtUR/RrjkSNYEx8fgw7VLqC8mZ7ZxnI=", "narHash": "sha256-ZrKyMWet3TcN9fkXNQY60z2YpGMizgYD21DkLMmqDOk=",
"rev": "9cad07473252d3272c359f4b12b766c6bd7534aa", "rev": "1aaa157f20de4bab88282b92e85ee98d01cfdf17",
"type": "tarball", "type": "tarball",
"url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/9cad07473252d3272c359f4b12b766c6bd7534aa.tar.gz" "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/1aaa157f20de4bab88282b92e85ee98d01cfdf17.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
@ -60,11 +60,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1753140376, "lastModified": 1755519972,
"narHash": "sha256-7lrVrE0jSvZHrxEzvnfHFE/Wkk9DDqb+mYCodI5uuB8=", "narHash": "sha256-bU4nqi3IpsUZJeyS8Jk85ytlX61i4b0KCxXX9YcOgVc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "545aba02960caa78a31bd9a8709a0ad4b6320a5c", "rev": "4073ff2f481f9ef3501678ff479ed81402caae6d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -81,11 +81,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1754420989, "lastModified": 1754487366,
"narHash": "sha256-3e4wHzNwTMg7GaeLH9A091DMaO9AfFxUjpfqbddCUeo=", "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "7f38f25a44023a21a504bd3fd9d4f41c4a39f55c", "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -94,6 +94,66 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1736143030,
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flocken": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": [
"tg-ha-door",
"nixpkgs"
],
"systems": "systems_2"
},
"locked": {
"lastModified": 1737581094,
"narHash": "sha256-MSjyNy4zENfngnSdXQ6ef/wwACB0jfDyhy0qkI67F9A=",
"owner": "mirkolenz",
"repo": "flocken",
"rev": "97921a2650cb3de20c2a5ee591b00a6d5099fc40",
"type": "github"
},
"original": {
"owner": "mirkolenz",
"ref": "v2",
"repo": "flocken",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -101,11 +161,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1753592768, "lastModified": 1755776884,
"narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", "narHash": "sha256-CPM7zm6csUx7vSfKvzMDIjepEJv1u/usmaT7zydzbuI=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "fc3add429f21450359369af74c2375cb34a2d204", "rev": "4fb695d10890e9fc6a19deadf85ff79ffb78da86",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -115,6 +175,34 @@
"type": "github" "type": "github"
} }
}, },
"ixx": {
"inputs": {
"flake-utils": [
"tg-ha-door",
"search",
"flake-utils"
],
"nixpkgs": [
"tg-ha-door",
"search",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754860581,
"narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.1.1",
"repo": "ixx",
"type": "github"
}
},
"nix-darwin": { "nix-darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -123,11 +211,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751313918, "lastModified": 1755751773,
"narHash": "sha256-HsJM3XLa43WpG+665aGEh8iS8AfEwOIQWk3Mke3e7nk=", "narHash": "sha256-d1H34kko9J5fWrxCVgfa1TkIwdkGt/eDSVopAWenw24=",
"owner": "nix-darwin", "owner": "nix-darwin",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "e04a388232d9a6ba56967ce5b53a8a6f713cdfcf", "rev": "3a0a38a1e7ac2c4b4150ea37a491fdffdc9c92e1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -151,11 +239,11 @@
}, },
"nixos-facter-modules": { "nixos-facter-modules": {
"locked": { "locked": {
"lastModified": 1750412875, "lastModified": 1755504238,
"narHash": "sha256-uP9Xxw5XcFwjX9lNoYRpybOnIIe1BHfZu5vJnnPg3Jc=", "narHash": "sha256-mw7q5DPdmz/1au8mY0u1DztRgVyJToGJfJszxjKSNes=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-facter-modules", "repo": "nixos-facter-modules",
"rev": "14df13c84552a7d1f33c1cd18336128fbc43f920", "rev": "354ed498c9628f32383c3bf5b6668a17cdd72a28",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -167,23 +255,35 @@
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 315532800, "lastModified": 315532800,
"narHash": "sha256-lUi+sPH7Kuh9uP3PyfgbENcJGReUM8Ffk9GxGBFbSN8=", "narHash": "sha256-h8Sx4S+/0FpodZji6W9lHzwY5BcuUG85Aj3GfhvGC2o=",
"rev": "be9e214982e20b8310878ac2baa063a961c1bdf6", "rev": "a650b5d0de99158323597f048667c4d914243224",
"type": "tarball", "type": "tarball",
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre827262.be9e214982e2/nixexprs.tar.xz" "url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre845298.a650b5d0de99/nixexprs.tar.xz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
"url": "https://nixos.org/channels/nixpkgs-unstable/nixexprs.tar.xz" "url": "https://nixos.org/channels/nixpkgs-unstable/nixexprs.tar.xz"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1735774519,
"narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1754689972, "lastModified": 1755704039,
"narHash": "sha256-eogqv6FqZXHgqrbZzHnq43GalnRbLTkbBbFtEfm1RSc=", "narHash": "sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "fc756aa6f5d3e2e5666efcf865d190701fef150a", "rev": "9cb344e96d5b6918e94e1bca2d9f3ea1e9615545",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -197,7 +297,31 @@
"inputs": { "inputs": {
"clan-core": "clan-core", "clan-core": "clan-core",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2",
"tg-ha-door": "tg-ha-door"
}
},
"search": {
"inputs": {
"flake-utils": "flake-utils",
"ixx": "ixx",
"nixpkgs": [
"tg-ha-door",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754869408,
"narHash": "sha256-G1zNuxiCDfqNQVoL9j5v+ZYfUER7AI158ev98/JC8LI=",
"owner": "NuschtOS",
"repo": "search",
"rev": "2f5478267557a0f7a70d953b6c0867a5b4282739",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
} }
}, },
"sops-nix": { "sops-nix": {
@ -208,11 +332,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1754328224, "lastModified": 1754988908,
"narHash": "sha256-glPK8DF329/dXtosV7YSzRlF4n35WDjaVwdOMEoEXHA=", "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "49021900e69812ba7ddb9e40f9170218a7eca9f4", "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -236,6 +360,58 @@
"type": "github" "type": "github"
} }
}, },
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tg-ha-door": {
"inputs": {
"flocken": "flocken",
"nixpkgs": [
"nixpkgs"
],
"search": "search"
},
"locked": {
"lastModified": 1755008682,
"narHash": "sha256-7KRljl+Kh3CeL530LxAzTCs19zPSTd63Ats6x0d7zM8=",
"owner": "peprolinbot",
"repo": "tg-ha-door",
"rev": "8d981e2b4b047d0aca3226b2bf1a7d4eb2c3fa10",
"type": "github"
},
"original": {
"owner": "peprolinbot",
"repo": "tg-ha-door",
"type": "github"
}
},
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -244,11 +420,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1754492133, "lastModified": 1754847726,
"narHash": "sha256-B+3g9+76KlGe34Yk9za8AF3RL+lnbHXkLiVHLjYVOAc=", "narHash": "sha256-2vX8QjO5lRsDbNYvN9hVHXLU6oMl+V/PsmIiJREG4rE=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "1298185c05a56bff66383a20be0b41a307f52228", "rev": "7d81f6fb2e19bf84f1c65135d1060d829fae2408",
"type": "github" "type": "github"
}, },
"original": { "original": {

5
flake.nix
View file

@ -8,6 +8,11 @@
url = "github:nix-community/home-manager/release-25.05"; url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
tg-ha-door = {
url = "github:peprolinbot/tg-ha-door";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = { outputs = {

5
machines/aresix/configuration.nix
View file

@ -1,6 +1,9 @@
{...}: { {...}: {
imports = [ imports = [
./modules/reverse-proxy.nix
./modules/home-assistant.nix
./modules/dyndns.nix
./modules/network.nix
]; ];
services.logind.lidSwitch = "ignore"; services.logind.lidSwitch = "ignore";

15
machines/aresix/modules/dyndns.nix Normal file
View file

@ -0,0 +1,15 @@
{config, ...}: {
clan.core.vars.generators.duckdns = {
prompts.token = {
description = "Duck DNS token used to update the Dynamic DNS";
type = "hidden";
persist = true;
};
};
services.duckdns = {
enable = true;
domains = ["campares.duckdns.org"];
tokenFile = config.clan.core.vars.generators.duckdns.files.token.path;
};
}

73
machines/aresix/modules/home-assistant.nix Normal file
View file

@ -0,0 +1,73 @@
{
inputs,
config,
...
}: {
imports = [inputs.tg-ha-door.nixosModules.tg-ha-door];
clan.core.vars.generators.tg-ha-door = {
prompts.telegram-bot-token = {
description = "Telegram token for the tg-ha-door bot";
type = "hidden";
};
prompts.home-assistant-auth-token = {
description = "Home Assistant token tg-ha-door will use to connect to the instance";
type = "hidden";
};
files.credentials-file.secret = true;
script = ''
{
echo "TG_BOT_TOKEN=$(<$prompts/telegram-bot-token)"
echo "HA_AUTH_TOKEN=$(<$prompts/home-assistant-auth-token)"
} > $out/credentials-file
'';
};
services.tg-ha-door = {
enable = true;
credentialsFile = config.clan.core.vars.generators.tg-ha-door.files.credentials-file.path;
settings = {
TG_KEY_CHAT_ID = "-1001455284010";
TG_LOG_CHAT_ID = "-1001359679497";
HA_URL = "http://[::1]:8123";
HA_DOOR_ENTITY_ID = "cover.puerta_verde";
DOOR_OPEN_CLOSE_TIME = 60;
};
};
services.esphome.enable = true;
services.home-assistant = {
enable = true;
openFirewall = true;
extraComponents = [
# Components required to complete the onboarding
"analytics"
"google_translate"
"met"
"radio_browser"
"shopping_list"
# Recommended for fast zlib compression
# https://www.home-assistant.io/integrations/isal
"isal"
# Additional components
"esphome"
"mobile_app"
];
config = {
http = {
trusted_proxies = ["::1"];
use_x_forwarded_for = true;
};
default_config = {};
"automation ui" = "!include automations.yaml";
"scene ui" = "!include scenes.yaml";
"script ui" = "!include scripts.yaml";
};
};
}

18
machines/aresix/modules/network.nix Normal file
View file

@ -0,0 +1,18 @@
{...}: {
networking = {
interfaces = {
enp1s0.ipv4.addresses = [
{
address = "192.168.1.30";
prefixLength = 24;
}
];
};
defaultGateway = {
address = "192.168.1.1";
interface = "enp1s0";
};
nameservers = ["1.1.1.1" "8.8.8.8"];
};
}

32
machines/aresix/modules/reverse-proxy.nix Normal file
View file

@ -0,0 +1,32 @@
{...}: {
security.acme = {
acceptTerms = true;
defaults.email = "personal+letsencrypt@peprolinbot.com";
};
networking.firewall.allowedTCPPorts = [80 443];
services.nginx = {
enable = true;
# Use recommended settings
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts = {
"ha.campares.duckdns.org" = {
forceSSL = true;
enableACME = true;
extraConfig = ''
proxy_buffering off;
'';
locations."/" = {
proxyPass = "http://[::1]:8123";
proxyWebsockets = true;
};
};
};
};
}

19
sops/secrets/duckdns-token/secret
View file

@ -1,19 +0,0 @@
{
"data": "ENC[AES256_GCM,data:G7Yjne4hVJACbokvD7NKXfMZY30uS0nFZ9N7XspbbojMb0/Y,iv:ujUBZ6hikqw8eaT8lDaXwKQnl3zJH9tdn2d2XX9N7kU=,tag:TE12/T+UWa5jlKuMEpJ8jg==,type:str]",
"sops": {
"age": [
{
"recipient": "age12dw69nvfyqype23gmn4cy7wccr6ct3luj05hat4g65kzwqz9rpzs7z4jpe",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5TjdOYzBLTHd0dWZMdS9V\nNnE5TWJpSVVtZWpPaU42eDdpNWlTL0RkUjFzCmJYUm5IbWNBeGRXdVFsRzdSdXN0\ncXZKYlhwV05OWW9LNC9IeHozNTFVMDQKLS0tIGtTU0pNNzZUZDhjTVJ6UnBXbm9r\nQncxRjI0NkJUYm90TWdNLzZrbGlLTGcKPZnVq/AKN1melr8J0qw1LPhFLu4W2MrJ\nGA7v/AHdttjdgttBSMXD1xqVh51wBaLmvq+uV2uyOICmpBQjAuq+qw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwZGZqTzZCeXdlWGdPTHhP\nZmNZRVNVWUJiL01YQmFyVy92TUhYMkswZVZJCmdzOUs0N3h2czBlaDNINDVlVllP\nQ0x1Mk1NQ2MyV2owaDBFZ2RmZkVPTDgKLS0tIHlEVWJtK0p0WXZLZHR1WXRXbXJM\ndjJxREhJajUyRGg1YjFEMTlRVUs2cGMKKOy4TrLw/tjQFUe0xTkwn89nj42QUBov\n9Cz4eS/MBukX8PIuzSIyQKz/+IvlJDo2yIVkxZLFHrbFutYWCzoMrg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-08-09T23:12:46Z",
"mac": "ENC[AES256_GCM,data:iGaV0VNShS98ibtTfMasv+Z1B6bsYQdDrwyxIJqiUpZGSXAuuU/kJKhDjIDDdXS/OX8JaHqIubAo66Ro00uLv+HDUOsyt8+5JWwUP1OzrUliR9PqtlNGLRO/3aF780Zlyy847ZdTzT6fm3K3OG720GcnXg2jFoQ4dYjwM6+BBsc=,iv:Xi/Mgsf/vHDRtDFPaiIm9kz4kSVkm28YPZ2uNA+ixGQ=,tag:hlXN0Qa1mgkODQVWtbvdmg==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

0
sops/secrets/duckdns-token/machines/aresix → sops/secrets/tg-ha-door-creds/machines/aresix
View file

19
sops/secrets/tg-ha-door-creds/secret Normal file
View file

@ -0,0 +1,19 @@
{
"data": "ENC[AES256_GCM,data:nF3dqb+z1CU/RWaAZmBQItOp2fQrMGDf3qjyvVnC73ERFHGLdeO6L0rI5IT81h7QGbjPf15rXX5TlNRhafAlorH7H5ZWRZgmCkFyOr2Imf4rvBu3Cp9pi5ioe3lv4omZn0puXu1vgsh/k/JLxQl1QjRhVFcBFE6TPs7bi8+AzIlSUfhfUb8ZHzyN/dr5DaxsLXaFsvnjWWUSTLiqujRMzIp/R5w32bvUDvquTsDLE2Pb9VCcwMTxw2+uWem9mA47HUTLpPjks4X1Zghx8LcD8qLfOfmpeZBqESHjFh+iBE9CsOvhpjL8H5hLePmrbYlIIImSVX1dJrbiFRZ7GZZOdKg=,iv:Mp4u/LiIhFm3AXzGL8/l4iUsvslukywG9UyO5gfl8zs=,tag:j4nQ/lJUd0CYFssl5UK2/Q==,type:str]",
"sops": {
"age": [
{
"recipient": "age12dw69nvfyqype23gmn4cy7wccr6ct3luj05hat4g65kzwqz9rpzs7z4jpe",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXMnVmdGU2RWUra3RvMjQx\nNzFVV1MrUkV5QWZTSFZKZDg1N1VsbVhpcVUwClgwdWdqdklnZUQ5RWJUTHRmMktz\nNVVNaUN5cjQ5cXFpc0syTTEveHF1MlEKLS0tIGVWZGNOQ010ekQyS2Mvck1pVEsv\nNjlBOWtpUnd0eE9pZEczSTlMVDNXS0UKVy8fRJjx1pbDrE4UWDC3ToE7mlRGPX6x\nklEE0V0vNF9K4VTMOPsmX5+kFeJ6BzuZ8sDcEbhrgPJiOq1iB1Jq6Q==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSdkl1K0ZxOXdVYVR1cmNh\neUI2MS9DVUZqdWI4dFFEZ3MybTZ3MTB5RzFjCkhMRDRxWjNFYks3K1ZRQWlpY2FD\nRnExUmNpZEE0WnpPbGhENXlQeGxXaFEKLS0tIHIvdDZvM2NwL2hIT2xqOUJKd09j\nS1ZXOTRnbjkzUUlaQk9nRFYwV0pjVncK3dDkECQGlQKzv8Vhzb0LGy2qDWvTKCrf\nECYs9phEeqY9idfilt6LxkZvPo78To154X11ai9ikizLKO/q5EeWhg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-08-14T13:07:05Z",
"mac": "ENC[AES256_GCM,data:EyZF+5pu8PeUIiIrD4j3i9IQOTSs30D8b57ygkAO1TBLCajKqjMGDT7ULv0ggRfAz0zj7v5RSQkr6VMlpEdbgA6oP41wrrBJbRn3tPCkJ20dItoyHeIGSjLuL7WWEdSjlKeK8TkP8msyK0pp7rNIoR0HX+HyC85ypEiC/PFhfSY=,iv:t59eIanDCzbta7iZQZ/mSGpYbaT0J/8r6a7EXXetoU8=,tag:twx73NwVkTcX/lgQvjtwLQ==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

0
sops/secrets/duckdns-token/users/pedro → sops/secrets/tg-ha-door-creds/users/pedro
View file

1
vars/per-machine/aresix/duckdns/token/machines/aresix Symbolic link
View file

@ -0,0 +1 @@
../../../../../../sops/machines/aresix

19
vars/per-machine/aresix/duckdns/token/secret Normal file
View file

@ -0,0 +1,19 @@
{
"data": "ENC[AES256_GCM,data:W51pdNRamnw8GPmvaXBc4Usn2sNibH9HvgheWcdf8vs/fMhE,iv:aiVHhLbe7zVgKhg7xzE5qEHlD8NVc18aHHzd/NrzAK0=,tag:8z7ICtg8vhXk3454tVKT8g==,type:str]",
"sops": {
"age": [
{
"recipient": "age12dw69nvfyqype23gmn4cy7wccr6ct3luj05hat4g65kzwqz9rpzs7z4jpe",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTSEJNTUMveEFkOHJGRGhJ\naUFrTmRHTFFsM1ljUmljcW53amU4Ymc3cEU0CktLNG9WRUVORkF6RDVyOWoxbkE5\nbHd2c2IybVgxNDBKa2hPcWN5K1M5MmcKLS0tIDVBUVdWTncva3VVOFNFZ3hPWkpK\nUllSM3FtRisrUFMxRFd1M0s3Sm9ORm8K5ktz+YLzsOj63lP1KWyqa6EiFLfm3miz\naib7kPYuXZ3theWsEw8hc0VzbAJurzrb9vryhQCAxuv5tobQoi5MnQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1Zk96SnVZcXJPZkJwa0xV\nWkNGckt5RDB2RDNsNVI4MFNwRndWRXJvcFFJCmo1dllOWnhhSTNWUkkxMWhPVFRp\nazJuMHREbGFoVG0vSm1qZytEQWh4dFEKLS0tIGJWNjBTTE94cGV1M0Z6dXEvYjNV\nK08wd3JDS0VpbnpqVWRhODhENWdpVk0KYScevJZLmnQq3aj5Swh/b5saxMVuOS97\nff7KJkJc9eDTHCDNUz9dZUmtAJrlQ3Vxcjr/fNHKkbpIRX8henlgfw==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-08-21T11:15:34Z",
"mac": "ENC[AES256_GCM,data:WkEIqxULjaUlcWASBN4IsrDPs4/ojvuBcSHY+7N8eM5R+fcXg5acS+Uful9L81m4lbBTVc48D+0qYmhsm9dFNLWdmaBscVLKfPc/r9lj/SaydpMNEO4qEIgdGVEbhODIlmZBEaYPjsQrjvWUsk5//zwSq+0AY3AkoeqcpofBsak=,iv:NC+PhRe14H1rp+Pw5U5IDBjKylXJxOmtjG81A9tcUi4=,tag:DGctC1Ge/KvXYFzEBIuGeQ==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

1
vars/per-machine/aresix/duckdns/token/users/pedro Symbolic link
View file

@ -0,0 +1 @@
../../../../../../sops/users/pedro

1
vars/per-machine/aresix/tg-ha-door/credentials-file/machines/aresix Symbolic link
View file

@ -0,0 +1 @@
../../../../../../sops/machines/aresix

19
vars/per-machine/aresix/tg-ha-door/credentials-file/secret Normal file
View file

@ -0,0 +1,19 @@
{
"data": "ENC[AES256_GCM,data:pgqGVVzrBFAZUrvUjmOP6/bOwiMa6rdvsrP/G/IdJLK3r1cuSNz+V8eLf7sRQFrPSRNutorO8B2Ni8YZRJ6dBojSs95i0igp49lW3gbO7qQbUaoY/0Pz16XZAhBr0o9XWd8BOQNHTcoqdxxZKYylQySZEBXL8VQO5/BE7tageeEam8x31KExT7m+KHjKO8hV0XFzvXCnIpu7wpfJWsE04PXK+oY5LYpe3cCxtg+1wyBfTp+BFP2I5XZ+Exs+ldOwjMHXJBLP7gSkxggoKRILTsazntUCkk4NxBPqvh7+K4TanRHOONOPnqHXvZfRPrrTbVJdB3Cpe4qvSSDHqry3qSQ=,iv:UinSEY6cXYEPrwHTgWkwggnp4UkfPPNrgKzD2PmpHlQ=,tag:qQmirO5/xCE0vNoTYhmz+A==,type:str]",
"sops": {
"age": [
{
"recipient": "age12dw69nvfyqype23gmn4cy7wccr6ct3luj05hat4g65kzwqz9rpzs7z4jpe",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKTnpQRnFPRys3dC9nSm5N\ncVJPRWJtbUM0SnN5Nm1YZjAwTS8rVGliYUdJCkdjZlQrUldXaHdhOHo2cldlL0Fq\nU2hqQjNuVkF0Q2Z1MzNyTU9wODNzMGMKLS0tIERuUkZpYzN3NVhNTWRzZEhHemZl\nd01zcGdJdWxsTDNhTG93UlBxZFduaG8KtMvXaBsN9PQ2efabYkfmwpbft5uCYz1k\nqnVEIpNOSzeBhES/3goSgHIQnOU5suDq9K7g9zoK8sRFu4xA6s4esg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSR0Y3eldHOTBpb29jR3dX\ndkY2OHJCN0VDRFhFTlMwbTdZV2hoQ1FZMEM4CkY4U0gvV21VTFE4ZUl5KzZqT3hw\nb0RGNEV4MFF4MGExN1BHRkhVUU91VkEKLS0tIEJWNEg4TUZpLzNmTURERHhRd0tv\nTkJZK09PUVErT1h4RkFVczdWa0JTRlUK8uM4HsUeA6U35Z1eWkRs00vIWGy17qVR\n8uXh/X4jwBtoSgGhisofEoyfXK7CK6R9Jb1VCS8y9nI+sYbOCBp8AA==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-08-21T13:43:46Z",
"mac": "ENC[AES256_GCM,data:LGw8L3Qq2bRD1OgY2YG5074WVFUJPS9fF5r/TQXYqSNLH4yRumKqyAWWi3wpf4hoDUa9/dkmmsOKbiBq1jVZhRGvUUo246xyd09UMXgNOkYYMkF1PYnz1NCWl1VsmIdm1aGxxpSyGVtoUG7d+bgV9WmFq8yne9VGoO6TOfKmYRY=,iv:yQlt5Q5ApmwzWoS1fdrtiwVfodqRZ3RXI6jBple/gpI=,tag:ifs7TLXvIp9mUgVuoMQV3g==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

1
vars/per-machine/aresix/tg-ha-door/credentials-file/users/pedro Symbolic link
View file

@ -0,0 +1 @@
../../../../../../sops/users/pedro