From c469f48b4efe3aabea6630a91aa325bf0170dcf1 Mon Sep 17 00:00:00 2001 From: Nick Date: Wed, 22 Oct 2025 16:48:50 -0500 Subject: [PATCH] feat: refactored and updated smtp config --- modules/config/default.nix | 5 ++- modules/config/instances/config/forgejo.nix | 10 +++--- modules/config/instances/config/mastodon.nix | 10 +++--- modules/config/instances/config/peertube.nix | 10 +++--- modules/config/instances/config/postfix.nix | 31 ------------------- .../config/instances/config/projectSite.nix | 1 - modules/config/instances/config/smtp.nix | 20 +++++++++--- .../instances/config/upRootNutrition.nix | 10 +++--- modules/config/instances/config/web.nix | 4 --- modules/nixos/services/acme/default.nix | 4 +-- .../nixos/services/firefly-iii/default.nix | 14 ++++----- modules/nixos/services/forgejo/default.nix | 10 +++--- modules/nixos/services/mastodon/default.nix | 10 +++--- modules/nixos/services/nextcloud/default.nix | 9 +++--- modules/nixos/services/peertube/default.nix | 10 +++--- .../nixos/services/vaultwarden/default.nix | 8 ++--- modules/nixos/services/website/default.nix | 2 +- secrets/secrets.yaml | 16 +++++----- 18 files changed, 79 insertions(+), 105 deletions(-) delete mode 100755 modules/config/instances/config/postfix.nix diff --git a/modules/config/default.nix b/modules/config/default.nix index 1c0bf98..b850080 100755 --- a/modules/config/default.nix +++ b/modules/config/default.nix @@ -62,6 +62,7 @@ let short = stringType; hostname = stringType; tags = listType; + records = genOptions stringType "record"; domains = genOptions stringType "url"; dns = genOptions stringType "provider"; localhost = genOptions stringType "address"; @@ -257,9 +258,7 @@ in instancesFunctions = { domain0 = "cloudbert.fun"; - domain1 = "the-nutrivore.social"; - domain2 = "the-nutrivore.com"; - domain3 = "uprootnutrition.com"; + domain1 = "uprootnutrition.com"; servicePath = "/mnt/media/NAS1"; sopsPath = "/var/lib/secrets"; sslPath = "/var/lib/acme"; diff --git a/modules/config/instances/config/forgejo.nix b/modules/config/instances/config/forgejo.nix index d9f84a2..f860609 100755 --- a/modules/config/instances/config/forgejo.nix +++ b/modules/config/instances/config/forgejo.nix @@ -1,7 +1,7 @@ { moduleFunctions }: let inherit (moduleFunctions.instancesFunctions) - domain3 + domain1 servicePath sslPath sopsPath @@ -10,14 +10,14 @@ let label = "Forgejo"; name = "forgejo"; subdomain = "source"; - domain = "${subdomain}.${domain3}"; + domain = "${subdomain}.${domain1}"; in { label = label; name = name; short = label; email = { - address0 = "noreply@${domain3}"; + address0 = "noreply@${domain1}"; }; sops = { path0 = "${sopsPath}/${name}"; @@ -38,7 +38,7 @@ in port0 = 3033; }; ssl = { - cert = "${sslPath}/${subdomain}.${domain3}/fullchain.pem"; - key = "${sslPath}/${subdomain}.${domain3}/key.pem"; + cert = "${sslPath}/${subdomain}.${domain1}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain1}/key.pem"; }; } diff --git a/modules/config/instances/config/mastodon.nix b/modules/config/instances/config/mastodon.nix index 639d4a3..3ac1bcc 100755 --- a/modules/config/instances/config/mastodon.nix +++ b/modules/config/instances/config/mastodon.nix @@ -1,7 +1,7 @@ { moduleFunctions }: let inherit (moduleFunctions.instancesFunctions) - domain3 + domain1 servicePath sslPath sopsPath @@ -10,14 +10,14 @@ let label = "Mastodon"; name = "mastodon"; subdomain = "social"; - domain = "${subdomain}.${domain3}"; + domain = "${subdomain}.${domain1}"; in { label = label; name = name; short = "Mast"; email = { - address0 = "noreply@${domain3}"; + address0 = "noreply@${domain}"; }; domains = { url0 = domain; @@ -37,7 +37,7 @@ in path2 = ""; }; ssl = { - cert = "${sslPath}/${subdomain}.${domain3}/fullchain.pem"; - key = "${sslPath}/${subdomain}.${domain3}/key.pem"; + cert = "${sslPath}/${subdomain}.${domain1}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain1}/key.pem"; }; } diff --git a/modules/config/instances/config/peertube.nix b/modules/config/instances/config/peertube.nix index e5c3018..08e404a 100755 --- a/modules/config/instances/config/peertube.nix +++ b/modules/config/instances/config/peertube.nix @@ -1,7 +1,7 @@ { moduleFunctions }: let inherit (moduleFunctions.instancesFunctions) - domain3 + domain1 servicePath sslPath sopsPath @@ -10,14 +10,14 @@ let label = "PeerTube"; name = "peertube"; subdomain = "video"; - domain = "${subdomain}.${domain3}"; + domain = "${subdomain}.${domain1}"; in { label = label; name = name; short = "Peer"; email = { - address0 = "noreply@${domain3}"; + address0 = "noreply@${domain1}"; }; sops = { path0 = "${sopsPath}/${name}"; @@ -40,7 +40,7 @@ in port4 = 52800; }; ssl = { - cert = "${sslPath}/${subdomain}.${domain3}/fullchain.pem"; - key = "${sslPath}/${subdomain}.${domain3}/key.pem"; + cert = "${sslPath}/${subdomain}.${domain1}/fullchain.pem"; + key = "${sslPath}/${subdomain}.${domain1}/key.pem"; }; } diff --git a/modules/config/instances/config/postfix.nix b/modules/config/instances/config/postfix.nix deleted file mode 100755 index e6ea5df..0000000 --- a/modules/config/instances/config/postfix.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ moduleFunctions }: -let - inherit (moduleFunctions.instancesFunctions) - domain3 - servicePath - sslPath - sopsPath - ; - - label = "Postfix"; - name = "postfix"; - domain = "${name}.${domain3}"; -in -{ - label = label; - name = name; - sops = { - path0 = "${sopsPath}/${name}"; - }; - domains = { - url0 = domain; - }; - subdomain = name; - paths = { - path0 = "${servicePath}/${label}"; - }; - ssl = { - cert = "${sslPath}/${domain3}/fullchain.pem"; - key = "${sslPath}/${domain3}/key.pem"; - }; -} diff --git a/modules/config/instances/config/projectSite.nix b/modules/config/instances/config/projectSite.nix index 6257da5..4cbc1ad 100755 --- a/modules/config/instances/config/projectSite.nix +++ b/modules/config/instances/config/projectSite.nix @@ -1,7 +1,6 @@ { moduleFunctions }: let inherit (moduleFunctions.instancesFunctions) - domain3 sslPath sopsPath ; diff --git a/modules/config/instances/config/smtp.nix b/modules/config/instances/config/smtp.nix index 6480427..53707cd 100755 --- a/modules/config/instances/config/smtp.nix +++ b/modules/config/instances/config/smtp.nix @@ -1,13 +1,25 @@ { moduleFunctions }: let inherit (moduleFunctions.instancesFunctions) - dummy + domain0 + domain1 ; + + name = "smtp"; in { - hostname = "mail.smtp2go.com"; - name = dummy; + hostname = "smtp.migadu.com"; + name = name; ports = { - port0 = 2525; + port0 = 465; # TLS + port1 = 587; # StartTLS + }; + email = { + address0 = "noreply@${domain0}"; + address1 = "noreply@${domain1}"; + }; + records = { + record0 = "tls"; + record1 = "starttls"; }; } diff --git a/modules/config/instances/config/upRootNutrition.nix b/modules/config/instances/config/upRootNutrition.nix index 2531f51..2f0785e 100755 --- a/modules/config/instances/config/upRootNutrition.nix +++ b/modules/config/instances/config/upRootNutrition.nix @@ -1,7 +1,7 @@ { moduleFunctions }: let inherit (moduleFunctions.instancesFunctions) - domain3 + domain1 sslPath sopsPath ; @@ -14,13 +14,13 @@ in name = name; short = "upRoot"; email = { - address0 = "nick@${domain3}"; + address0 = "nick@${domain1}"; }; sops = { path0 = "${sopsPath}/${name}"; }; domains = { - url0 = domain3; + url0 = domain1; }; tags = [ name @@ -35,7 +35,7 @@ in port0 = 1234; }; ssl = { - cert = "${sslPath}/${domain3}/fullchain.pem"; - key = "${sslPath}/${domain3}/key.pem"; + cert = "${sslPath}/${domain1}/fullchain.pem"; + key = "${sslPath}/${domain1}/key.pem"; }; } diff --git a/modules/config/instances/config/web.nix b/modules/config/instances/config/web.nix index a388397..346aa82 100755 --- a/modules/config/instances/config/web.nix +++ b/modules/config/instances/config/web.nix @@ -3,8 +3,6 @@ let inherit (moduleFunctions.instancesFunctions) domain0 domain1 - domain2 - domain3 ; label = "Router"; in @@ -15,8 +13,6 @@ in domains = { url0 = domain0; url1 = domain1; - url2 = domain2; - url3 = domain3; }; dns = { provider0 = "namecheap"; diff --git a/modules/nixos/services/acme/default.nix b/modules/nixos/services/acme/default.nix index 2642d1b..3a9fb6e 100755 --- a/modules/nixos/services/acme/default.nix +++ b/modules/nixos/services/acme/default.nix @@ -9,7 +9,6 @@ let inherit (flake.config.services) instances; domain0 = instances.web.domains.url0; domain1 = instances.web.domains.url1; - domain3 = instances.web.domains.url3; domain4 = flake.inputs.linkpage.secrets.domains.projectsite; dns0 = instances.web.dns.provider0; dns1 = instances.web.dns.provider1; @@ -53,7 +52,7 @@ in ) ++ (map (service: { - name = "${instanceName service}.${domain3}"; + name = "${instanceName service}.${domain1}"; value = dnsConfig dns0Path dns0; }) [ @@ -70,7 +69,6 @@ in [ domain0 domain1 - domain3 ] ) ++ (map diff --git a/modules/nixos/services/firefly-iii/default.nix b/modules/nixos/services/firefly-iii/default.nix index 14de80a..b775807 100755 --- a/modules/nixos/services/firefly-iii/default.nix +++ b/modules/nixos/services/firefly-iii/default.nix @@ -26,13 +26,13 @@ in APP_URL = "https://${host}"; APP_KEY_FILE = config.sops.secrets."${service.name}-pass".path; DB_PASSWORD_FILE = config.sops.secrets."${service.name}-data".path; - # MAIL_MAILER = "smtp"; - # MAIL_HOST = smtp.hostname; - # MAIL_PORT = 2525; - # MAIL_FROM = service.email.address0; - # MAIL_USERNAME = service.email.address0; - # MAIL_PASSWORD = ""; # if you ever need to use smtp, you have to hardcode your smtp password here - # MAIL_ENCRYPTION = "tls"; + MAIL_MAILER = smtp.name; + MAIL_HOST = smtp.hostname; + MAIL_PORT = smtp.ports.port0; + MAIL_FROM = smtp.email.address0; + MAIL_USERNAME = smtp.email.address0; + MAIL_PASSWORD_FILE = config.sops.secrets."${service.name}-smtp".path; + MAIL_ENCRYPTION = "tls"; SITE_OWNER = email.address2; }; }; diff --git a/modules/nixos/services/forgejo/default.nix b/modules/nixos/services/forgejo/default.nix index 1a0572a..67138f1 100755 --- a/modules/nixos/services/forgejo/default.nix +++ b/modules/nixos/services/forgejo/default.nix @@ -53,10 +53,10 @@ in mailer = { ENABLED = true; SMTP_ADDR = instances.smtp.hostname; - FROM = service.email.address0; - USER = service.email.address0; - PROTOCOL = "smtp+starttls"; - SMTP_PORT = instances.smtp.ports.port0; + FROM = instances.smtp.email.address1; + USER = instances.smtp.email.address1; + PROTOCOL = "${instances.smtp.name}+${instances.smtp.records.record1}"; + SMTP_PORT = instances.smtp.ports.port1; SEND_AS_PLAIN_TEXT = true; USE_CLIENT_CERT = false; }; @@ -90,8 +90,8 @@ in value = sopsPath secret; }) [ - "smtp" "database" + "smtp" ] ); }; diff --git a/modules/nixos/services/mastodon/default.nix b/modules/nixos/services/mastodon/default.nix index eed56bb..411dbab 100755 --- a/modules/nixos/services/mastodon/default.nix +++ b/modules/nixos/services/mastodon/default.nix @@ -52,7 +52,7 @@ in name = service.name; host = "/run/postgresql"; user = service.name; - passwordFile = config.sops.secrets.mastodon-database.path; + passwordFile = config.sops.secrets."${service.name}-database".path; }; extraConfig = { SINGLE_USER_MODE = "true"; @@ -105,11 +105,11 @@ in smtp = { authenticate = true; createLocally = false; - fromAddress = "upRootNutrition <${service.email.address0}>"; + fromAddress = "upRootNutrition <${smtp.email.address1}>"; host = smtp.hostname; - passwordFile = config.sops.secrets.mastodon-smtp.path; - port = smtp.ports.port0; - user = service.email.address0; + passwordFile = config.sops.secrets."${service.name}-smtp".path; + port = smtp.ports.port1; + user = smtp.email.address1; }; }; caddy = { diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index ce7bce6..15e6827 100755 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -50,14 +50,14 @@ in log_type = "file"; mail_domain = host; mail_from_address = "noreply"; - mail_sendmailmode = "smtp"; - mail_smtpmode = "smtp"; + mail_sendmailmode = smtp.name; + mail_smtpmode = smtp.name; mail_smtphost = smtp.hostname; - mail_smtpport = smtp.ports.port0; + mail_smtpport = smtp.ports.port1; mail_smtpsecure = ""; mail_smtptimeout = 30; mail_smtpauth = 1; - mail_smtpname = service.email.address0; + mail_smtpname = smtp.email.address0; mail_smtppassword = config.sops.secrets."${service.name}-smtp".path; maintenance_window_start = 4; overwriteprotocol = "https"; @@ -107,6 +107,7 @@ in }) [ "pass" + "smtp" ] ); }; diff --git a/modules/nixos/services/peertube/default.nix b/modules/nixos/services/peertube/default.nix index 8510cba..774ab2c 100755 --- a/modules/nixos/services/peertube/default.nix +++ b/modules/nixos/services/peertube/default.nix @@ -53,12 +53,12 @@ in level = "debug"; }; smtp = { - transport = "smtp"; + transport = smtp.name; disable_starttls = false; - from_address = service.email.address0; + from_address = service.email.address1; hostname = smtp.hostname; - port = smtp.ports.port0; - username = service.email.address0; + port = smtp.ports.port1; + username = smtp.email.address1; tls = false; }; }; @@ -107,11 +107,11 @@ in value = sopsPath secret; }) [ - "smtp" "database" "redis" "root" "secret" + "smtp" ] ); }; diff --git a/modules/nixos/services/vaultwarden/default.nix b/modules/nixos/services/vaultwarden/default.nix index 9b6f601..5344629 100755 --- a/modules/nixos/services/vaultwarden/default.nix +++ b/modules/nixos/services/vaultwarden/default.nix @@ -26,12 +26,12 @@ in # Email Configuration SMTP_AUTH_MECHANISM = "Plain"; SMTP_EMBED_IMAGES = true; - SMTP_FROM = service.email.address0; + SMTP_FROM = instances.smtp.email.address0; SMTP_FROM_NAME = service.label; SMTP_HOST = instances.smtp.hostname; - SMTP_PORT = instances.smtp.ports.port0; - SMTP_SECURITY = "starttls"; - SMTP_USERNAME = service.email.address0; + SMTP_PORT = instances.smtp.ports.port1; + SMTP_SECURITY = instances.smtp.records.record1; + SMTP_USERNAME = instances.smtp.email.address0; # Security Configuration DISABLE_ADMIN_TOKEN = false; diff --git a/modules/nixos/services/website/default.nix b/modules/nixos/services/website/default.nix index ed5b44c..ef4d490 100755 --- a/modules/nixos/services/website/default.nix +++ b/modules/nixos/services/website/default.nix @@ -5,7 +5,7 @@ let web ; service = upRootNutrition; - host = web.domains.url3; + host = web.domains.url1; websitePkg = flake.inputs.upRootNutrition.packages.${pkgs.system}.websiteFrontend; in diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 2bc7031..08346a3 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -7,20 +7,20 @@ network: server: ENC[AES256_GCM,data:EFsmXNkuf5OAMh8hjfZTixmmdjqBNIME9JjQC8azeCwcMVInm8bWdxE4OqFmxOk9MAU=,iv:pI6WeM2aQC+7vx1Xmp5O2rikqNLgzuEOg+Lo7TqFQxU=,tag:ElcA8mn9dx+IjIf38nKT5A==,type:str] fallaryn: ENC[AES256_GCM,data:O77hH3STB6zpl0b9iXsVu9OOrlLKUwfs2qI9hdqX4kMuBs3XgT/xsQ==,iv:RDKsuJoy+LIyADMc3bgOEmLKdXtu6kad2aeVetuZdJI=,tag:MrpCZ+iJUnGIjeHMgcYG6Q==,type:str] garnet: ENC[AES256_GCM,data:N8sAdjTAiubQihKrtdCkaJQBKkz6/kNdeATiaZXRhlP/HLg7zg==,iv:8QP1HnGSUGHpkwBwQY2Z0gZ6tYaK7XzMuxXexY6QQaU=,tag:fHzPh9lvqB2BmuSkVH5Ojg==,type:str] -mastodon-smtp: ENC[AES256_GCM,data:8/uQKw0bmDrepKXSv0ausw==,iv:/Dn47RsjYSjGgFEf3BrLKrosTwqzpv4J5SCNFKczdIw=,tag:7GN8oYvXiZuRCPU6mh5Slg==,type:str] +mastodon-smtp: ENC[AES256_GCM,data:GKowwVH7eqZRqJPg+J8q3rJpArtLHs4xdzMMWAFobOU=,iv:alviX07JoGIPDKjFy/SfqfVHMyO38E9AMWV62bOCZpA=,tag:ivOmAjrniHweFPFiwnJJBw==,type:str] mastodon-database: ENC[AES256_GCM,data:qPOU8yGqEQWuMJ4E/fCc+vfKp+YZONb17ZIDHXYZ9RY=,iv:HzVd2ptZBtpRA/XA593WTNL3xJx97hvNx49zIZPBlhQ=,tag:KGZ7Mw2M5O9DBhB+fv+w1Q==,type:str] mastodon-redis: ENC[AES256_GCM,data:aEEOGmyLin80X1uNiLLIuCSGlGjYX9vOl45GuxwlJqE=,iv:3qaZAqwm6tLnB1vCtZ2ZotaZO4/XmQKLe/I+pzqbJj0=,tag:K1y1QoLgGRvi8oJrzcakhQ==,type:str] -peertube-smtp: ENC[AES256_GCM,data:rBmjyf4J7fNbnKICkUIVIw==,iv:wbyTkVmBJLIB4yZibVpr3+6Jn/FMEQSSi7UFCtiCkUg=,tag:ByMTXTyyiys9ONekQGxsYw==,type:str] +peertube-smtp: ENC[AES256_GCM,data:rYwL0RNVvC9DUsSRJ5WpLX3VqT4zHYarxSe/tdRBHqs=,iv:cQKRbxdMOF+g84djLZcOk3hMYifucO+r0JxV8EnRjro=,tag:ZnN/LmQ/A3FR4bdJ9DYoEw==,type:str] peertube-database: ENC[AES256_GCM,data:nm0bHwTcT+ROZc2BC9jx+tXWjZ3689rdn4fdYW+7JTU=,iv:EeQVBAIXPut9gs+I9WpRf7L3f7ACTeTWycUFIKAneKk=,tag:QjGQmZ3zMAgB/WDbxTZVIQ==,type:str] peertube-redis: ENC[AES256_GCM,data:SQoPzPjgf4YN9dhvO0wo2DEra7cTgfZBx4vCBpNVSXI=,iv:mcCwYtE9E/Mb4V0j9NnU9WhaUMeBpX7BOcc8HGDiEvI=,tag:CsSiS4peZhnZ22uNtUC44w==,type:str] peertube-root: ENC[AES256_GCM,data:BR0pmqEYYJuDqK7fstyW/hvh8V1GQXVHP24iz2eDeho500IbWaMuDxkNQyfInmIfjC3YvfsHME3S,iv:EgaLKBHYrklF+q5jBPvGKFYJosZxFFMXElTcyKU0ypQ=,tag:PztyBdK5OzeEDvQi/yqRIg==,type:str] peertube-secret: ENC[AES256_GCM,data:Of4UsWGTXd+uzHE4XkxQOLKBbDd0sQHWQrLgxmn8C9bHgEB85ZnSqOe04IZ4chYKheuzBQ4Vg7pYfGFVBDjx8Q==,iv:cXuVrmQOEHtq7Q6+vzPXKdiuYjLx9hjsd3bCHpBQBqw=,tag:xL8us1XLJsdON/O+BG+xpQ==,type:str] forgejo-database: ENC[AES256_GCM,data:Stnd+vsoBDK0eLmfgaNaSdO6qY0vF1d0WgrAw1U451I=,iv:7CHPXUPXkTXP0GVqHPK3KavysbSOKuUhJ5EoeAh5Mp4=,tag:iqASITas49wrqCRN8TjLIQ==,type:str] -forgejo-smtp: ENC[AES256_GCM,data:hp1MPgzdSdgBZ47KQ+/QvQ==,iv:l/C7FFvyxPo/ndJWhOSThYUGbUZnk1WBdpCGNtnL4iE=,tag:61OGP00MTPYfmoq8yK4vEQ==,type:str] +forgejo-smtp: ENC[AES256_GCM,data:oCLcZWPHqEOZxrg7YHG9tdE5uNNkv68AEEWVzE1d/1U=,iv:vy30yl6R5zoL1PGwgd8fYPer2hqMi2ynQ8ErnPzZ7dU=,tag:YmqlOXksx2YBcITGeeWDWA==,type:str] discord-token: ENC[AES256_GCM,data:KnG6hy6X4WmOyHm7B/P0wfp99zZMWd/T+qnwx2z0QvgAtJSswG+5r1YQug8G8xbCF2gV1YfKIqcklNhnwW9x/JW4+IWN3Kib,iv:Rmeh5PKvl0DZJbZ+8xXpLRZZmZJw900b1LkHP7ldM0U=,tag:CgEMcuFpWpL/oAW3Ozc7Ww==,type:str] minecraft-pass: ENC[AES256_GCM,data:0natV6dEpItFp5zsUKqgVMZLLmqRLBEf,iv:Bc7RTXnpdec0wn25Rb7SkVTf5BjXzq3YCXcjwrC7V9k=,tag:Og5qN94G6pHdpIk6YDg1ZA==,type:str] vaultwarden: - env: ENC[AES256_GCM,data:fsL+z/fSLmlhjdWJrIZ2yuF74AOo0HEnw52KMNa8lwrMRG3r6bEpjg3PD9dQ8tpqWq207Tp1QKWhYSjzmwMYjmN/7CiJpkuWMS37uWQ0bUcZN0zit+ko6g==,iv:MM9DST+uw8MdA/fnVdX+O2QtqVztQDx00DBm2c9cHSE=,tag:KTzlNSNuOY2AS4sZdvdQbg==,type:str] + env: ENC[AES256_GCM,data:1MzIqnV/PCGNNqKVwhxZfmV92vRQsn3OxuvCXUtKyCmoA2xxD91U3EmMikTqM3EOHYAMHbF66YgQC5JjivbIF06OCeXMMLpGuN8ibCUQq7M6PQ34/LDMZnqynmC3/U0FJglSU7o1KA0=,iv:novSYG6j0l17xogdE5WiS2gNPNAVKeX9lgxe5EohBHk=,tag:w43z7a/MzObvVTQh8AiSTA==,type:str] dns: namecheap: ENC[AES256_GCM,data:Afxyf4cHvdnPIXYoPN3viBOzzqUOeRs3YjQ5ugerlnL9H4iSf/iAsxyzHYysOgZ/9xc0OWt6G6A7cEZHW4i82MX1+mLbvWN5ir1iHL73RtesC14=,iv:3XMTQ4TNL7iXPYFLSa+BapSgqILYuM6ZaQLMQZSJ2pc=,tag:PO69wRhCoey+CwPgnOOR6A==,type:str] cloudflare: ENC[AES256_GCM,data:H0ODjZvDZpaicYwM1qX1V05iaiCsJMUo5aIZYVzQ2bGvsVA+nQYKy7i1qCNbG796WmBOvUJOo1XJHsceTyfGB7rQpgs103RA0CXmc9WfvU74tsER+sVbnCxsGrG1kvyZvD80ACsx53s6j9nXkZO2m7uZgdM8LbEEaj/CVOMDg39YWWKwug==,iv:EALcT+2ES7q/4zEwUXDsyrDzSZnUCsYtYZLIU3xNJQs=,tag:RTyPzUpMcrQtDT4UKn4SNw==,type:str] @@ -45,14 +45,14 @@ wireguard-deimos-private: ENC[AES256_GCM,data:A/LbG/kTjT0xa93Y31RXfM6D9ibHHjuaZ0 wireguard-deimos-public: ENC[AES256_GCM,data:ZhcnUafVzrPtEP19TgnsEl6Edwjxbkeb2N+Rg7V1O7zArhcc+Owk/l6iHU4=,iv:UcKBnz/4sGyLM/lQJo7e3G0qWAWlTtRNl5K1e3oT1sw=,tag:BbjZcjl98X9aoCTD+hfhgg==,type:str] glance-jellyfin: ENC[AES256_GCM,data:ozdDKgAWkA88J2j8RtiOP/aQPAt/neUOSlAZF20g510=,iv:x+VhYlnA9F/VPrzVcma4/oPelCc8kjWoTZvOs4L9Uqo=,tag:crdSDjr8Y5GH/JAF6t8Yeg==,type:str] opencloud: - env: ENC[AES256_GCM,data:JZOs+86/jhHtXuOb4fsk4ceZuFpSa6PAMN2/vmGlvlXvsx/Yk2ZXeZZU0jtwweN8Sk61A2538OdPpfKynBgwsZ2SgoxAIyJtQl3HZWdZzNZ6+/t+AFvvav/x9nUv1O5704FP5OYOMniQAmqu0ds0JIX3YV/cstoo+rNhNW2emlVhj2ABYhTxy0BFJ8A+Re9y5FN5WT4tmloF/21ZrIwtTw8ULQPCksJfTFwEE+cCN3aIWZn00/4zUuv6CEtZeKeOeLxgQL+G2pPhNrQzG+lw+AKLzXA2mJM+3Zfq0MplyXeFCLkV1GCHksrMPp2w5j2RdtfcdE9IP+tXoD/fZNfYgCK1Pk/JhkXcV9EPbz4KUL/+OpgFqh+RvKGPXH2iTV0B8t2Ag7NowxULI2jKw0c=,iv:1ClzjY1n48cQ9bdBewM5A5Lr/c13HbSSYJ7xYCwZDzA=,tag:FavwE2sX+wSgKOEpywFeMw==,type:str] + env: ENC[AES256_GCM,data:1mDynSVUQ4fFbIfNC9TO1pGvOa9kBR2fjloMzrA1XCn3VEyrTL0JMd1p7cmShFv9TTvuPB6N1PR8JA3nmlRfWV3OWfbtkp/alhV+rRtbsmZ3bWAvEfyT431TFVbwU81i68mG1ueL9UfZ7u+bSZ8udHEvTJiDbAh20DYYwZMBkrQ9huzuCdJlEwhBqP9IzZHvhMuFv6PZVNInMkAPY8UcZEmJfPpXu9x6KZ0B6NPnuGttTagGnSrYgqnlad953ij8bV3i50KQV7uGTKhWrUZ3vRXfAx1QkRLkh5Hb8B8mf4FyWGc2xy0OIxkmReJIdWRDYJg3wWUT5XdG7nATSxkBvbhRCcMdLjPcv4uEmG/CuaXra+dTi/XNXnOTfoiNywFLEfxY2bmw9fIYqUk2d8MJDA==,iv:cNnxZnIcRc2lkEaXyRjPQ3hDmeAec4KCb80MEQ9a2sY=,tag:X8/eD06Vf4yaUNh0aTEBUg==,type:str] caddy: prompter-auth: ENC[AES256_GCM,data:uEj6gruCfcIRoCQY9eNcOka+PAIIhAlKnI+ehZ88aZo90tINcxZ7ZvKqlTJr4rt5o+EO7rvRJcYH/s8/+piszFyxSa64Rtq5KdAjfHnRm0QM8q/2JIHnZsQC3fPz1S177WPs/c3Eydh4VeVe,iv:ZOru4ABFgIy9DoTlMl3InSf8zM1ERNpbRNLN6vy97Jc=,tag:5v3w7kvFQCEPBjchE8K0cw==,type:str] comfyui-auth: ENC[AES256_GCM,data:YkHxbW/0zTmnrggXKl2jNO4OnBaepmCwB3ZC6d8MPIKf8snWJzAvTq5+X5ABzziwKaypHRTcS6vuNntxKrrD8DS7hX9DqVCZc5WeFHI6S5VzHh3SprW2MF4E8nm4Hj+VHoKGmRSSOU1cfX3J,iv:v0Pid0BCY2QsMNaahBvJd4WWZD115JDLHlOCQvPiaGU=,tag:gpsAgt052NoOyIa9WqJXyg==,type:str] wifi-home: ENC[AES256_GCM,data:5NYSCUyalDf7gZF7WaRQJCo=,iv:RkVZKsmVEBg5M28DSkBD41673iLM+dqDAAhSwjqejck=,tag:QQ17VSWOnU0bGglZq6455Q==,type:str] firefly-iii-pass: ENC[AES256_GCM,data:gy7CuAy2PqKyr/+fHjHuKosj7Mi2cfOop4bLew0vZtH9i6IbTs+3wQb1bk5OMmQgMTbm,iv:R+IK4mEuZMhAz5R+9HyL2zscISc+yrSoipcwMiwNL18=,tag:2GF+O7YKXKgFCUGvbZyQKQ==,type:str] firefly-iii-data: ENC[AES256_GCM,data:EY/CNiSrnmUjotIshk4KqJ2P7IMpiXYyBr7NeYcI69k=,iv:bocGJHNLMAfHFjs3/6wwxwYqq0qar/uNrwppK+MQjBg=,tag:2H5TD6bd9PUgN7BWkwNuzA==,type:str] -firefly-iii-smtp: ENC[AES256_GCM,data:B4DK2AMxnCvcrsxSHeYVhw==,iv:eS5s+ir0iXYDOI/Wu4Hx3twlvgIpYlAdgYtuMRKRZaE=,tag:CPy8chfW8doxeubmbSdDUg==,type:str] +firefly-iii-smtp: ENC[AES256_GCM,data:suCsPpd5acpasLLJPcgf9gUQlz4geqm/fNlw5b1+zMo=,iv:63o2Jtrn1T+CSeB9YZ9Zr0873zxgAdBDklwdNuC2bT4=,tag:L4smPSDq/FHMQzS39ege1Q==,type:str] roundcube-pass: ENC[AES256_GCM,data:vLvNVgiOQKIIoBhFD2if4Ct/1qugwe6i9OG8rB4sv4o=,iv:iJJlzgIocPe3ty67C39MF09FkU+p7hqd+GLnE0PBJAA=,tag:kzPVQP55YwMeYHrrsHFHJQ==,type:str] sops: age: @@ -65,7 +65,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-10-22T04:01:59Z" - mac: ENC[AES256_GCM,data:SFkPPrRy+Ezp/iKYKiFq9V2a0LDnP6RIznqwPSZ5RDz+7yXXTR0vyyphSPnSC7y28GEkP9OaFlNyH19G9SoEo1z/A1gCqWUqBK1RN06+k3LKbxIdkvynmPBZl/4/A2L/qGixyWoaG6UylzsQkzq9HVAntaADwB42zX3thkd7wlk=,iv:Oslk/YFON3F3BnlOgOofI2nSxLAvyc1uyq6OpCcTfuI=,tag:Jk4mgv7hEG5UZxTCZGmSbQ==,type:str] + lastmodified: "2025-10-22T21:03:16Z" + mac: ENC[AES256_GCM,data:e7hdm9a1+4zQncU41Fmk5aGB02n4d7plkZQJJkUEnpdJNNgQPzV01KpveoywCT1ui7I2SR/xQDpRxWmt22VqFb9qQDmqdBZtfRXzv9LIjrFZ35Xq7+ro9ZneCBYHvbJIkwdEwru+k9DrxTdc5QibPTL7ropUFFA42NugO7AjYU8=,iv:m2c8kJmtGkW6FhWUfuu1/0LIN+yESn+DynH69l4C3LQ=,tag:27T2Uz5KzU7JI9zdQuwE8Q==,type:str] unencrypted_suffix: _unencrypted version: 3.11.0