diff --git a/configuration.nix b/configuration.nix index e40f217..e344b22 100755 --- a/configuration.nix +++ b/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, pkgs-unstable, inputs, ... }: +{ pkgs, pkgs-unstable, lib, inputs, allowed, nvidia, ... }: { imports = [ inputs.sops-nix.nixosModules.sops @@ -12,12 +12,12 @@ ./system-modules/gc.nix ./system-modules/dm.nix ./system-modules/networking.nix - ./system-modules/virtualisation.nix + # ./system-modules/virtualisation.nix ./system-modules/sshd.nix ./system-modules/gpg.nix ./system-modules/sops.nix ./system-modules/syncthing.nix - # ./system-modules/hsmw.nix # old + ./system-modules/hsmw.nix # old ./system-modules/docker.nix ./system-modules/health_reminder.nix ./system-modules/ydotool.nix @@ -60,13 +60,20 @@ hardware.bluetooth.powerOnBoot = true; # services.blueman.enable = true; - nixpkgs.config.allowUnfree = true; - # nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; - - + # nixpkgs.config.allowUnfree = true; + nixpkgs.config = { + # allowUnfree = true; + # allowUnfreePredicate = (pkg: true); + allowUnfreePredicate = let + string-list = allowed.unfree-packages ++ (if nvidia.enable == true then nvidia.unfree else []); + in pkg: builtins.elem (lib.getName pkg) string-list; + cudaSupport = nvidia.enable; + enableParallelBuildingByDefault = true; + }; + # List packages installed in system profile. To search, run: # $ nix search wget - environment.systemPackages = with pkgs; [ + environment.systemPackages = with pkgs; ([ git lazygit # home-manager module is bugged git-crypt @@ -84,8 +91,8 @@ blueman dmidecode file - ] ++ (with pkgs-unstable; [ - sendme + # ]) ++ (with pkgs-unstable; [ + # # sendme ]); environment.variables = { @@ -104,7 +111,6 @@ nix.settings.experimental-features = [ "nix-command" "flakes" ]; - programs.bash.shellInit = '' source $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh ''; diff --git a/flake.nix b/flake.nix index 636a4df..49f9e54 100755 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "Multisystem NixOS Flake of Lennart J. Kurzweg"; inputs = { - nixpkgs.url = "nixpkgs/nixos-24.05"; + nixpkgs.url = "nixpkgs/nixos-24.05"; nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; home-manager = { url = "github:nix-community/home-manager/release-24.05"; @@ -28,10 +28,6 @@ }; hyprswitch.url = "github:h3rmt/hyprswitch/release"; - # nixvim = { - # url = "github:nix-community/nixvim/nixos-23.11"; - # inputs.nixpkgs.follows = "nixpkgs"; - # }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.3.0"; # inputs.nixpkgs.follows = "nixpkgs-unstable"; @@ -50,8 +46,19 @@ outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, ... }@inputs: let system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - pkgs-unstable = nixpkgs-unstable.legacyPackages.${system}; + pkgs-config = { + allowUnfree = true; + # cudaSupport = nvidia.enable; + # enableParallelBuildingByDefault = true; + }; + pkgs = import nixpkgs { + system = system; + config = pkgs-config; + }; + pkgs-unstable = import nixpkgs-unstable { + system = system; + config = pkgs-config; + }; user = "nx2"; @@ -60,46 +67,43 @@ prime = true; # unfree = if enable then [ unfree = [ - "nvidia-x11" - "nvidia-settings" - "nvidia-persistenced" + "cuda_cccl" + "cuda_cudart" + "cuda_cuobjdump" + "cuda_cupti" + "cuda_cuxxfilt" + "cuda_gdb" + "cuda-merged" + "cuda_nvcc" + "cuda_nvdisasm" + "cuda_nvml_dev" + "cuda_nvprune" + "cuda_nvrtc" + "cuda_nvtx" + "cuda_profiler_api" + "cuda_sanitizer_api" "cudatoolkit" - "cudatoolkit-11.8.0" - "cudatoolkit-12.2.2" + "libcublas" + "libcufft" + "libcurand" + "libcusolver" + "libcusparse" + "libnpp" + "libnvjitlink" + "nviaia-x11" + "nvidia-persistenced" + "nvidia-settings" + "nvidia-x11" ]; # ] else []; }; allowed = { unfree-packages = [ - "cudatoolkit" - "cuda-merged" - "cuda_cuobjdump" - "cuda_gdb" - "cuda_nvcc" - "cuda_nvdisasm" - "cuda_nvprune" - "cuda_cccl" - "cuda_cudart" - "cuda_cupti" - "cuda_cuxxfilt" - "cuda_nvml_dev" - "cuda_nvrtc" - "cuda_nvtx" - "cuda_profiler_api" - "cuda_sanitizer_api" - "libcublas" - "libcufft" - "libcurand" - "libcusolver" - "libnvjitlink" - "libcusparse" - "libnpp" - "discord" - "spotify" "obsidian" - "zoom-us" + "spotify" "zoom" + "zoom-us" ] ++ nvidia.unfree; inecure-packages = [ diff --git a/git-crypt/mutt/client-secret-oauth2-lkgoogle.json b/git-crypt/mutt/client-secret-oauth2-lkgoogle.json deleted file mode 100755 index 80997c9..0000000 Binary files a/git-crypt/mutt/client-secret-oauth2-lkgoogle.json and /dev/null differ diff --git a/git-crypt/secrets.nix b/git-crypt/secrets.nix index 4fc966f..db9266d 100755 Binary files a/git-crypt/secrets.nix and b/git-crypt/secrets.nix differ diff --git a/home-modules/email.nix b/home-modules/email.nix index f25038b..b3e00d4 100755 --- a/home-modules/email.nix +++ b/home-modules/email.nix @@ -102,9 +102,9 @@ lib.mkIf (host != "NxACE") }; }; - hsmw = { - address = secrets.email.hsmw.mail; - userName = secrets.email.hsmw.mail; + hsmw = with secrets.email.hsmw; { + address = "${un}@hs-mittweida.de"; + userName = "${un}@hs-mittweida.de"; realName = "Lennart J. Kurzweg"; imap = { port = 993; @@ -117,8 +117,8 @@ lib.mkIf (host != "NxACE") }; signature = { text = '' - MatNr: ${secrets.email.hsmw.mnr} - SemGr: ${secrets.email.hsmw.semgr} + MatNr: ${mnr} + SemGr: ${semgr} About Me: https://nx2.site/about-me Contact: https://nx2.site/contact GPG: https://nx2.site/gpg @@ -128,6 +128,9 @@ lib.mkIf (host != "NxACE") thunderbird = { enable = true; profiles = [ "default" ]; + settings = id: { + "mail.server.server_${id}.fcc_folder" = "imap://${un}%40hs-mittweida.de@xc.hs-mittweida.de/Sent"; + }; }; }; }; diff --git a/home-modules/helix.nix b/home-modules/helix.nix index 9d8e8f6..6181ceb 100644 --- a/home-modules/helix.nix +++ b/home-modules/helix.nix @@ -99,7 +99,7 @@ "constant" = accent.bright; "constant.character.escape" = special.bright; "constant.numeric" = foreground; - "constructor" = blue.dark; + "constructor" = weird.base; "debug" = yellow.base; "diagnostic.modifiers" = [ "underlined" ]; "diff.delta" = blue.bright; diff --git a/home-modules/hyprland-autoname-workspaces.nix b/home-modules/hyprland-autoname-workspaces.nix index 0eae44d..5ba2522 100755 --- a/home-modules/hyprland-autoname-workspaces.nix +++ b/home-modules/hyprland-autoname-workspaces.nix @@ -49,6 +49,7 @@ lib.mkIf (user != "tv") "leagueclientux.exe" = "󰰌" zathura = "󰈦" code-oss = "󰨞" + codium-url-handler = "󰨞" discord = "󰙯" vesktop = "󰙯" blueman-manager = "󰂯" diff --git a/home.nix b/home.nix index 3d317cd..a08c823 100755 --- a/home.nix +++ b/home.nix @@ -1,4 +1,4 @@ -{ config, pkgs, pkgs-unstable, lib, system, inputs, host, user, rice, allowed, secrets, ... }: +{ config, pkgs, pkgs-unstable, lib, system, nvidia, host, user, rice, allowed, secrets, ... }: { imports = [ @@ -63,9 +63,14 @@ home.homeDirectory = "/home/${user}"; home.stateVersion = "24.05"; nixpkgs.config = { - allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; + allowUnfree = true; + # allowUnfreePredicate = (pkg: true); + # allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; permittedInsecurePackages = allowed.inecure-packages; + # cudaSupport = nvidia.enable; + # enableParallelBuildingByDefault = true; }; + home.packages = with pkgs; [ chromium @@ -78,7 +83,8 @@ swww playerctl imv mpv mediainfo exiftool ffmpeg - pavucontrol fontpreview gtk2fontsel + pavucontrol + fontpreview gtk2fontsel lynx w3m browsh bat du-dust eza neofetch tldr fzf figlet ripgrep lolcat jq glow brightnessctl wev diff --git a/sops-secrets.yaml b/sops-secrets.yaml index 682d3c3..cbfa580 100644 --- a/sops-secrets.yaml +++ b/sops-secrets.yaml @@ -21,6 +21,14 @@ weechat: passphrase: ENC[AES256_GCM,data:3NVhMouf3wwMJTZCvIjbi5fjHJHxe25Q+wRo,iv:W8cShdM3iUyEiRCPNupMin3gfF+cqGxslD18CAvUW4c=,tag:DXBATGEhHjhXqy+J9BNVwg==,type:str] nx2site: namecheap.pw: ENC[AES256_GCM,data:tN6ArfQu+YfVkPPN00raPZWmghDKVFmmGgwACVQQSHs=,iv:TlUl0L3+Ea9vt43lwDlM0SE1+CLvWJdryt1lFhQ+75I=,tag:pia2ORsm66AQUOE/ZiO8yA==,type:str] +USERTrust: + ECC: ENC[AES256_GCM,data:yVSxTKRhXXPwfY7STz4YOWjgBSINYG4zjISQ/9Q9Zn1gZl/wbDQjSk7prN5fSn9aVH46TbT2mPlRDt7jcfbEZ5JmUnIfDZ7JqrAukOxy7wLAF+m4R7/KdLmdM3xJ6cnH6Tm3KQjRPL26zN4BD3T1oqNw/NPxlfqWeMrjMYZSktmoNAwAjntIqrnoXIuEPKvAsqIbg+SLvrSo05DhDy48c16jSi5zzfQ9M4fEgsugw8y7BWF/eAooLsvnpinc3Ek0XpSy2QJoD9plaW0z1lUT/UFmVVZsLDejb5hbzOnklhjSgE8S7wO4Zmvnu3It5M1YATSR5PsaG7QqaP1w6dd2DdvSnfeVeS28AdgVnOUM2MwJsgTWlvtol6ErIxaUf3n3+PAXTubhH37auOoMDeFeu1lAAe2lKiQcCtpE9gy1dkZ3vSZO6eHq7REo1qauao2LrrgBfPS0p0nhMBjOiORDI06JkNwDFBktjBI9JFHBNfd/CMrgXhfsxujbVxFSD6VD7DxBb3TDgOAm5GS6YJVC5bxQx038GnHorBsUBeR6BzpxG/lrNcBdNaHKqjngBbQmYR/skbLlrJblDyXdI4Xyh55Eogz28rwT5HhjoWOGjAk9P2qk9QAqKcWuRXsS77jRIeD59cqq9EKDRzixEJntCvxxsS1LLYBG4vmzXk4qgb1vGUgNKUaVXPNjXX2ueaLtkEMkx9sMmKcyKLzLoD3/yPYEiUTwCoXaNf3o4OUrvli7mW7qzGrqXTQtQfOd7fMGupgjtR68dEQxP2M/J1725phvSUQNx8SuERMOwzHwd7Yt/Z5TKJ+B/m7uxYyVeo9QYlkHrjVAVLmHc6qnKGVZrSGSkdVVr4dksOc7gyB28MP7JZRADCnHq7+1jhRMCiOT51I/ZyrqWtTqDNBFATCeDDWF7qZcrzWq4GrWm2dmWwQlUm5lW7+MsVgrFowjnbbjwcWy2ROIPiiC3cQ7ztxqXMZZjHUVDa4OC19d4vsDETphTuFQtNHTWGnps/phrV5X5QfIC5nmrHqeyJR2YRNb1M/IZMD1nWFvDJG0B46ES03YaIrQYt46HK3Pd25arssGS+Gzx8p65NTriRBp+KAkGf8dN9+/bECHI8coWKXpi31Uu1GoN4tf0f3OoQtpq2mCF9wz9B/cl/j7jBVKN1/OPqmd/IWr737eYQLeJ/XOKs3W5+5bdnl5I0ewaipPYelUY/ZNWCMN91U8PInGrThnASRdCkNMPOzU56MIBj3gFWn/DIq/kaFpf5CFq3Zvniy5HIf/+ZyLhMH4v7O4GSgMCcomEXLlQJZ9K4ZPHo1IYfHJqi0OEfmZageDkRrD9434ByYibg1wJRVvZfUbh4HJjgIrf1yZhTAe4DVBpYnf7wuJIw0HkNRu4piiNw8LIh2ga+f36iDs5Nl0qaZtMR3gLUBiMxrLS3Yakuof+xcglzfVMo8YBD90qBFKke7OUi7CQCZw6orE/EJ8pxDTWL4sedcv/OowKo4xqh5PtUBAOljs7i1z/zHtr4Cr64SH6DW/2vp7gYA62+BPrbhSRJbW6wkWR2hWn4pYJLirKwUBasO1Iewpj6ps3if5IKVrv6kfFoFYfLF8cEpIDjek61OU15tjXRMZENR0vSQRAm9D92VGCXcD3gnW34jF+i6HnArPF8hJ8vDIAb7LYf0xuCZ0JU8QNIUqSdHIcH/GAZGNHAP2EBV+Xbffw9rIycPM4JUIPvbUNVnXsR4+Hc1URd1FkTDlvQEE3lWlPVtcbChbg/221OdKVewi4YwXFWQV45fbwsZX05FGunVBr+/G0SEGeJ25kud9YbP/C2K1i/GQeGw5ItOmThpkXr2X/OyonnFSXnYQjy6fwEBnAX2KPVTqY7T8OxgAj7UT63Niv+w68uoay/pgyuAUBKOQ3t4HmfXPaKm0bYNQNt0r8CTLIxqFxJZxJ1syTqnMXLOdowWpDpDszFHQChiFAOuBwK61dYjUC/OHFlxDkLKkKe38EuWdBCyGqHPfj7m23+h/E09u1WzwksUk9jm6DfyTAoz/MZGsbm9pSQl22qzC3og2SwUi+smgCSrcojp4q0W92onAAxe3siPAPIPpt1Gj8GRvkImHQ/rNQkgiJ4jJfN3epiJgBJ+YCGIByivV0XFLB/9UVu7Vw554/nG9BlfKJ9h0G7VPQgd5MJGvkLqJzCrPh6QyK9uOjbJLO4dWkmaL3oZr4IVbwGk3NXZ7oef7A4RFOHDDevJintMLz1ZOkaaJKWe6YoijmAC2tQNGMIoRw6YcLjcmVPJz12W+6MEPH3YOdUl3b/NnfScuTVYBSP0cFXlDwg/rphUD7oykohsLtPOWhYW/GWvAdV4iwZpzQ0yFHasYGiERPytDKmRffoILDoTOn4HGVVCQaGnm/o7pl5BU4hFQOzvUC4C4LYRwpsz7EaRp0Y3Qqt4S2Xc/k0E0W3XU+sVNSvoBgweNhDlKaefjjSSjDNza6l9fTS3XPTprrEhMU7CvDjpsC8vfd5QTiNDxC7XGJEa0FTiCr2Xyz3YM5c8jWOk1hNOcSvJ1GvZhUWw0pX/HaihI49WQqA4/4GtLfG9f5TkCsLanj0wzVLM7XntN5ol0H5R69nJ5mPLIGXsErG9A/Xai9ol9joVUIJVRwLx8iJEyGx8m1pyOENjOkudgnKFryoWsNGbQo6G+0JEvEAjUuApkYNJvqKNRKrw+GSjxRZtewo8V9rC5a6nsUOPK/U5WaF5UMxu/L4fk8jQltcBRhQpuPZboEo6KNmUzMsK3aweMrQdHnLDlOIoJiDqj9ySPv2C3aeVoKWiscQ==,iv:GS5GMpbxeweqwjUvOzqg59xBOzNZqrL5t7RjsFjpucM=,tag:j0MaMw71fnRHxeydlqAaww==,type:str] + RSA: ENC[AES256_GCM,data:pgCzxri1wLZbl5e/KeVvtHRRe0XkdB8GLp2UbQOlJ9hRvRerJ6r8VhSSDh5vfySL6ow4urXzTG5oZwOcXeZgb+DgT3ZFS+npPvbzcc8T/hU8C5tVXYdqdLJHLXAmVG2nbkuIE6z7Bu8SngBZx1jXNBBl2W4vO6GcL0naNj2IyT+1nGhwuNdn4iMMTIjZhlF81PwYRY/TzcljyST4FZc4u/55oSUNrb8Z7KmhkrmaHNPFACTXiXli/zrPKfisztRvZZLfRZ57067/fiOTdwxXyiSxsh+oKRG8JlvdLQvjZ9tMGagzAafEyWVYyrVJIRBme9Uy4HtG/uOZ39gXVE+D8sh1GWftrmvjXPO2OdD/tIa6kskfZNWWFoEOtiRcKH+fuBTe7/ezjzqJA0qZvfwduXqkfVbNcS3YRNRM3jpLwGHDEv2hnVqn4bjB5We/1KBMCtbrHtAc26M3AepeAUy+ka1xW5WO9LsZ5ck1gnFrV5bkFWDr+evBRUuiId5QuAifkDsKlqLsWAeWFpgc7DdjUrpRG0yry8PFEOZP7w7D2/AEeoGc1dMDgX95mvs+0EmA4lutmt2fF14QZJwzhH39/TLGrRmjrohqJ0kD+h8XykBt1JbOPg91dnxmEJuESPNAxhotrj8xuuklvyLKAcfWWRJ1NIvbG6rmlL+m1x+2hUVw9gVGzyGaaSLOqG/6kHwIV2v+ZvCm+n3JBle+ooSi9mxgefVvJc28hSdC5SvNN0KyDvAY32NgOqYFPrvwx4QHxdm6D5jHXOoFEAkN4duSmDwmVGUq9fL5ds4v815a2Fgn2IZB1l82mLFgy4xaBPlbjrqRnuhgpRRbKu+eSNh13lTEwbrEKJfL89cX1Q9N4Y9aK/I7nq9lfybZ+XYXfoLU+7yXZ6gmm2hw6EkwvmAg1zPnoec5hCOZxotPYByvROOK4TyBCWoF2w+5vmSatZdodLwyoNWSsqtpowWHImCH/UZZ5NkBs0pWOnLBSuP32nFN5GN+0y1EKq+4AxL3pwutpo2iMAFlXI5lu5S4fP6nreZUsYqpp9QpwQtmSbU3iMC4bMSHA4LrhLSCfa3AClVirB4xabCnDWDa8tD5j40Zy0gqk289/qbcmmNC9RpTzrI3aag/hZx4eKjb92Ma5s4E2FZL0BQVrdQ8vD0yuhIaU0qp0ahU1D0/H+HS6Gsi1mfWsfNhsSBBDW0IVC/+8zFxvWYysbVPJJj7m7JY0IwW1yKzPvPnMdkWVS8OcJoODa97V15TaXt7yAstmCVYGZS9qc6VurF5MqQM6c4PluJXPyMlZAwQojrnaCuGuljXpmot5M62MvNMdh4psfa0Y1YiCWjer8XtmYhVvzQPepD/YhsouMrCRGD5pxaXozhoS1bUVD9ReBQb9Gg2sQr8MEQ8oNB/a6fLmNwqY7IWmk9pAhBmk5ng120LS5q+3vjj/hw9+Dz6Ojp6BAVNGs1us5YW86GSSlqVmLew4p+HBiYQyhFCmi9p1WIjrNyT/oHUDYGreL2A6NEo6aePPYeVtbNEYi0UahEscGUrqu953MV+PpbanJI7WHKpHek3Nsdgwyel4V9wjgxSpLWvfwj7QqXL8Xngoyd/4FL+G9MvLc3cDYhIFAryBvqRgXrwRk3CkAijzpk/2hui0qlhmDza8KRpfo/4bwz0i4d/wRyWe3+24WY1CjPkDzclc3VZVQDiSg6KsUQvGnc6Wv1+awjE2kA18j3NR4RYBXgxEflj5Ft2BLG6rq+RakLguXDCAMQA4hcx1L+ThDCdn09c58H9Uc/GRLE5uuFRgLB5UtsQimGXuXzxsA3YIN3CijT6NJTKH9WCvQ4tZnk0Jq73rq4oynTCbZBVPgQi5SrfD1Zr0eXgmirLQZFCEV4EqNrtheZ+vqTkWf7rrvG04C6QqLIHWttdsL3ejfB6ddfwM/sou1JmmgTzEo52CCYf1otKNQwD+shx7Xcrm17vu+v57q6bOQrbeBNb/MDPm8qH4/J89NgSKHO8kzvfAm2qWxmr+90Of0cxVT5l7IdnOBCuYSHgTLIALgTmLmKvPm9l/pOjfIQZmvJ7Alo/eqKfcPw6uwoSDn/5+Pj1c9p2ub1CwRZKZlnULQLI0uyw5eQGceOsuivjO6iQjsk4iGecvlGYwZtlqidz359zCysMSuKrXS+XNGT1xy7fmnyct72HJvSeyq8bSNSAEc/iW+ia9n1GJDj4vW84v/zwi0dm1s/qKnq5M2m/pUvZembcOK/1vY0tsD2McTqIjgKPDS0UO3lgEr8vHFok5kJrU3rVV8iJeLHv3oCzKvjgR9jjqdlceRjSJarVFz1lSxenzoVq0JcH2cde2yQ3vdPusEd2LZC2tVYgqPprp/zOSbWsJPq57eiUl/UX2vOuNAV28HXVIuDqs27q2BOlUvBLCirIurjlONXpdRybN3dtevk/lIel0aRU5L5g9Mr1zhtHsoo6WI0In+RzFsD63AsBNDoufVmXgHr0G/bZLwPCdk1xCeEKv1Bq4fpappx8iEQv5GtwZBkPh8N8D0+ngbccx5N0pMcL2BM/HqeRDXR1Tw72EVEG8Bx4Twue5NBi6rtlfDnDvAj524fylSMSPgab8zq3tY9DnIci3ajnRYpIO3uDgH5cbMxqEb6gnpQNkzVUk0yJXR8nvS8qT6TbryX94howqnrID/8HQZ13ja2d8pW4Sro4+xI9WFFSx8bFSeBjhj4nzyvsyam9nJGDJnuYtNEod/CBMjkRPbBq1doske2twYLudoEObY3FXdZJ5VfiD/zGKXPHjL+pd9L8V2QFicazwE4CcIDoSaOr44VADVwh/Iu6Wr1fVZvmSRPmorlRS4DnUDXEC4dl+C2Z9JhxuL9CEoin+k6yILXsBcRrp2LrRs0U6IW2rVrrtD9MzBosjOGflVABVGhCA4q0LOWF+/5NonHaeB3E0mntFyTvuGTEN2fhnrpW86UERIXOySKTm6nN6BcgmvozgGKQ49jdzuzqVjfWGI9isL9UBNmkamrqbYmdqpoIiWycS7Aeyfh6XWMR+zEjeImqvdF8RQs7Ro9MJWj5Bm5bXs+gaLV4vzNj9/ZzzHZs/UmkBWEPtYs/5KO89Xj9lHBSVfE1c/sM6iDaGLOeO1v2MAIecOoMvIjBJ/YilYJmyywuILjxGN25jlyPVEy5DWnUOSIln6G9eyDjs3VLNsITXFH1co+M2KhDr9sQqJ5lKBitpZUsl/4KI2uiAXm7+kuQOn/27NDBZ0PdW8cwyVg2tirGJDvkmDH1umCas5/OhDEfu7+N9oW6wMpZCeR2lJwS0nTSEkk2Gis7WisgB7j9yY0evOeSecaKaq9RFxg2T3qJ9QR+ZssCXacezSZm/PTa2BByHeHJJ/P6p/f+rg+hziMkESOqx6C4BgGeEZKTAdwTyRfNmsp4bdg9XcqZAgnhtSHb24qAf7Upd/ttwS496H8HdS5bTrmSr8/JvwIKy+rs+id7CzcKYc2HEq0FSUt473Vb3s7kS2YDiqnGW7BRLIPDMApLuCDYeFfHExZhdtbX7O415herG52VffHfAoVfr+DQfipqkDUqno7+coZxthnBY1e8V4bJTcul36CO/sB2vP2/4yfzv/HSuviVVRLY58cGBVk9lSiTBQao3+N/f8a23k1wqEFy60uL4jW4X9swgFed8Q48kAUq9SSfxnKHeQrKrvo9rPHGcetrCC2GQP1u0gHD1TV4F1JGloN8MhMlBGtwBGhOIFcQvUomiTqNrDCobqOqcLUJuVL7jZ+Saw6CiH1QJrSQZ5QuCW9XHoOOgvZzdPqEGuSb6nky2OQ1EjLMQtp7SsrwYp32lkWJ9RY3OUk3LLvTM8Exxg56nDqiOopg0GaWAhf4H4MTrAlssM69epH+5SaJyUEhweg5BZP3mY9FnnkdhG7W9JeDQXu1JOhSm7Td0ForDAoznBcID3SacOCbeSAqtGRBZGxnXFN01MTmUnA7Sy+Sm1WoN+o9u28ttG372sVavQlDZvM+9qXr15hcXt/IYscnbpgw0L7DrcZ4RWb8ATtOov8zhtlwB7QvDQ1LX2g2+5Ag2QcuQJmAYH731XnctUsrCmPKfCVh3CzdNS7DH90bli3cC4t+fpAuAXVNh5wPrCEb9Xco/WUKYe6XNS0Z/xi7PbGBH0s6ThYNzCFbwH4e4CDwD8uP7UA6iL+Uuts5Cz5Fcm7WMqPDFYFAdcA38fOWpXqVRYo6Dan8x/RNAPVNko6MnwXeq061jz7XTk6zEpNymxgjNPJRgcvhItfDHtrGpUqSIJxkQv0g3wppXnWlNX6zGIelUJmLkWuJUJfbznXTdkCr+oF5vwuauwO8iCx/h+7AZBD61w47BmRQLLdDP5I2ptdbrIN4ygouDUVE6bwiw2nhBZuR9ufzcO+WyWNHt5h/N5IuErH/5QcfJOBVRcJYuyFgEWrFax7fiwMCzgKhxN0x1WHa7F8gxGNTIGG9QVNf/6tpYVCAao4pQGErxKVqfVQ1374zbsFSy5PF0oyW5ueEQOVJ82RBjwYtLjX2gXY56nfdLy+D22S3XEHeHLLLg16Vtkf4Twmvzkxjc/YfN2vxu8d5tFbHnyanicj3SBgiiZLvg5iDwjtfONFQ6oX0vfoJ7B5xBsnxiLptx+HPN2onwsF/e7pCl0cTRTLO8Jt7Z8Ob0FYcmd31R2d8paemcIRzfgsqS2JWtJBckAqeQit+Gn+U82aKGew+1FVjlGUrwTO6Q6ztXh75B71V3urA65MaLRX5/7t3nGE8FKip+KfG+yTCHu0F411obb8TME+YwBfz8M4kDUBVtmFUrXEEF9aYD/atxxF02yB/ABPybB6Zcyo5r/U6P0G6jVUGXn3hgQkl1OzkQt06aH/J/LwMN271gc8whsV3pfZC3YfQ3212BAviAshfPyNtHPkShpu6fx5iVDoaL5LHS/A1K7kQ5yya4ECCndpTpF1rYamNVw9a5m64Tma3AGFORy6ZQfaHcV2w0RUs3P3ZXGPcuE2VKeTLLGG43W/FbqGAvxjax2j3qGtZ99Ox85ZAVu5O6PvZSvGSpUW6ebGTCsAgSz5h8V8TfWpaQtR0RrjuzGWoWiW5R2VqfmmIQcn34+t2GgfkZB5QH/o7S5z86UL05dLzdyXXyxIn5sWi0Q1B3yAjFCOVstaAr92fGfx+JHOrMFFKu+bLBpez8lE6f+h4HHzTDVnIB1Zb7d3wNwLVk7PmFy6NeByj0kmjY3Ts5pWctWAAQkI+nOtuM4o101AwCMdMfj3M/mr1J7OWy3Rxgaj58IknfPJpeoMhgkvu66WrkgS3XZE6e/n55sPkGHSDMcHTm2364+oJOSMzDUAJgGjDt9Jvalo1wruDA5pPF4F6y/F/8njO8qkoXnuWRG5BpzO66LwDTDOcUCCFzym6eRBnLo9sGbGZxlvRRSHwIRMa80tcqZqbAuVeW+2/PiSMN7zhzLTNdzhaC4cIOuilcdat1+//+qI3OWC5y9sti3qGuHO1U8rhSOw8Laac7JgOGCo3FkekHe8PaFF8jSDliQnodO8rGCY36xHTQkUsQjb+5ginp/dBIAUIR3QxXsMaxP/yBLpRbvFhD3DeOJRQXWdLijTcxAxLhTIPav2WC1mwyve+Jd0djTajSBgSzPzHW5ajUBaol+dVJeCD9HqiOrUMEmcMQFZZcA+RCJdIOvkKlt/sAnhQ4RuwPmzck2RMXCQfiYn0pqpJDXmF7xWgvGDBtQKP7xLE1Hj5No2q85KjLsWu8xK99Y+j2ixfBsgdc53CR4rNplnPsFzBHOucqd+Ve0/gqZgF81RbGFV1T9Wn1XFrE0e7+EkNejKj7deRmy31PnVLcBp2NwtIkhrJ06J8hmGquwUm,iv:NJkjWL5kMHET68oR5Xp22kvkThXIp7WxRVajmTfsB5M=,tag:NSXeRItMKlOQYP4QtzMKIg==,type:str] +eduroam: + client-cert: ENC[AES256_GCM,data:jmBj+tJrhyv8X85Esv7lw0JdENXh047KD9N5UIpjcor94gCNgeCFFcTdFSLF5G1muw7v3vzdVZKyZYSoqx2WwWaupgGslXI32INiW/G6Q98fZnco68Nqi7VM5ZSIFc2svt3nVylPJP2+05kiH5W01/zUZR0gAw/f007baN+WfBkkOqefObN71yN4eS7U04+PXpsQcFmaL+MkZQQHaeNls1BdQglKSps3PbcHVYksH9OY5I0wXYRtdI+hnDHOp/JyzXsq9sEZGi4g4f2uiyZUp8IEXgoBfYkD/wt+XQ0DAFUELj3lCaNVACmtqBkJifEnJenP93J5zenx2L85ZL/0qCdxwYL7oIowsa4DxT9Hu8AUNRSptsGR1X5zqvB8CBa6nERMPgCLGo/zEYz5TIIVcH9gtvUdh2Q1Kx7y2CiBn9ZU5blKCL7qtwWhF7nPwvm7dE79wr69mfCM1X0ipajWzr65/x7gzrMQCd30HB4CbsOlVELgGhmz/JT2rf5DwPFp+GKqC8libyJJnezJnqcxqDJGw1PBxdqGaa/y3rbYVXC5Fa0XfyNMgsm7Ce6ACZuLPVQxIWRASFoMgiJaMMwr91SU38fYK/lRWOA7VEL34HX9B0rrb4Ubzgts/AKDkRAHdqRCB4YIr8QodWB3GbOWCS3/e4lCgw+poQm6yY24uy90Mn3Z8i6p/7Wao5CnAKqSxyfflQk5Lq5yfQ/dpB84T2TvcvAhPFr/n/AsNyVqvW8RxWwku00jvQCv635k7Heqlr481p33yHZvIsNkHGfCD39HzbXdASiHzC6+ApTjs1bcCp8omL5B5QcuTNkYhFxbnCrSYToAzU+AKBBDFCgNOhio2O6dkJaBkx2LEE+7CcVlhJn1NU7/OxoJfpi0PZXrlxvzNMfOkoJxn/567+9RhhALxJVRx8rwNayiKU7t1frxtPNo+86YRF7WbIE6Iwlt9ZEpcFPzo+kSKkjqpo7VhmuUoWfQUAFhx3KkOkEPLw4Sa+jaO9UhcVUnsVEzWNLow7K2FYhIcBmom+cm9Qu6igLYtVFxUXy5iKhYdQBZHJrFKVHJmS4Sm42ffvGDj+lrLNUGCxtXBJ9q1R/P0ml1AAz/IK6P3VTMejuPU/+C84yNKbIgPPZoT1uG+YpX9CVjldf6TN3esGJFYTzGVh861804j0YYqZRlxbws/6+lJ9+ZLejfw+V+RiAkjGm17BDxD7bBfiJ++Dn4wzOOhJ6Z5s9V3d/AhLxuIShQ8Q89DnwgwtuBLQfmPChGVzo8Gh1BSvhreCNt8CJNRhjMDUcqyN3y9TWrakxTDWWpdUAz+MKDVab2S4wojvC0sGAzdiZ7ypFzsCjXbwCVDGeUZ7wvilIuuY10O27vaB5avYXJxKqdEyKGCCkKc7M/1jZxcdW3GvYuYU0DZtQRvO8Z4vHpDho4B+hwG1NEm9zIakfNMw2ZNSuC3IBRyhk3zye10gO77t7Ibi8fHyg35RRJ7/PYKLOOmZRBl4Cpd7yH02wpwVcJTkFwZhJnTYbRll66j1zRPJMOdwz1OOinsrVYW68VF6/jUGzXZXmWMjCRpBIcp4YcD5HAVTIMavtDfLtcUXW/+2jwjZqkY4jQ30qb0RwuUJqQdZvz48jXJB980Nz7/xnrTXbFcvwMFiIpC2hEwgMISAwS7MkiMjVHNQt0EBYvcsZ1DyB3c5PEnjUOoHTUjdar+0G+1wbftq+jQlCwL4nytp9HqCxg52YCyLWyKJS+kCy7THJR95jfeOtC8xKr/QAl2+rv383uS/e/1mNQA8Up7CdQwLs0SFZ9tOQy/xoQpw/5agTV3CXVKk8T8sQhBYnsERbkPCedPLLpoNbkfHgcejpOTIUeCr1d+gDuT6Uqw6uXXgKwwxMPM/ovkHj6Va2Q7jvTjSrV1FlDEVVxg+ow3Dn4Np5rf7CXN/oXe5txKg8mllbdOE7CtXW78w+T8yh9KQW+dq8svwKmknmL7AWdiVhPd8RJ8S8ShRbhibH1AUnjjl4ncTx0BYx/G/nes095zHCgIQffOepjl3rxGXar/JPJHWysX7I1z/6EKbIi6j/9REkR2aJ1FSqUBVabCVwB+qdMG/i/9qLU5O0Lc5P7JWU9JUShAMrJ52am1nlqpn0Oaa6TRPAjac946aBuV95U+/UNYzsz+ob2BLt1Tpo5vJbKhrkHm8O7suUR5xem0MpHMeOiZbyBlsgppIG0wNdAlpSQLwkuFcT8jQ1GNAPscvmrNym3ecWSS+HfKosnCqnMWdL5dzByDzzGS5ZFwna/1I0ytr71XE5sWbj68iJRLwRL4eYCvEWDQhSgYxRjp3b+XO8li1Wou/YuOZ+tY7t2rWeSMnIqRoJFDRmqyZM10UBSwXY2TbzdGBBJ9BP4B5s5jfyW+igrSCpgWX7KuuZnv9sXdE9uHKFQK2KmpJRrsyfYOSMYmZ26LDcyZLlnsXFJzh2Wn9OdMs/a+g4+t9ncIOCNQ7e2B9nDR5tVhQvjpng=,iv:OzC+2Ghg3tso297TLDLKGaUf/KzXQ/ks/qkD114WhUU=,tag:uGYDmPG/z8dkpKKAmr+f6g==,type:str] + client-key: ENC[AES256_GCM,data:SVOx/EueqUGo2b4/NywnYt8clWWSeLCcO/WZn49eTX9jxpcOw0PM9kj11bg3W+dQvJ+KCewbRotkrtpshI+F+iIm1KCNMYN0lWAmgjR5tqqfqsCgaXCQrjGGHtNcNYAu4wPXja7xXnPbS347p6PXSiOMUlQuk0cFo/rTcpGnGNSV+VPDNLxV5Yx1cVy6qX+9/BcXvDkXPrx43Ug1BBYOmWLTvlk32nQVpTjjD97Tl1EDIbrXDDJ4xsS/zvly3z6ylPZyeoQuMKFXo97ajVGhJGOROhqG9R3shgd/KzHrr5mbKA/MrlU5vAQL0PUQwUxbKoCzybDi65Pd6gQiHyJYCM1GvWnxdku9vptNVXeMHQCfyyVWxn2SxXMjG/CNyqSKSflQiylStIUKjxIPE0zMEC+41sxGcRuNe1L6BxyzOPAe95GzaZYbENU2jg0Gg7cdSPjOGI9/I+3GoObud5/8w8+Ezq1FFfYd1uwXz2ER6A3dzbHTuJn4lYZl8ctLJD9dL6vO4AueOZv6we52//RpTOD1k6Zt1lgXBLFrEykfV2gW21iHFk+giZ3dxn81zsEgZmLLm4SRlvdH0JROl2cAmCf9bgYKNd59rL2DE7sAEyHeCLKjqX4hClAGKYSQ+FOWdL2L/QmW0cpdkLSZ7yuf9ZlEQhg77Nmxqtmrz69itoWftf0GtaZg/AtInf35gS83lxkcbbOe4p+2Mme/TYo8Inj3/2hz3OOQQpL/Zavpmer4Zwy4h5SOudPAkSeC692Q997+ERNQSfTnT8acSOJY5aNU3ELWo9JiXJbJEDdONOiROsmyv7VPk4tkGuOdfuYAZNLXsohwKlFcgddFbaCVJL2e1Qho4dIY0c6c3oPg7FO5EMlmq8rKrf9YqfIvfB0p98AE8heIbcHXJj9b+cLtff551HsTpD+PMIyDXr3MbEpnK8XDtdVy0mr6F3EBwDrPUxtgeuhuXKSgrT6vgPmSXblN71OVGftiF3x9UvQ3xHG0AKE5Nbsv5S6czOixeiqG9YdKEWo/GL/cu4Cv3mRI2XFJ7qMnWwvvG6sXzcp+XG4eBIHX2epjCNZ1TVxRWH8U2a8nczQeERT//onahHLsD0/qfuulgi8whQHTd1FcPq3+nV/u4L3oIvN/kepIgUaT6NGhAiTUuwYfBDRUyFk/SSN+A5SmoqaXtQ0D2hVs/LhY++lC2O95WUo40pJxdYWJDRBDVzA9e2FHfWlpElWXtTJG4P51/XT2cLZr355xBB/0nPG5fEcQT352HkXjbXaG8UfON5b8EJsxDBomRU9h0RfLmo6Sj2KR79DIUiMskNUbqC/pQxku5Cgk6xjy7B/sIL7ek0dKfifOTH6Rm/J22qRao00lJNEUnsoTfp6lWRpOhAL8hNa26TioXwLEJm4y7nuEjBbn2MmcnoOPa/KO3Ps8iFvhTG02IAgy8++gfRBX4YSd6ifQLAvNALzLbaS9QlezBOJX9ut9ZQqhOmLcoWEnNN2RcrJ2ior2oz/Vy4a1petQfTIAVSO7dPdHXxDH/RefaxbCHVWIpisv+5kATS3xyYfXXPZLRJbrEhsvxUQUFQ1TfwaRbuW2240V6rvBN1I8QN7HFHrTLjju1wD9NpxXPKXlb4Ua/BR3Eg0XezooSYOs/B37+72Cn4ui972mkbnbePtnifzuUJVgIzKnHdHFwfClHmt9SVKxdO9icxQiURdY+kCzV5uznvxHTf0f2XCy+Yze5GTjBlf4OMnrQuoBk9mfofln94ruEo4NvtIUVlXjxu77j4LYcl9ZegiwM+/Y5XH2SHuaq7KfJH1ayJgnkNvZ+/zUE0uTOJIGH9uv/LS9OTvD6HModlMgq5Sk77XmLu0BJpV68MVJ7DK12W/CWHILU/8hUKohpLpWmp0KPJd9XYzOwbF4kNagKurKXVF7Pp89ooLsoG2nACYC0ZAohGws9sVny8XFmxEcOPqmO1jj5j+Blizei82AuWu2/lQV7mNRTKJGN1AebdvvY3OUn2Ir2D5d48+j7pDC59I7Jk3p5ghGWSZI1l1EFyR/bLyqRTdvJjdwNZxVSC5WvP3HIlMXyyqyfnaBTHmkcX5VBur0ye91iRhNwXmpi5aMZeQhzRYKpiq4cBX5zEkSIfnqGTaqHknHidGXaDaOuOnf/iWHqJ2mEENGZ1u3lT7zhDbDmbjVyrrCQ3ybBs6G2hcPbTR7CRQ+F3qUR2l1SvCx/ksMJPTwUJyFit8yhxFIPPukuL4bFcHgW9i7W4Sp+kCZF1vPJExUrG6UpYJ7Vsm9rSiWA8BqSKBCPFx6nweD/cf6CjVi4v+DM13Q55IL7C+k0rqp4Opt27AqCmxAxjCe+ZR1AFq1LDd0RG2+oYdJ365Nll3xnlZiF+i5Su3rDqbOlsm1S/6cmI+Wu4hPZrm0dP1s1uIuIYcIFkxPyB+jv/VG8OPt11ojujrlLTfscssruA8f/bdZBqhPnMuQojALySLp7hnT1eN1ei0ECXFPrY0=,iv:elOnzTpyIwv49ErwOZRINMSXryBwiwP8Kus83+tAzks=,tag:QN3WdC+TUB01X2p76+ng3w==,type:str] + root-ca: ENC[AES256_GCM,data:FZrNXRgqHVkPcH1QYc+UGRANki2syD4mSvdx3LN5A3aSoQe2x8NxaNv9t6FB9DRTtwY9jM4i4uIWS/0n2j67LrdB/4ftpX1o2CoTQ6K72XzwU4wUlkqIIJSoaB11olJL0yRjTRHihjjswJoEGVfEpnMqYSEplj7cuMHlLJTJq6vNJDJRD769aVK7eFHmbhfZxj58g5kCSrknGcBfJkFH1nR9ONhib/C7CzcJz2vU46XmhHuVOpKojHQzLn9RF8FN61QxinrXmI+tZmmccc63y1HiqOMWj0SuXlpXcNY0/RHS7Zl1oajNTlJ73NC8Nc6yuvvlTgaCM+DrecumHhlK82rmwihWyEmrWJq1Xi+Pw1wjxp+2dW3+w1shqf+rqDUCSwNWHmnVdJOkwCY5e3QX69YHFeS5Aq3rckjNPyN9Nyyhq9bXweMLd74GohMHORVvvklgqn1k0pmLS27+MAUIpiRMjNSqTzqYfBICoYQaIqMV1Y1XfskmWtcpv8B26vrZxTZCl9SEQzuKO19zaJelYd86C9+q3YbB1w682qOw/4frM8Y6ohjfDjquELeqRLVZNPs0RAA4eCqWsEUGgjisT4MaepOSxSug6nhxVX4a7skqiarV9WWaiSIrvSP7O/NKcZgyVYqsj3818Ut7ZmzobUapdiwpojdxYeaofMWDcq+OLVAGBGktq1HoVNO5z+KEbBjhpPzyNvtfHvCsd7GetQ3Nk4pkj6ENL8MA4m7gZvwdZG/u+3rAqhMVxBLGzPl686Mbln7MVhpEos9LNmHOFdEk4d1sdXHzxcgsjUmvFoc0RlcD/wkO2ImvZJZN/hXnEC8hWiUen0bXECVzZql+OXF79ZekmES8XqjddhQ47/8OxgszAPPMtNL1NgK5nQDS31LH9/Q7jDGjdRj4TDSQmHyQuhVTGBC9BBlO4rRvwbndfO5Vv8fo7oRn2kJMKtEoB0PkVKFBReDW4XSkgibWfy4wqpUNoQ8kHkINZM79qdx6zaAQ+6KOawVObd3+WgC0IUKYxNxQCvJOdYyCuGgDgH2iPJIaR2GaUNwFHEwBtGbD/nPelM7Je3xhqfTPUPAsoUWM3sQGo/1Li272RhR/2qZtHIVpyKkJcHa/bcuvByOB8W0V/TlP6FFMPXRk+X/blpDrZiRW/5yTgfDVL+orGQd1LVJojRORPtvNwMJAqN9ZsTO3/bdcUd1bKn5X+wSbepH7pqH9hPcsTHIO7O3T3Bs5YMFUT6zpeu/SDi8vf/KjQwH3sa45PHxQSr8r68onYrsHJl8l65e7RifzsPhSbc1nvHv42b7S8874EuBWjTrQcibM1prxJONg+yJQy7adf4cV5GHZozirMulSxEPAOZ5WqyYgrOkwyVSupT9xhGphT4FYYya0OkNLIl1XmHyb36/qP68fVVHQ37CQpXTqqzvSoWkjFQXb9XF+3erKLQPYNa5wK9RFtffbMrZsDLufR/FXaRPQ/nxN50yxLnjKkGMqM3t10fbztocXIE9Xc+W7qqIwvjstWt8n2p5QjyditH9kFka50HH99G2xO+5jeiY30ffqg69glWrfkys2TT29vIbVd9ljbA4zZwYZ5KyZZSZN47EOBtOe7CCaPJws0zyq+z1JQCYiupKDqRBKv6IJSRY4g+5GS1o7srYng0Llx7XqhGoWXyScP4LElF5sFGvouV8KV/P0P133mxLaAjmHmBxno/16Q+lbIQ0ytgph8OUfLK/lybLCasH07AnPPwAnNfULTKIs5aBS9hOGz//HyNFuoKaOzMPoFxwToIdF7+EvaY0dnsUrvCvxq4lGLwkGfO4ptt6y2FfTUzoKDAZFfd76EVLSQq1gTZ+lXxXK+sYgRT5gZ/EPcZE8sjgINKsOcj1AqcVZm2KvdSS1HE6fUQVm87cgVtEHOT7B5zMnJrFFrdRMSAbxUx4KBv4AzLUEhMyxfKLQm5NH5srvxPsKqhKl71Hestd8cWvJV+SmnU98m18A9Ck1MnjcSsQshuGHPWQGx0s/tkkeScIm/t7D4tbfKWdvN44KTnpeJCAmxO/vI5BOzTerYta0ViiV/bR2a5JtGVLC9yP3Zurk4lfcXNAMYKqf/CjBXRfNUNXVw+k/LdxKLYQCt8F+HBTpqGDdsO8RGofvfFJqM0PQcwf4GbbXFWBq5BsstonXAl/vsnAdcPcKr9KuArr6BHdRvY0HMlpSPMmGeEW94gA7Hg9IFJLTZrwOekg54xAe5KfNfkJZGb6oBU9f8D98zhw0KciHO993gNXeONuQMxVB/n33polT4vBjYOu9FuQQeJ6de94rnObIgpiKhaOCht2HF7s9kdOSN3/h6PfRJ8xI2e/9tolP6g==,iv:8UyU8fVq8YaSsurOOgsKGIAelaxWR7+AITwwf7ts4qk=,tag:K/zGiCthB6Vyh0ijRDxM6w==,type:str] +hsmw-vpn-secret: ENC[AES256_GCM,data:3bKxRGTQcbhRjzARSpYBW5ekQW/U/ixzNiFmO36gw0NKyDMLlbVbJBqXvi71M0GXgmo/FA==,iv:7bVDA8u9apDNXFY/vEMbz/0HywG5Pyrl5JfZrcNCr8w=,tag:xz4j7cEc5hvLwrItWjkx0Q==,type:str] sops: kms: [] gcp_kms: [] @@ -63,8 +71,8 @@ sops: SHJLR3lvdlFiRmJuU25RUHFFTmpjamMKbzycdDvQBAuOiRROTZEQSnaXoPapz73L yVS9EUP25FSx/sGqRqaCefbeaybuM1aso6LDnlomv4Bib7zjugWKSw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-13T23:01:06Z" - mac: ENC[AES256_GCM,data:K/ToZO4sX5l3lWpzB9AIfhQxag/eBF8B2vX9Yfa9ROWYxj+H2YfJQyA2GKCfkXv+h2H6wpKeHW2yiZAED5BKKjPkFG85u4yukWorlB1ozkzQTh7iRDGMVBs5Gj3Xe8GMYKMO/RzAmD6IYAC6kfrigqTIGNi+5p6I+WUf3E05CR0=,iv:bftIZe3R43V+MtpIygG6bHJdn1sFzAH3o1cpdESSvng=,tag:zMOwbk47LLMSfMCyEXAEkw==,type:str] + lastmodified: "2024-07-19T15:08:08Z" + mac: ENC[AES256_GCM,data:qO+vasrxM/YxktZ4pXx6qcpWoXAtM+3BNVkNcXyYWofz6l0dO7fpMpIlDW0d/uFt83aXffqrlRLMZuy0rCGyKuD4FOa1hI9Myx1+AqGsTcUPHn2av939z/VKrc+CcZuzcuWO5uTBlHyTQRpZlvGdnPd1/JZPS3xPm+k232yER00=,iv:v45UbeFQm3z4vPoeF1wqrTdJtDLeOmjTkBpYciT7bAY=,tag:Kordeec4ul1eUmSCO/P2YQ==,type:str] pgp: - created_at: "2024-06-09T19:44:41Z" enc: |- diff --git a/system-modules/hsmw.nix b/system-modules/hsmw.nix index 5cfca01..629a1f3 100755 --- a/system-modules/hsmw.nix +++ b/system-modules/hsmw.nix @@ -1,24 +1,31 @@ { pkgs, lib, host, secrets, ... }: lib.mkIf (host != "NxACE") { - environment.systemPackages = [ - pkgs.strongswanNM + environment.systemPackages = with pkgs; [ + strongswanNM ]; environment.etc = { - # Easyroam - "ssl/certs/easyroam_client_cert.pem".source = ../secrets/easyroam-hsmw/easyroam_client_cert.pem; - "ssl/certs/easyroam_root_ca.pem".source = ../secrets/easyroam-hsmw/easyroam_root_ca.pem; - "ssl/certs/easyroam_client_key.pem".source = ../secrets/easyroam-hsmw/easyroam_client_key.pem; - "NetworkManager/system-connections/eduroam.nmconnection" = { - text = secrets.easyroamHSMW.nmconfig; - mode = "0600"; - }; + # # Easyroam + # "ssl/certs/easyroam_client_cert.pem".source = ../secrets/easyroam-hsmw/easyroam_client_cert.pem; + # "ssl/certs/easyroam_root_ca.pem".source = ../secrets/easyroam-hsmw/easyroam_root_ca.pem; + # "ssl/certs/easyroam_client_key.pem".source = ../secrets/easyroam-hsmw/easyroam_client_key.pem; + # "NetworkManager/system-connections/eduroam.nmconnection" = { + # text = secrets.easyroamHSMW.nmconfig; + # mode = "0600"; + # }; - "ipsec.d/hsmw.secrets".text = ''${secrets.email.hsmw.mail} : EAP "${secrets.email.hsmw.password}"''; - "ipsec.d/USERTrust-ECC.pem".source = ../secrets/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem; - "ipsec.d/USERTrust-RSA.pem".source = ../secrets/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem; + # "ipsec.d/hsmw.secrets".text = ''${secrets.email.hsmw.un}@hs-mittweida.de : EAP "megasecret"''; + # "ipsec.d/USERTrust-ECC.pem".source = ../secrets/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem; + # "ipsec.d/USERTrust-RSA.pem".source = ../secrets/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem; + }; + + + sops.secrets = { + "USERTrust/ECC" = { path = "/etc/ipsec.d/USERTrust-ECC.pem"; }; + "USERTrust/RSA" = { path = "/etc/ipsec.d/USERTrust-RSA.pem"; }; + "hsmw-vpn-secret" = { path = "/etc/ipsec.d/hsmw.secret"; mode = "600"; }; }; networking.networkmanager.enableStrongSwan = true; @@ -35,7 +42,7 @@ lib.mkIf (host != "NxACE") left = "%defaultroute"; leftid = "%any"; leftauth = "eap"; - eap_identity = secrets.email.hsmw.mail; + eap_identity = "${secrets.email.hsmw.un}@hs-mittweida.de"; leftsourceip = "%config"; leftdns = "%config4"; leftfirewall = "no"; @@ -73,7 +80,7 @@ lib.mkIf (host != "NxACE") "openssl" "resolve" ]; - secrets = [ "/etc/ipsec.d/hsmw.secrets" ]; + secrets = [ "/etc/ipsec.d/hsmw.secret" ]; ca = { hsmw = { auto = "add"; diff --git a/system-modules/ollama.nix b/system-modules/ollama.nix index 1635b0b..c95a50a 100755 --- a/system-modules/ollama.nix +++ b/system-modules/ollama.nix @@ -1,7 +1,7 @@ -{ pkgs, lib, host, nvidia, ... }: +{ pkgs, pkgs-unstable, lib, host, nvidia, ... }: { - environment.systemPackages = with pkgs; [ + environment.systemPackages = with pkgs-unstable; [ ollama ]; @@ -41,6 +41,7 @@ # ''; # }; services.ollama = { + # package = pkgs-unstable.ollama; enable = true; acceleration = lib.mkIf nvidia.enable "cuda"; listenAddress = if host == "NxACE" then "0.0.0.0:11434" else "127.0.0.1:11434";