diff --git a/.sops.yaml b/.sops.yaml index a947dfb..1a20418 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -20,3 +20,10 @@ creation_rules: - *workstation - *server - *miniserver + - path_regex: secrets/env.yaml$ + key_groups: + - age: + - *devkey + - *workstation + - *server + - *miniserver diff --git a/hosts/miniserver/hardware-configuration.nix b/hosts/miniserver/hardware-configuration.nix index e6b7556..0680fa9 100644 --- a/hosts/miniserver/hardware-configuration.nix +++ b/hosts/miniserver/hardware-configuration.nix @@ -135,11 +135,6 @@ options = [ "bind" ]; depends = [ "/mnt/pool" ]; }; - "/export/disks" = { - device = "/mnt/disks"; - options = [ "bind" ]; - depends = [ "/mnt/disks" ]; - }; }; services.nfs = { server = { @@ -147,7 +142,6 @@ exports = '' /export workstation(rw,fsid=0,no_subtree_check) /export/jawz workstation(rw,nohide,insecure,no_subtree_check) - /export/disks workstation(rw,nohide,insecure,no_subtree_check) /export/pool workstation(rw,nohide,insecure,no_subtree_check) ''; }; diff --git a/hosts/server/configuration.nix b/hosts/server/configuration.nix index 5f02de3..18d78d8 100644 --- a/hosts/server/configuration.nix +++ b/hosts/server/configuration.nix @@ -17,7 +17,13 @@ ffmpeg4discord.enable = true; }; }; - networking.hostName = "server"; + networking = { + hostName = "server"; + firewall = { + allowedTCPPorts = [ 2049 ]; + allowedUDPPorts = [ 2049 ]; + }; + }; nix = let featuresList = [ "nixos-test" @@ -50,7 +56,7 @@ [ (builtins.readFile ../../secrets/ssh/ed25519_nixworkstation.pub) ]; }; }; - services.btrfs = { + services.btrfs.autoScrub = { enable = true; fileSystems = [ "/" ]; }; diff --git a/hosts/server/hardware-configuration.nix b/hosts/server/hardware-configuration.nix index c0c053c..5b6f440 100644 --- a/hosts/server/hardware-configuration.nix +++ b/hosts/server/hardware-configuration.nix @@ -130,11 +130,6 @@ options = [ "bind" ]; depends = [ "/mnt/pool" ]; }; - "/export/disks" = { - device = "/mnt/disks"; - options = [ "bind" ]; - depends = [ "/mnt/disks" ]; - }; }; services.nfs = { server = { @@ -142,7 +137,6 @@ exports = '' /export workstation(rw,fsid=0,no_subtree_check) /export/jawz workstation(rw,nohide,insecure,no_subtree_check) - /export/disks workstation(rw,nohide,insecure,no_subtree_check) /export/pool workstation(rw,nohide,insecure,no_subtree_check) ''; }; diff --git a/hosts/workstation/configuration.nix b/hosts/workstation/configuration.nix index 82765eb..cff9fc9 100644 --- a/hosts/workstation/configuration.nix +++ b/hosts/workstation/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, config, ... }: { +{ pkgs, config, lib, ... }: { imports = [ ./hardware-configuration.nix ../../base.nix @@ -121,9 +121,10 @@ enable = true; useUpnp = true; enableWebUI = true; - httpPass = "cat ${config.sops.secrets."resilio/password".path}"; - httpLogin = "cat ${config.sops.secrets."resilio/user".path}"; - deviceName = "cat ${config.sops.secrets."resilio/host".path}"; + httpPass = + "Uplifting-Proofs-Eggshell-Molecule-Wriggly-Janitor3-Padded-Oxidizing"; + deviceName = "Oversweet3834"; + httpLogin = "Oversweet3834"; httpListenPort = 9876; httpListenAddr = "0.0.0.0"; directoryRoot = "/resilio"; diff --git a/hosts/workstation/hardware-configuration.nix b/hosts/workstation/hardware-configuration.nix index 119e635..5d8601d 100644 --- a/hosts/workstation/hardware-configuration.nix +++ b/hosts/workstation/hardware-configuration.nix @@ -76,9 +76,8 @@ "/mnt/games" = btrfsMount "games" // { }; "/mnt/miniserver/pool" = nfsMount "miniserver" "pool" // { }; "/mnt/miniserver/jawz" = nfsMount "miniserver" "jawz" // { }; - #"/mnt/server/pool" = nfsMount "server" "pool" // { }; - #"/mnt/server/jawz" = nfsMount "server" "jawz" // { }; - # "/mnt/miniserver/btrfs" = nfsMount "btrfs" // { }; + # "/mnt/server/pool" = nfsMount "server" "pool" // { }; + # "/mnt/server/jawz" = nfsMount "server" "jawz" // { }; "/boot" = { device = "/dev/disk/by-uuid/ac6d349a-96b9-499e-9009-229efd7743a5"; fsType = "ext4"; diff --git a/modules/servers/flame.nix b/modules/servers/flame.nix index 53cbe97..c672bc2 100644 --- a/modules/servers/flame.nix +++ b/modules/servers/flame.nix @@ -8,7 +8,7 @@ in { flameSecret.enable = lib.mkEnableOption "enable"; }; config = lib.mkIf config.my.servers.flame.enable { - sops.secrets.flame = { }; + sops.secrets.flame.sopsFile = ../../secrets/env.yaml; virtualisation.oci-containers = { backend = "docker"; containers = { @@ -20,11 +20,11 @@ in { "${config.my.containerData}/flame:/app/data" "${config.my.containerSocket}:${config.my.containerSocket}" ]; + environmentFiles = [ config.sops.secrets.flame.path ]; environment = { TZ = "America/Mexico_City"; PUID = "1000"; PGID = "100"; - PASSWORD_FILE = config.sops.secrets.flame-password.path; }; }; flame-nsfw = { @@ -32,11 +32,11 @@ in { image = "pawelmalak/flame"; ports = [ "${toString portSecret}:${toString port}" ]; volumes = [ "${config.my.containerData}/flame-nsfw:/app/data" ]; + environmentFiles = [ config.sops.secrets.flame.path ]; environment = { TZ = "America/Mexico_City"; PUID = "1000"; PGID = "100"; - PASSWORD_FILE = config.sops.secrets.flame-password.path; }; }; }; diff --git a/modules/servers/kavita.nix b/modules/servers/kavita.nix index 483bfcc..ea7bd92 100644 --- a/modules/servers/kavita.nix +++ b/modules/servers/kavita.nix @@ -1,7 +1,10 @@ { lib, config, proxyReverse, ... }: { options.my.servers.kavita.enable = lib.mkEnableOption "enable"; config = lib.mkIf config.my.servers.kavita.enable { - sops.secrets.kavita-token = { }; + sops.secrets.kavita-token = { + owner = config.users.users.kavita.name; + inherit (config.users.users.kavita) group; + }; users.users.kavita = { isSystemUser = true; group = "kavita"; diff --git a/modules/servers/maloja.nix b/modules/servers/maloja.nix index fbe6ff8..3c94837 100644 --- a/modules/servers/maloja.nix +++ b/modules/servers/maloja.nix @@ -5,12 +5,13 @@ let in { options.my.servers.maloja.enable = lib.mkEnableOption "enable"; config = lib.mkIf config.my.servers.maloja.enable { - sops.secrets."maloja/password" = { }; + sops.secrets.maloja.sopsFile = ../../secrets/env.yaml; virtualisation.oci-containers = { backend = "docker"; containers.maloja = { image = "krateng/maloja"; ports = [ "${toString port}:${toString port}" ]; + environmentFiles = [ config.sops.secrets.maloja.path ]; environment = { TZ = "America/Mexico_City"; MALOJA_TIMEZONE = "-6"; @@ -18,8 +19,6 @@ in { PGID = "100"; MALOJA_DATA_DIRECTORY = "/mljdata"; MALOJA_SKIP_SETUP = "true"; - MALOJA_FORCE_PASSWORD = - "cat ${config.sops.secrets."maloja/password".path}"; }; volumes = [ "${config.my.containerData}/maloja:/mljdata" ]; labels = { diff --git a/modules/servers/mealie.nix b/modules/servers/mealie.nix index 65af8b9..f8d9f3b 100644 --- a/modules/servers/mealie.nix +++ b/modules/servers/mealie.nix @@ -6,10 +6,7 @@ let in { options.my.servers.mealie.enable = lib.mkEnableOption "enable"; config = lib.mkIf config.my.servers.mealie.enable { - sops.secrets = { - "smtp/email" = { }; - "smtp/password" = { }; - }; + sops.secrets.mealie.sopsFile = ../../secrets/env.yaml; virtualisation.oci-containers = { backend = "docker"; containers.mealie = { @@ -17,6 +14,7 @@ in { image = "ghcr.io/mealie-recipes/mealie:v1.4.0"; ports = [ "${toString port}:9000" ]; volumes = [ "${config.my.containerData}/mealie:/app/data/" ]; + environmentFiles = [ config.sops.secrets.mealie.path ]; environment = { TZ = "America/Mexico_City"; ALLOW_SIGNUP = "true"; @@ -27,9 +25,6 @@ in { BASE_URL = url; SMTP_HOST = "smtp.gmail.com"; SMTP_PORT = "587"; - SMTP_FROM_EMAIL = "cat ${config.sops.secrets."smtp/email".path}"; - SMTP_USER = "cat ${config.sops.secrets."smtp/email".path}"; - SMTP_PASSWORD = "cat ${config.sops.secrets."smtp/password".path}"; }; extraOptions = [ "--memory=1g" # VA-API (omit for NVENC) diff --git a/modules/servers/multi-scrobbler.nix b/modules/servers/multi-scrobbler.nix index 3d8472e..e4f750b 100644 --- a/modules/servers/multi-scrobbler.nix +++ b/modules/servers/multi-scrobbler.nix @@ -6,34 +6,22 @@ let in { options.my.servers.multi-scrobbler.enable = lib.mkEnableOption "enable"; config = lib.mkIf config.my.servers.multi-scrobbler.enable { - sops.secrets = { - "maloja/apikey" = { }; - "multi-scrobbler/deezer/client-id" = { }; - "multi-scrobbler/deezer/client-secret" = { }; - }; + sops.secrets.multi-scrobbler.sopsFile = ../../secrets/env.yaml; virtualisation.oci-containers = { backend = "docker"; containers.multi-scrobbler = { image = "foxxmd/multi-scrobbler"; ports = [ "${toString port}:${toString port}" ]; + environmentFiles = [ config.sops.secrets.multi-scrobbler.path ]; environment = { TZ = "America/Mexico_City"; PUID = "1000"; PGID = "100"; BASE_URL = url; - # JELLYFIN_USER = "jawz"; - # JELLYFIN_SERVER = "DaniloFlix"; - DEEZER_CLIENT_ID = "cat ${ - config.sops.secrets."multi-scrobbler/deezer/client-id".path - }"; - DEEZER_CLIENT_SECRET = "cat ${ - config.sops.secrets."multi-scrobbler/deezer/client-secret".path - }"; DEEZER_REDIRECT_URI = "http://${config.my.miniserver-ip}:${ toString port }/deezer/callback"; MALOJA_URL = "https://maloja.${config.my.domain}"; - MALOJA_API_KEY = "cat ${config.sops.secrets."maloja/apikey".path}"; WS_ENABLE = "true"; }; volumes = [ "${config.my.containerData}/multi-scrobbler:/config" ]; diff --git a/modules/servers/ryot.nix b/modules/servers/ryot.nix index b49504f..6313482 100644 --- a/modules/servers/ryot.nix +++ b/modules/servers/ryot.nix @@ -6,23 +6,17 @@ in { options.my.servers.ryot.enable = lib.mkEnableOption "enable"; config = lib.mkIf (config.my.servers.ryot.enable && config.my.servers.postgres.enable) { - sops.secrets = { - "ryot/twitch/id" = { }; - "ryot/twitch/secret" = { }; - }; + sops.secrets.ryot.sopsFile = ../../secrets/env.yaml; virtualisation.oci-containers = { backend = "docker"; containers.ryot = { image = "ghcr.io/ignisda/ryot:v5.5.0"; ports = [ "8765:8000" ]; + environmentFiles = [ config.sops.secrets.ryot.path ]; environment = { TZ = "America/Mexico_City"; DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}"; FRONTEND_INSECURE_COOKIES = "true"; - VIDEO_GAMES_TWITCH_CLIENT_ID = - "cat ${config.sops.secrets."ryot/twitch/id".path}"; - VIDEO_GAMES_TWITCH_CLIENT_SECRET = - "cat ${config.sops.secrets."ryot/twitch/secret".path}"; }; volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ]; diff --git a/secrets/env.yaml b/secrets/env.yaml new file mode 100644 index 0000000..19a6583 --- /dev/null +++ b/secrets/env.yaml @@ -0,0 +1,52 @@ +flame: ENC[AES256_GCM,data:XsYRsA2xs+juWje2Od2Yl2xIvU0OS8xMrtwtcK/0NyyRrg==,iv:FR8lHsNQNCaOy4P+7BsIjNCz+H38i5RlwLYQ4fpB2+w=,tag:61EV7H04pcr1bSX4nSvlpw==,type:str] +ryot: ENC[AES256_GCM,data:Vlo6pv2+LuQxvdprI53BoQpngRfUWhqE07o+9ZKLZiaJBC6FCdFbeu37mo7QqGUJ34bHDP87PGU2IDPC69XURbVLy3QpgSqKiQlM56XoXr4Yz+B4MGVkVr384r5bQ6eMoSpIJ25UgMotuYWNgdyixKS+Nu/+pGLtVS/YtQ==,iv:YZs3zAlHuK9fz0OGAX9vQxoaYbzojwXpY++LwIxF6Ig=,tag:t2n8F1ll2ZN44AYDOjmhLQ==,type:str] +mealie: ENC[AES256_GCM,data:RjKqDs70lWhGN0LXPp3feQfW/WtfJlR6vX++0hwGtqcA3iepEh2Ab/36YRKbsVRBkglp0u18MusTmP0LSHUpzgCn/c/5ZzzRLGL83K3aQRlg8JtdTvzvEnLQSdE=,iv:GEfa8LwpOhkqWtLk0I5F14zkHcnFjVhVaHeLSFlDkN4=,tag:lkGcFn91hVxraMHCKF7rXQ==,type:str] +maloja: ENC[AES256_GCM,data:yCwokfD4I1Boy2NOhOTLA3dWgUVOdSzWKIEdYC0klvYu41IGcM8bM65uYFmiOtk+jHgt6j3kO/pBBlC4w/iTElphTqFyFRGdBN4fNRntAhMzqOszBZII,iv:Vf9hfNwSTBkh2cXV7Y2fv4NA8kng2M1i7BtTXJvy4u4=,tag:KLc8sP6N2/Pp/9069E3aPQ==,type:str] +multi-scrobbler: ENC[AES256_GCM,data:4KENPA2BoCgBmlBkGrOzI7AOxwtpPjuBHi92XqbQzc3O7Wi6XHjcsAoeY3qWmH8MEB/QhZOh0jLWxJHwSFmHo8T3yG+KYCYzwjSD9c8CySrbwZZZ5S6G/qiQx4p1DDJv5KXk2SW/1gruKGEFgizk7qWpN0dUYgwnrBMjyeWu4UjuVZtrlWQoKRbsMA/8dbIzFuNTTu94E+IPZ8KFKkir13Odc3zROHdxfFZibVXndr40KVZBC4URruZLCT4pLPSHP0GqF69Z+cdI3VaMD5r/Ig==,iv:09d58aMTuFvtr7TMzGHoU8cu2IWHK++pYgLBkQDU0+U=,tag:TkF/a+jbptIr3ddBRN8PBQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1lufn6t35gs4wgevyr2gud4eec7lvkn7pgnnv4tja64ww3hef7gqq8fas37 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDclRxNVVzaC9lazNQSEdp + UzNBaTRnNzhzM0dLaVk1QlBaK2ZUelhoWmcwCjAzcnNsakxONSs2UThpNjhMMGpr + TGtnY21OTnd5NXdvdlpKamNCdXNjbzAKLS0tIFVxbGNLNWhudFRoRjBOblNrdW9k + VkhOV1BScVQ0RkF2bDBabUs1a2toMTQKDAeEu3+vuVKcpm27igmQuBvFfsMd7o9H + Wbinft1NiaQhc+7KtDEx51+tS+cgaGzObkWabyQutDqWEa/2PZLZLA== + -----END AGE ENCRYPTED FILE----- + - recipient: age17jlsydpgl35qx5ahc3exu44jt8dfa63chymt6xqp9xx0r6dh347qpg55cz + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4RC9Ea2VSZy95Q3JJWlhB + VFVBVGxnQit0WC9Vc29Ic0g1aDNBNWFySmxzCngyTDg3R292c3VNUkhvUWNXaThE + NjVjTVlEZHhVODlFeklKNU9peWdad2MKLS0tIFhVTHZoeHV4eVVGOWNHeml0b2JE + ZVZiemVkYmZxMFVEQmVvVkZnaU81OUUKPHdwj8s0Ju2Y0Vh31jnR83nQ3jpqjkhr + 4z5OxYJk2d0uO9f1jNaiIVLRxCdbj3h84f4fQqoQv5csrc5H9mg7Rg== + -----END AGE ENCRYPTED FILE----- + - recipient: age15hx530yrqmhm80vsjmffyg9deq9gssj7hl5rsqdnsn3dwegj9qusv4sjf5 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlNkNLTzcxa3d0M0pJbXlp + b2V1alhBUFY1VVZIZUY3ZHYyVmFKQW5tbGdjCnJXSHpmeDdTWWtHTWt3TVlCR3BU + TXFXZDVabjF3d0JYUk5Mb1c1dkVjMTgKLS0tIDFFbHBCSXlPVlM5YUk4MUNiNWdx + bjg3aWdMbkNDMVd1cTU3NGxPU3cwVjQK4zDOWDUHhK0JVjiYTMTSmGej7yXb5X6G + SLPWPbrB8WLGyK/gdxDrZAxucxe/n/O0CsR5DQubmetfUSowk9RIIw== + -----END AGE ENCRYPTED FILE----- + - recipient: age13w4elx3x6afrte2d82lak59mwr2k25wfz3hx79tny6sfdk66lqjq989dzl + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4WlF0WkxIRkpnR1RhcVJX + b05ZYzk3YU84TDI0cUpBdnRpNGxEQmFIMEVNCkxrTkdkUzBnUDdDQ1RqV3hnamYy + c0owbnVHbjFPY3JsOGIzN0xIZHp5dmsKLS0tIFJwZ1ZFbG5SSmNoMVFYYlNXNWx1 + QXRUYWtGcWZCVW11U3VYRktuUjlCbDgKsTK4WhUza/JuoDTU3uATa6fq/8eYzxtb + 9BUK1ddzx9Mghea9XBMS17YGtGmW800OsLBomb3SINnOFvejcnKf8Q== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-06-23T01:19:23Z" + mac: ENC[AES256_GCM,data:LoLGUFWe23p0KKPxfOnpVylNk5G5uTTpUYGS8vNhEO8ERTfT5PmLQQgnLTNkPGq4ehA+BPDXJtkBpUrpVs7EsVNOzxruLAiGksBlJ0nUd7K4/LKCrInRubkgK1Ipo6kNipPVyeQiypyyaFB7rTTRPsDwd3BNtOT53fdT8zRP5ug=,iv:+mymI1XDKfIp1tDFDZMMJ/LIO7qcwE+tKRD5OD2HRkA=,tag:gvizKWQZqXsAd2egQfeMoA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 290e33a..a93cea7 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -3,21 +3,7 @@ resilio: host: ENC[AES256_GCM,data:iITbrqpJSdM52A==,iv:8sahhsUA9iIXNlJYKAkakllQDbYVOsGuwBulK9FyvTU=,tag:zKKHwrEFUkl3Fcd0RJcIjw==,type:str] user: ENC[AES256_GCM,data:31s2ihj2cN9C5Lyr2w==,iv:2MzKiRoDosawbeQ04LUKbfbSVFUUD6uUYynB6B0WNWw=,tag:GR0lXvLZAPof6WE3Verimg==,type:str] password: ENC[AES256_GCM,data:codFGm4O9QkI2+hbrVK3UqwFWETXyfl9y3Q5lY6UfnIRe/IqWG8Ibly1BUlh7OjKIepXm6m35e6QPioVSiUT5Ll1SIE=,iv:QWqKyKrvm2y2UM2Ir1COxjV0jgU8jTeu9ehnyeXTwCE=,tag:Xtr+r7EphaiLjGwK5gmsMQ==,type:str] -ryot: - id: ENC[AES256_GCM,data:6cWtGJ37HxUAXAFFyM1pFkHuBPr37q7tNRKGZclV,iv:5TyJB3HVz1+/mxg0Xptpx/FGJmx4ahlawPvUgTnL+qM=,tag:0Ildbvc5XUoZuDKiOjIGIQ==,type:str] - secret: ENC[AES256_GCM,data:S5FPP9Y3KRY8HPgfPwKj+5qTK55FZUeHHC45yb+z,iv:79GtYLGktv8uOMLyJ9i0pPjdQT/B6w+6hdykEF8SJ+w=,tag:5lXC1NAr8i60PbRZB6H6sQ==,type:str] -flame-password: ENC[AES256_GCM,data:KZlvGjmdwa9gXf8LmfEM1cNt3oMsD9lH,iv:27DurnhAIF7kSprFZ3LFQ0gnAqClrftvmSmVF68MC2M=,tag:8nepp2CnqKHWSKp+SVUo2Q==,type:str] -maloja: - password: ENC[AES256_GCM,data:2Zw13RUHDupp6Op8U3bnxtgh2mr6uvppvkMFMRrFzQCBOoK7Sfg/dD7wgcuzJgglb7BMgPu04nsY7yXvZFi8Wg==,iv:b6rBtnHoRZdcEO1h1TjdTX7kRL2aBTgnVsRLWnOQypM=,tag:ytK9cL9t00PTA18++gHMmQ==,type:str] - apikey: ENC[AES256_GCM,data:jK2Agtx8i2fyym11viB4yQoeMaCW/Uf4AtgjUuQWgrB8WG82k7xyGza5451HZz7DnYWtlT4BRgZoUX4ZqANpYQ==,iv:oIcO8XRToWYNP7/0V69PelMrN3fqPR/OB4IhXmVzvgU=,tag:WT16lUMYsBvXfZEOpbSLlA==,type:str] kavita-token: ENC[AES256_GCM,data:kt3bTZNf4S7sKfbxzXc4Q+9yTPFTKzvEaR+mysBhhdnht+FuN9o9i9liqy2pKvB7WQmPnjQ/aYEYkcPSPg0NC5NwE7lNY7kUJtyHzYm2wkKqkkDIc/aI+dHhtX1SBF99ZpWEhmgnIA2HtCpYXUjkl4pUTKgNi0cn+bb1NULMY0zHyF2f7faOOKTWatQEuG1ZvBpiNIbPbsMznfdrWe9VEKrdtMg8IkK138Cn+EOSu0mCHdU=,iv:NCjegkB9/O6xq3fdWqhyVJy5YetqIpcDmD0yyBh3XXQ=,tag:IiqZY0mhqyUHJ61DRNHPlw==,type:str] -smtp: - email: ENC[AES256_GCM,data:NDdsAl2bg/R9UiJRJaxVUuQrv1+Q,iv:hnQQLDX5VUE5VkSlwG7U3NiUBxJooJxfGTGVni2DwoA=,tag:RVxv2qoLfr4xSJ1q1yJ1Dw==,type:str] - password: ENC[AES256_GCM,data:vSSQoZr5Wf/okOgoMb11dQ==,iv:3EePkl+sDMUUo5Eaz/TrQa3LLYY2YeXvegH6zqHcTug=,tag:wgwSbFzI+pSEXMDawtEUWw==,type:str] -multi-scrobbler: - deezer: - client-id: ENC[AES256_GCM,data:JvHvPzQT,iv:K6TGrLbqUJSQlx9yrFz+ItGmQxeADs99khfdMQLgkDg=,tag:2VimoFDr1yfjx0aJHc8jnw==,type:str] - client-secret: ENC[AES256_GCM,data:iJtmoRSbt2lN52IYqo1HUov+1OW5WSC3cwpNVmBlFws=,iv:8SkE71+XIwEJabtjd89LMULEKj6ZOBQnn2G06FguMa8=,tag:lR/cVnSLxqFNUGo7sWRRlg==,type:str] sops: kms: [] gcp_kms: [] @@ -60,8 +46,8 @@ sops: RmRyZldlMjUwMEdUUEpDS2JSa2tDTTAKp/pT+0cNnCuKVL+Z0fEMiw1PL9PB/nSM QWVTo0Mt8Y6X0Xt0EAi9G5AYxADZ/mmEWPxB7RFgVAiMKtor5Gy1zw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-06-22T22:45:18Z" - mac: ENC[AES256_GCM,data:u63XyOQMO6ZUieL0efH2d1/OfDrtsTxM3nWIOJHkrs5jQp9LU6KXQcgIC4uyI2xKw5umtiOKS0MjY7GPaLaam4UpwQQhte9PRb61XuzAfOiOHEtMbRi42Aj2C/zp3zIiu77DwhBqcSme317dVdWOBUqtJZ71h9uqDA2BjUjUvl0=,iv:8piGB28+iFYxp+RqAJ8doWZqMhyH/Y8lywm6G14N/Qs=,tag:RfH3OjHnjQH7Z+tk063ybw==,type:str] + lastmodified: "2024-06-23T01:19:22Z" + mac: ENC[AES256_GCM,data:59icrE+rEiuzBY0V8DwZ1XXupMXHUrSBszIOYX3knCAecW5rckeu2tWECJMHAoiXF+NdvCB3MgF+PZ8Gr4GKdz6Og/x2qX0q9pmoHxZCEt2poagcTG5HQ91aH5niTE0wRgzkFSuayldB9lXIJUvsl1CJw2OhjrVDm6ZRAE0fN5I=,iv:wlm4O6zHYFbRxh+XXQIW/v0aC2dqyKyFOuUh1C2HIG4=,tag:WZ2N16qIwZts+Exn12Jg7g==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1