From 19acca7cba91192059f99fa0734b8e1825b56127 Mon Sep 17 00:00:00 2001 From: oddlama Date: Wed, 21 Jun 2023 01:35:41 +0200 Subject: [PATCH] chore: remove microvm local wireguard if not needed --- modules/microvms.nix | 56 +++++++++++------- .../proxy-sentinel/keys/ward-adguardhome.age | 9 +++ .../proxy-sentinel/keys/ward-adguardhome.pub | 1 + .../psks/sentinel+ward-adguardhome.age | 11 ++++ .../ward-local-vms/keys/ward-grafana.age | 10 ---- .../ward-local-vms/keys/ward-grafana.pub | 1 - .../ward-local-vms/keys/ward-kanidm.age | 9 --- .../ward-local-vms/keys/ward-kanidm.pub | 1 - .../ward-local-vms/keys/ward-loki.age | 10 ---- .../ward-local-vms/keys/ward-loki.pub | 1 - .../ward-local-vms/keys/ward-nginx.age | 10 ---- .../ward-local-vms/keys/ward-nginx.pub | 1 - .../ward-local-vms/keys/ward-test.age | 9 --- .../ward-local-vms/keys/ward-test.pub | 1 - .../ward-local-vms/keys/ward-vaultwarden.age | 9 --- .../ward-local-vms/keys/ward-vaultwarden.pub | 1 - .../wireguard/ward-local-vms/keys/ward.age | 9 --- .../wireguard/ward-local-vms/keys/ward.pub | 1 - .../ward-local-vms/psks/ward+ward-grafana.age | 9 --- .../ward-local-vms/psks/ward+ward-kanidm.age | Bin 418 -> 0 bytes .../ward-local-vms/psks/ward+ward-loki.age | 10 ---- .../ward-local-vms/psks/ward+ward-nginx.age | Bin 414 -> 0 bytes .../ward-local-vms/psks/ward+ward-test.age | 10 ---- .../psks/ward+ward-vaultwarden.age | Bin 439 -> 0 bytes .../psks/ward-grafana+ward-kanidm.age | 9 --- .../psks/ward-grafana+ward-loki.age | 9 --- .../psks/ward-grafana+ward-vaultwarden.age | 9 --- .../psks/ward-kanidm+ward-loki.age | 10 ---- .../psks/ward-kanidm+ward-vaultwarden.age | Bin 472 -> 0 bytes .../psks/ward-loki+ward-nginx.age | 9 --- .../psks/ward-loki+ward-test.age | 10 ---- .../psks/ward-loki+ward-vaultwarden.age | Bin 473 -> 0 bytes .../psks/ward-nginx+ward-test.age | 9 --- 33 files changed, 56 insertions(+), 188 deletions(-) create mode 100644 secrets/wireguard/proxy-sentinel/keys/ward-adguardhome.age create mode 100644 secrets/wireguard/proxy-sentinel/keys/ward-adguardhome.pub create mode 100644 secrets/wireguard/proxy-sentinel/psks/sentinel+ward-adguardhome.age delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-grafana.age delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-grafana.pub delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-kanidm.age delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-kanidm.pub delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-loki.age delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-loki.pub delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-nginx.age delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-nginx.pub delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-test.age delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-test.pub delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-vaultwarden.age delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward-vaultwarden.pub delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward.age delete mode 100644 secrets/wireguard/ward-local-vms/keys/ward.pub delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward+ward-grafana.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward+ward-kanidm.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward+ward-loki.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward+ward-nginx.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward+ward-test.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward+ward-vaultwarden.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-kanidm.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-loki.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-vaultwarden.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward-kanidm+ward-loki.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward-kanidm+ward-vaultwarden.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward-loki+ward-nginx.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward-loki+ward-test.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward-loki+ward-vaultwarden.age delete mode 100644 secrets/wireguard/ward-local-vms/psks/ward-nginx+ward-test.age diff --git a/modules/microvms.nix b/modules/microvms.nix index e5dfa8c..ac46b9b 100644 --- a/modules/microvms.nix +++ b/modules/microvms.nix @@ -12,7 +12,9 @@ }: let inherit (lib) + any attrNames + attrValues concatStringsSep escapeShellArg filterAttrs @@ -173,7 +175,9 @@ # would not come online if the private key wasn't rekeyed yet). # FIXME ideally this would be conditional at runtime if the # agenix activation had an error, but this is not trivial. - ${wgConfig}.linkConfig.RequiredForOnline = "no"; + ${wgConfig} = mkIf vmCfg.localWireguard { + linkConfig.RequiredForOnline = "no"; + }; "10-${vmCfg.networking.mainLinkName}" = { matchConfig.MACAddress = mac; @@ -194,16 +198,18 @@ }; }; - extra.wireguard."${nodeName}-local-vms" = { - server = { - host = - if config.networking.domain == null - then "${config.networking.hostName}.local" - else config.networking.fqdn; - inherit (cfg.networking.wireguard) port; - openFirewallRules = ["untrusted-to-local"]; + extra.wireguard = mkIf vmCfg.localWireguard { + "${nodeName}-local-vms" = { + server = { + host = + if config.networking.domain == null + then "${config.networking.hostName}.local" + else config.networking.fqdn; + inherit (cfg.networking.wireguard) port; + openFirewallRules = ["untrusted-to-local"]; + }; + linkName = "local-vms"; }; - linkName = "local-vms"; }; }; }; @@ -338,6 +344,12 @@ in { description = mdDoc "Whether this VM should be started automatically with the host"; }; + localWireguard = mkOption { + type = types.bool; + default = false; + description = mdDoc "Whether this VM should be connected to a local wireguard network with other VMs (that opt-in here) on the same host."; + }; + system = mkOption { type = types.str; description = mdDoc "The system that this microvm should use"; @@ -350,18 +362,20 @@ in { config = mkIf (vms != {}) ( { # Define a local wireguard server to communicate with vms securely - extra.wireguard."${nodeName}-local-vms" = { - server = { - host = - if config.networking.domain == null - then "${config.networking.hostName}.local" - else config.networking.fqdn; - inherit (cfg.networking.wireguard) openFirewallRules port; - reservedAddresses = [cfg.networking.wireguard.cidrv4 cfg.networking.wireguard.cidrv6]; + extra.wireguard = mkIf (any (x: x.localWireguard) (attrValues vms)) { + "${nodeName}-local-vms" = { + server = { + host = + if config.networking.domain == null + then "${config.networking.hostName}.local" + else config.networking.fqdn; + inherit (cfg.networking.wireguard) openFirewallRules port; + reservedAddresses = [cfg.networking.wireguard.cidrv4 cfg.networking.wireguard.cidrv6]; + }; + linkName = "local-vms"; + ipv4 = net.cidr.host 1 cfg.networking.wireguard.cidrv4; + ipv6 = net.cidr.host 1 cfg.networking.wireguard.cidrv6; }; - linkName = "local-vms"; - ipv4 = net.cidr.host 1 cfg.networking.wireguard.cidrv4; - ipv6 = net.cidr.host 1 cfg.networking.wireguard.cidrv6; }; } // extraLib.mergeToplevelConfigs ["nodes" "disko" "microvm" "systemd"] (mapAttrsToList microvmConfig vms) diff --git a/secrets/wireguard/proxy-sentinel/keys/ward-adguardhome.age b/secrets/wireguard/proxy-sentinel/keys/ward-adguardhome.age new file mode 100644 index 0000000..08c86fd --- /dev/null +++ b/secrets/wireguard/proxy-sentinel/keys/ward-adguardhome.age @@ -0,0 +1,9 @@ +age-encryption.org/v1 +-> X25519 VczE+OsT7Zya9rBR65dI5xm9FbO2iK14HV8qLB/wV2w +RSnNlXpkqJ6STDMSy+0BHjsYHR7YdMsDyOt6PVYFYxk +-> piv-p256 xqSe8Q A+jwRnWsBQca7hXebaSyKrXHd2ICnvw3X94Q0Mxe59pt +TJL+yvBvKQPSLll/ctZyz7Y8ntocPebBEl+IJDhE10A +-> ~-grease +32CCgSQWq2oLMQ1FhitTfzoSd+8qezti +--- Azc3CtkmP/6VjOJBqPKMTmQa1znxJzHMTua8vHIsClM +)[ޞqs2x3τՐdC?/R dJiw6C$T[tY9VJ4~{m 72O` \ No newline at end of file diff --git a/secrets/wireguard/proxy-sentinel/keys/ward-adguardhome.pub b/secrets/wireguard/proxy-sentinel/keys/ward-adguardhome.pub new file mode 100644 index 0000000..463cb52 --- /dev/null +++ b/secrets/wireguard/proxy-sentinel/keys/ward-adguardhome.pub @@ -0,0 +1 @@ +UEPxia5t/CEZa7V2DeWBrCAwzKXB6lwJXCr+ZTjqE0I= diff --git a/secrets/wireguard/proxy-sentinel/psks/sentinel+ward-adguardhome.age b/secrets/wireguard/proxy-sentinel/psks/sentinel+ward-adguardhome.age new file mode 100644 index 0000000..d6df672 --- /dev/null +++ b/secrets/wireguard/proxy-sentinel/psks/sentinel+ward-adguardhome.age @@ -0,0 +1,11 @@ +age-encryption.org/v1 +-> X25519 xeAabZlGUTMQDnQPL3fi+IBAnPxt5GXyfz8SnYI+/kE +YBpu6a23WMTh+db/7zcSqdPP/lLzY2LG/2VKArXQS7s +-> piv-p256 xqSe8Q Aoac6u3HAfBUroc4ZHRLVulBlk51ugPP/ZS3RD5a5a7x +CLztuOf3ImKoGGHoFu+8vCVJxystyl7vM+sgvu8e4I8 +-> bk:\01W-grease jC 7kLh(`e ]><&#N^S +S0DHVlbf/gS6trRCuidFQzycUcA4T82nwrrZj6gHC/bx2A7IUmp2MGQSYjdFWiXO +p15kMneA5s5MdXs5LLnGQU3CFiXAGHIm9E5ULN042DB0yuLQv9/qFXzKAKmDcEVx +EvE +--- j+2MYGrV0W9A3AzlqRJia/MI0pa5wAfR9DF1WZqGL7I +O/Q5mՌf L$fk3d /sd@ߖMsvV!$-1 \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/keys/ward-grafana.age b/secrets/wireguard/ward-local-vms/keys/ward-grafana.age deleted file mode 100644 index cd5277f..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-grafana.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> X25519 1VMVSzcANsteZ4hAHqn/TJJcEU1jqj2m3fgY6SNe1Vc -w5a7A0Suk4RHNVUbqdLnodZf5qPmAd214QtOqHLMFU8 --> piv-p256 xqSe8Q Ah1xDNBFPyADUPmDyZn1nrdd1etkCGCP9k1FVzO2ax05 -SLRXGnfmBI+MucpBj5IhdCLOSCE+VdEsVGJrV8Uno1c --> Bk(9k-grease -X7PFQXIU0w0BA4i39o/DvXD7RvSI6a/19qbgDus8QspP2zizCYLRiir4GC/eEmbx -naZ8rbadAiqF33d9TJjt0GHLAKEO41LLag ---- S9BGD+Tn7zOwdYaOL6bxMJg+miYxMClrfVYF++N1bT8 -YʾS/O} `̒GStHg/cѻɼ+G`yO2-eS/.ij$ͳK \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/keys/ward-grafana.pub b/secrets/wireguard/ward-local-vms/keys/ward-grafana.pub deleted file mode 100644 index 029880c..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-grafana.pub +++ /dev/null @@ -1 +0,0 @@ -JhRPg09Lsu7OJ2YpyZHD+/KaKYT9xHJ6D8Ljhwa7JXU= diff --git a/secrets/wireguard/ward-local-vms/keys/ward-kanidm.age b/secrets/wireguard/ward-local-vms/keys/ward-kanidm.age deleted file mode 100644 index f19c451..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-kanidm.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> X25519 fh0OvxTr6Zttk6+VAI9c4Y9ann6FIkTmBvC7Y82SrxI -Y6k/ZKI7a1J0/hcPrPdl25l6takAd//omssdtLinYlo --> piv-p256 xqSe8Q AjohzpU4WsG47TdoKLAUQ38ebUvlFSh6HK+tpFIa8XiD -OIBdk79gYZCYn6Cpb7g/wYMdiP2f244nGfkuhHvtIdM --> PvW.-grease M`]UA5 5e} %97ce -IC2uBMgrkvgSG7PDF7sNIA ---- Ewa38w9RjdbGnOTGDW9Np0S5URA9FP1vLSm+5ewr0vk -mV.蘮iLA`fL1hO@V=.l` ;Ŵ=/YڹJß+Waz \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/keys/ward-kanidm.pub b/secrets/wireguard/ward-local-vms/keys/ward-kanidm.pub deleted file mode 100644 index 8e72e4e..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-kanidm.pub +++ /dev/null @@ -1 +0,0 @@ -utKdEpCoObpQQBsgTdHo9ILebtAmky2ODzzvyxqCNGU= diff --git a/secrets/wireguard/ward-local-vms/keys/ward-loki.age b/secrets/wireguard/ward-local-vms/keys/ward-loki.age deleted file mode 100644 index a341789..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-loki.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> X25519 O1NBBwVWvWhnRLKR57Ldnm++nsREvItUx7y3CoYbyDk -qzXlz8hM1DkmUFC660wNlyxIBSODgM6k0PlA+iDcvZw --> piv-p256 xqSe8Q A7uxodKTlFBlNpZQ+9IV8uoIfMkIDLvfe1R1bLN3e8CQ -2JrmKsJhDqKPmDLFTYCGCvSX3TCMsYkSLm97YMhTTEQ --> =`3-grease 9\-*u:1 BN= lECLO U+:8 -u8vyFBLzDcpmLIAXUy0NpiR04hdO4N4tdmjs9YqeUTYplSc6ydvuk6g1USSD6xBF -1xuMyist7OXPZfvIK87O1WiiNOhIc+cZBososRUlarwSa6/QP++mj30 ---- 6d695xfRviZx/RZ8PBoOxviqgq7yQ1wSKimRfdn52WU -TyT7'G&ZK06n[Np/)Rх<%d;µD.YzK߰.HXs \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/keys/ward-loki.pub b/secrets/wireguard/ward-local-vms/keys/ward-loki.pub deleted file mode 100644 index 50cc011..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-loki.pub +++ /dev/null @@ -1 +0,0 @@ -fw4acGjuoFWZxA3RIwFK28N1apOM1RTueQJvqAzW4B0= diff --git a/secrets/wireguard/ward-local-vms/keys/ward-nginx.age b/secrets/wireguard/ward-local-vms/keys/ward-nginx.age deleted file mode 100644 index cd1d621..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-nginx.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> X25519 +S2DEXP2FxIlF3HeWNul/QHE4fuVwv7ausZO8C1Yvko -USoULC2zp6mkLEGQFc4ELAotOQkq85yjfC3ImZQe6g0 --> piv-p256 xqSe8Q AuVsMp2nyVB5I6ae7X4rnTT6gH/AyOwkVH5C8qRzenCu -QLdaqASucS24wx5LuoFVD+LBdgsd+wGITMhJBOCrqpY --> z&m(b4Nw-grease ,&}.>' UWDXz -adqzHHC2X08jrZz0h0y+MuJHM6/kuSUNad8+19cY88IRTF2ujQnoDVDS ---- 8dc8Ta84I8RY7YGIcEuZStaEncGXv1uwJw2ncy3QgtU -r}jEA]W4g3A"Ȥʚ -ru3_E /ztKߔ݈I/} * \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/keys/ward-nginx.pub b/secrets/wireguard/ward-local-vms/keys/ward-nginx.pub deleted file mode 100644 index 478d9b8..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-nginx.pub +++ /dev/null @@ -1 +0,0 @@ -Zs0W99JiuCv1F3NMTp/PcMBrt1bzWttJWNEh00Freyw= diff --git a/secrets/wireguard/ward-local-vms/keys/ward-test.age b/secrets/wireguard/ward-local-vms/keys/ward-test.age deleted file mode 100644 index 3d09ef7..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-test.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> X25519 whbY47wmwEeXqdKJ7MwjiyAIDpj+fruueMmPTEgnJgY -Z3QdAcWt5mkB3eWZeNkq0eq+UJ5DjL98uciSXb91pVg --> piv-p256 xqSe8Q AxUBFcdy+TQ/aXS8/1dZWQxbHUbPdjdm6RcM3vyj1qxB -huH3sE7CutLMnL2AA7riZLG2q7vfKHq1yw1cCWIUcGo --> _-~ X25519 QhMKv/vatS9aasHJC2HyElb48Ge4v32ui8D8WjuWmG8 -sqq3AAjc2/daHzwrB3eczjl97UupH/7z8JP+iBcwV48 --> piv-p256 xqSe8Q A+h3Xv+Q3aaCcOk2P21RbFva28uIBru0ygvgbDux2623 -RxWTuljV2p12ppqGJXZn1K/WrfQXglDRkaPYaYupKmQ --> lW=F-grease K1G) ~`6k E96)NYBZ -6cTJrhmLT13+g9X4Yq8 ---- NUlUtQ5p4wPVHeP6v80ItUv7+IHggcWboLTpaeHGBMw -H:ML,2 c bgU=y~8^*t4Q$rBKBɥc };]#K] \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/keys/ward-vaultwarden.pub b/secrets/wireguard/ward-local-vms/keys/ward-vaultwarden.pub deleted file mode 100644 index 8fb6c63..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward-vaultwarden.pub +++ /dev/null @@ -1 +0,0 @@ -KABWFKtu7ZgyyDmLRhtdY2ffjBZ+vcpdAd2FscvLZGc= diff --git a/secrets/wireguard/ward-local-vms/keys/ward.age b/secrets/wireguard/ward-local-vms/keys/ward.age deleted file mode 100644 index 9b755e0..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> X25519 Zfuwveyf86nRchq2VM9pUX2GpEJ7fOCD8S/ZpgnohBo -cTqLLXd0WDjeUw8v3Zi7tEu8AuHqGMouNNVMBvDSz/s --> piv-p256 xqSe8Q AhkBYH9xbuiZzDEEPZKdI+b8cRBwpFynKCcG27IRcxeP -d7JvnhavlhklbmkUna76PL6E+oVVNl8AQs+Y2XgWOLM --> #+BWuCW-grease -y#r [YV T?;fL)t^ lrGksIs -PWmuTyDWS1KmdmgKW3B7ITyE6Yl/Vb2cTggzNr2rDQ ---- xHLh9TYKLUEcU+rYSNyUomo0H9bNx92gC1To/qTAav8 -iENdc Mf' >:;ݗmx0v'YY(dV]rPVϊdÉj,Nr&C \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/keys/ward.pub b/secrets/wireguard/ward-local-vms/keys/ward.pub deleted file mode 100644 index fd32d3f..0000000 --- a/secrets/wireguard/ward-local-vms/keys/ward.pub +++ /dev/null @@ -1 +0,0 @@ -E5VkPLuSW3IJ1fK3FerHCfPc6xyTzD7q8D3AATmWME0= diff --git a/secrets/wireguard/ward-local-vms/psks/ward+ward-grafana.age b/secrets/wireguard/ward-local-vms/psks/ward+ward-grafana.age deleted file mode 100644 index b0e3939..0000000 --- a/secrets/wireguard/ward-local-vms/psks/ward+ward-grafana.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> X25519 l+Kx2WdyZAcXw1khpjWLlp3i0ZGsL55c4uglYcjM8lg -X7K6tEd5ShwZTV77QJGOUze5xqC7h52p/sgxdYjd+Hw --> piv-p256 xqSe8Q Almjk6hOZRvyUCMKI/zvfBxtiRHkeJ0osoqhgkNKJwWb -zICEosfjzSTe4KF29PpxpUiEb3+U7tSVgPd6DBGrTF8 --> ZiQW'-grease f cV -hIn+gaL0Gga0VyVw9KFhgc/tIrleJnE ---- rtrMiXdLfW6uqYP8F8OUPGxJxiBV2L7x4/6zQk6MbVo -+f>>Ø1d"duNy=ѭtf+_m=)* \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/psks/ward+ward-kanidm.age b/secrets/wireguard/ward-local-vms/psks/ward+ward-kanidm.age deleted file mode 100644 index 774b6dde75974a17628727b15ec06a852917e56a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 418 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR2FFfuhYv{Wc6am_IfDR*)7GcOD*HApHC z$ahUQ$}h?{OpNsQu`I}Qj`S%m4~z0P^5u%i^$1T-$~3kx*EY?~HZjey$S86R$j*)Q zwA8NfH7HAU^$fBw^78Qw%?H^~kXfc%U}S2hP*E71Y7wa5Xi}IGRPJF|m2X+@>zi9z z>S|<~lkQiV=2;XHSec)a=UDEZZs3(%5s{nC<>%v_=@D)j>Jk{}TICex>y~L$;^FV= zR+MEJ74BK->y@2U;h$e+5LFxrvP(JN$~(b7SvS2XHL*BV!Mw)a%bd$KqpYGhwaUFJ ztk~SBsx-F~hys&DS8qpensQ(mmAA**G!DE6SB?Cu8Ot56^|iPTyrc}_`#xy znH44O86P+rBa#GTc$OH}u8M3tQ9#y99cw&%0`@Hmzpc Jkg`Vj0RWkwlJfun diff --git a/secrets/wireguard/ward-local-vms/psks/ward+ward-loki.age b/secrets/wireguard/ward-local-vms/psks/ward+ward-loki.age deleted file mode 100644 index a277ab1..0000000 --- a/secrets/wireguard/ward-local-vms/psks/ward+ward-loki.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> X25519 rW9QHscgqpdm+lcxeBwmYXf+Xh9+0mt7wfEcZlW+Wk0 -qbp2mKScdG+c+cCsjFOd3vSeFK5Ubg7SctLBYPGfdC0 --> piv-p256 xqSe8Q Azz0X6lwp9Tk1Rh4NWaV2jJNvhUyls/eDQdykqMBMtGe -Isn+owms8+HeTuE4iDqScC0EqlcHEQS5cavBvHc3nmM --> t6ik'-grease Fx[zHS (=r V,5^F7& \Vij,] -syd+RpzGO++6gQKMmHRrt1RQQSJuR52z5Bbzd+Op5fQibQoGEfTEWAqjDlp+9Rm5 -nwVsEJ6n8blUfPo ---- 75D6UhGrjkmbYzJt11ucaFYj2sGqtOTj5jY8CqlR25Q -q8fwJMKRHB' -պIyxɑ`4}POkZKuu/G(a \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/psks/ward+ward-nginx.age b/secrets/wireguard/ward-local-vms/psks/ward+ward-nginx.age deleted file mode 100644 index 27d85ff242c376858656c36bd832da881674c239..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 414 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR2FFfuhYv{WcJa4hjMH7W@y$~R7_NXp7g z$@Xv#NlVrb3=J?(aSX0BEiOuS4k$6MNaxBoDRYcUjdaluaI5gkET|04Hx0=*tTagr z&JPK5&+sVq2@fdGs>*Rp%Lmy|kXfc%U}S2hP*E71Y7wa5SQS-}m*QjU>S7U5S(feX z@8*}EUgqmmV(es@lIK=r9`0sPmf{`h9px7qkX4aa z>>F5SoZ%DTm=u(mW9aDPm+23-%Sp{3S6?^1C^fM-RUuj-u29Ffur5|jp|UVdoy#XT z)x4}M%iY8!BG@R%H_0fxGA+j=KcK+V(}hb{S63k|GtH$kqO#P`H!~^SEl@io!Ykd- z)h#_cBQPh>)5tQYQr{=vEu`2mIgsmX{DG#^@(VUgw3(a@ X25519 W2AeVTtVkO93zSxX59GwhBy5NwRacz6w0dEk5JptS0Q -QZfGRkvYZjvWoK64RwH/D1pSm+Q5Z/bWa+wCiStim80 --> piv-p256 xqSe8Q A5ODsP5r/eJxRYohpCeC/os0qx+HITx9coafiXkO5aCY -Lfzy5uPK315poUK59pDa9UsyjzY0bf94BvpJQC4qAEQ --> mF-grease d w /I6vG!UZ 1fNC -QAvTqQEf64QZ9WPtav9CjSYIx8UjIHOMdaPyzKG8OaYa6d8QsrTog1OP7sqJemmE -+1gSHFORe7ofpxrzCFE ---- vbL5PR2z5571aWqnQ6+6Vk8Ni11SDvWtH8dl8i3Z44k -Hl-bS_ /*B+f_̹娛Y/_ߡϾDC\I!{[Yp^ZG@ZE)Nr \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/psks/ward+ward-vaultwarden.age b/secrets/wireguard/ward-local-vms/psks/ward+ward-vaultwarden.age deleted file mode 100644 index cba358ac0264cd14cf08347fba7f749d8b20b033..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 439 zcmWm7yKd7^002Vy+8GHXSeU9V42XdRHrRj(_58rG5F}t=Csnj|!=M=^h|F6UaSNZ*EZgGo z$kPhQ*Y+gOC1uu~8nA-?FsU0-xxYB@Lc4VJnv~;^k+HEd(j=y5u4dH_vQu+L95-5RI z3h_pBg2TR};+*#2{t~}hY-7kPmjYFrV?UmNq&3enDYisMw)AO<7%hmDhU*!o?Y0J) z8F1;`%i*ZN2!g=Psc$hL1V7|!KqD;VT`S~dAa{Aw5EFx~+I@aWVTaDc`4+hS z<;tV&L$uL*_vWVm(*1t6dHH($@%YvH@%xi|KYtt_-F^GZ{rlm<#iNtYo0p!R*?&6U Y$bX-njh+k+o?qM0Ui>~ief{;ue;R0<6#xJL diff --git a/secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-kanidm.age b/secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-kanidm.age deleted file mode 100644 index 9b09e50..0000000 --- a/secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-kanidm.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> X25519 0rM+VxBb/RV2VTW5xCQEsiKcEavMhS84MczYVNu3M28 -JqY5QAqkTOe+DPTcQ+hE8VyydiuCTB/oMfybJy77nTw --> piv-p256 xqSe8Q A7YPM7afy7jQlOjLSGnRZxM1Lpjq/MIrE/Re/eXvTWLG -DVs5SmBiriP1N5Ao/JZCW4kMMsM5Pn3GZq2wGEUIQ5Y --> WkDB[!<@-grease NA %r x ?p8%w^w -KzfsXKRvSOnHZCqBCNA ---- 0nKf16DM2WX3m8hCsuXJhepeoqW4ijIFDvrS7j9RUuI -83x0"~<1+ٔzb՝=$-\ wu})tR5T78Ъ \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-loki.age b/secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-loki.age deleted file mode 100644 index 14a8c04..0000000 --- a/secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-loki.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> X25519 uqBWvpQ8DR8aQY2r3Vhw6axyVbKmgXvEXFLZuM7rA1o -+uCVaGfiloQOtRdJXkqi3DmyflJxCmnHBdTd8i+Pafc --> piv-p256 xqSe8Q AoCH6+psiFFiq55UYRSO1xsTxDAbspFul9JLvoa15kwp -6jgEbmnQtGkajeVOOVcna+3lBwWn9ugUAOueJ3xHMpo --> z-grease n3dm|_ '/E`@% H -85u5GUpIwcbSPBPN9Kulccacf9/mWWvIHfTb ---- feOoiwcKK14ARe6JX6Fgn8mql8i6pQ9D8RLo5VF13VI -&L)/ʇ^H,bNKE8 M߀Á1s%Bdgr \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-vaultwarden.age b/secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-vaultwarden.age deleted file mode 100644 index 1f377e7..0000000 --- a/secrets/wireguard/ward-local-vms/psks/ward-grafana+ward-vaultwarden.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> X25519 +9XaBavmWqwwDxFFtVwee/8rKza1JHZ0mSK90eY+r38 -WQnmfsxNRISCQ5pTIptSXdonwTU14z4OrQkldXBxEBQ --> piv-p256 xqSe8Q A0Jy6YUqXxVwFDwsamsMoUGK0Un/AtE9Ku5s3gSnicax -YjYo8ybAvbrTdCnAWQa46sZ4qP6Z7JJHXjDgye4e+GQ --> i-grease W?" *Ry# Y{bH" E^Qy+Ls -ds/OM23+0bJHIIH5W5rdZjG+SU9QWq2OSWhqLEU ---- 2S/2SUwFjSZnQoM0IOKJf/OMyMbsUydgw3pat3bV36E -+}ȶ~LO|74WYiv:2.GH_mal²~Hތ#Y ޹f \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/psks/ward-kanidm+ward-loki.age b/secrets/wireguard/ward-local-vms/psks/ward-kanidm+ward-loki.age deleted file mode 100644 index f47879f..0000000 --- a/secrets/wireguard/ward-local-vms/psks/ward-kanidm+ward-loki.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> X25519 UnfKesPLrwZKz3l1tgw3u0eSpH/znFoeEtDJMkBzz3E -SdRp4/E0e54l1P9f7/qh6Y/FT3AItVnNyu+z+IRE91Q --> piv-p256 xqSe8Q Ai0cV8qTPFWewQC9MDQUm5pnKUa2Vkq1CwbWcpTURxOj -56B02YgriclCJMU8qT8J9auzEAi2dQFrYZwCSIny7Lc --> PS-rC-grease kf8 Ri>B -yrzDq1oL2vHsqwzYr5I8nV+oC7QWnGWDMLVe ---- L7Jd7UDHK8K1mjVqv25iOui+8jbVx+fcd3Bp0aqFstQ -{"qKsqˠ|?' 2 -S]jW2NM;h`񰕠ژ"*exy \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/psks/ward-kanidm+ward-vaultwarden.age b/secrets/wireguard/ward-local-vms/psks/ward-kanidm+ward-vaultwarden.age deleted file mode 100644 index c62dd8067f17fdd7c217dd38566209dfcfa96b7d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 472 zcmWm7yKd7^002-JYd)Zrx&(;@MeeQb*iKc1l*YME;zx4h*iO7u!EyYI?bxyLRoNIL zvGfa&5J*T2u#|;?0VEh05JIRk9lHTTVL&}UaAvMUIqzLkUZ9=mw zbx`wwDpG^)A{*Fwdjy-I!t1c(Ekk7b5d{z)VO%)aZ8h^8p!Y1UwPb(sweJ~HN$Kq?#&Ew zZ7w(_-OQQg4q-sr^4M4|%1i{hSD&}X`xH!gXyx^8xt>DZbhGTJ&kmTDEsg1J!g%xc zw2X!lH~>YDSS;73gg8M%)lybP+SMyK5j{T$6iLOEtRR9U$r_kLVdC13FY~5S$}OBS zdck`g_oxbntuRlG2h(UD`&OevJbre1<21HE{`h?&Y%b3CjIB3cmgnY^7hjJ%zg}M5 y{eHH3fB6<(MY8^B=jr9G!_D^U)uTVJpMTrl{JZ)0V&~oG6XxgHoe%eR!PbA;9jIUc diff --git a/secrets/wireguard/ward-local-vms/psks/ward-loki+ward-nginx.age b/secrets/wireguard/ward-local-vms/psks/ward-loki+ward-nginx.age deleted file mode 100644 index 5d55211..0000000 --- a/secrets/wireguard/ward-local-vms/psks/ward-loki+ward-nginx.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> X25519 tsXV4JtgAA9LV20N0kSAJsjjryQprw6ZPk7WHRd/RxM -BCBtOXrX3S4M6VhrxEu/jqd0+NK7u0yihfjPNWMAetc --> piv-p256 xqSe8Q Au8WHiiLnTKqaifTsfng53Wrhx0gOYUTnGntqb6TQ1u8 -54l7G8toHQ6xQr2e7L/NG2D/nGsoAiaQeMmMU0NNM5U --> ]VC-R^ya-grease 7UGA{FS L '/;3i cb -ThjXpck ---- l3wNdfGj/93+AZvU9Zbm0/FsRX/yI+i/ra8FGsXcGi8 -^LÛ.9|v(:#71" ᷇JɚS{~JJ!a]:|9s%ͨ$-> \ No newline at end of file diff --git a/secrets/wireguard/ward-local-vms/psks/ward-loki+ward-test.age b/secrets/wireguard/ward-local-vms/psks/ward-loki+ward-test.age deleted file mode 100644 index a2290ec..0000000 --- a/secrets/wireguard/ward-local-vms/psks/ward-loki+ward-test.age +++ /dev/null @@ -1,10 +0,0 @@ -age-encryption.org/v1 --> X25519 EwXeZd0IpklL9wc+XfGvgNo+KW7aIeVQ20xK8gS7GUE -lRs4jMx71JTMaU3goAZIS6PUniF1PgRblh/XambNBgI --> piv-p256 xqSe8Q Ao1nUGIKQowWKh2HJsRomf8ppqm6d1LRlmkNycdy60RZ -R5hz4JFxCGsg0XffMHRp9WiKgAkgLdLjWL0cz7gvCbc --> gqa#.-grease = -YchB+M/TWA53+KFNwlzS/Ogiaq3UEen+vf0o3g0Q2VCSVQ ---- ILPRvlvwoVUWYi5S2r3HGgFwAmU4Rc6rEgHqFI5RjF4 -7 -.]G|eRyL1p0w`wJV#AvlH"CfԱ-oѯ«+g0#'(hltCRS4>?BGT%7O$E zVqqc-3~Y$sfYgBjF|}f1U_pY7ff*`&`!__8fU%!1(=trr-6Th3)x?N>+@(3LDd3_w zIAWQotHel-5+-Xo0kWc+8w_izr!yX4?^Cn@LMQ_)LJYkuNhyY@X$Oj9bM8DD=QG*T zD~(w>j-pn6=~WIpy&Tf8B2t=b;ft&fd4P+l83urxO9k{(#;k*!o3Qd^!MDh`ZOK(2 zs?ec2zN4^941`mmHf9pr==Nu0zvvbcARqLkf!VO_qfv_=>jlgrPYbGqj?7e z%Hgnpc(U$2f;^tC|J&QSi{GR56HV|i$s}W=K^JysFbvym#f^Y_C!o{`uNY&p)Rio4 zH#<$ctTUhOLXu4uRNHURk}7G2=uNRI_1I(XkRjO`BM1VI@=>NG^TLAsLsQ}H%m8jF z=n)!FtyMA-C!|OUeJZb3HRi78HynqwmPaq2T}k diff --git a/secrets/wireguard/ward-local-vms/psks/ward-nginx+ward-test.age b/secrets/wireguard/ward-local-vms/psks/ward-nginx+ward-test.age deleted file mode 100644 index 1d66e76..0000000 --- a/secrets/wireguard/ward-local-vms/psks/ward-nginx+ward-test.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> X25519 95jd7mMbmilIpQbvDmu48FfMFZZbkioExF8KTw3fNXI -CxWXmbD6kArjmJ2Y4lYVcwaQghWyJzS6DsQ4djspUf4 --> piv-p256 xqSe8Q A13AOGXe31ASOihylki3jl8xCxp2bh2lYnzQC44Rbe10 -+R8gYDIFyANNPLvdQcq8+67dy+tFcVqS/7rYAbN7pz8 --> 6q.AXp(-grease -GJOOcphfNDKW ---- E/iTzPRKqfS52YBWVcbVAak5koIxmdanzTXRt/5MZnM -۸6Wn?W}7Jp[Bo|T:T]YkBo޽6zqV?+ ^M*/  \ No newline at end of file