Compare commits

...

6 Commits

Author SHA1 Message Date
Xavier Morel 08d0911ab6 feat(authentik): update authentik to 2026.5.2 (from 2026.2.3)
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 6s
2026-06-24 21:53:34 +02:00
Xavier Morel 16eded0455 feat: updates ? 2026-06-24 15:56:42 +02:00
Xavier Morel ab98aeb897 feat: add groups to authentik apps + add mail base
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 5s
2026-06-12 21:36:07 +02:00
Xavier Morel 1ca2c038e8 fix(auth): fix authentik redirect_uri for proxmox
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 5s
2026-06-12 19:30:40 +02:00
Xavier Morel d353e2ae22 feat(authentik): add config for proxmox
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 8s
2026-06-12 14:51:08 +02:00
Xavier Morel a3852bdf77 feat(media): add authentik config for jellyfin
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 3s
2026-06-09 18:24:19 +02:00
45 changed files with 284 additions and 138 deletions
+1
View File
@@ -19,5 +19,6 @@
dns = 1042;
z2m = 1016;
papers = 1032;
mail = 1033;
};
}
+21
View File
@@ -0,0 +1,21 @@
{
config,
...
}:
{
services.postfix = {
enable = true;
enableSubmissions = true;
settings.main = {
relayhost = [ "smtp.protonmail.ch:587" ];
smtp_use_tls = "yes";
smtp_tls_security_level = "may";
myhostname = "mail.plg.m0rel.eu";
mydomain = "m0rel.eu";
smtp_sasl_auth_enable = "yes";
smtp_sasl_security_options = "";
smtp_sasl_password_maps = "texthash:${config.age.secrets.mail-smtp-relay.path}";
virtual_alias_maps = "inline:{ { root=home@m0rel.eu } }";
};
};
}
+2 -1
View File
@@ -4,7 +4,8 @@
enable = true;
openFirewall = true;
# Manual bind-mount in proxmox
dataDir = "/mnt/nas/app-data/jellyfin";
# dataDir = "/mnt/nas/app-data/jellyfin";
dataDir = "/var/lib/jellyfin";
configDir = "/etc/jellyfin/";
logDir = "/var/log/jellyfin";
# user = "root";
+6
View File
@@ -273,6 +273,12 @@ in
middlewares = [ "authentik" ];
tls.certResolver = "letsencrypt";
};
rootDomain = {
rule = "Host(`${(builtins.substring 1 (builtins.stringLength dmn) dmn)}`)";
service = "auth-service";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
}
;
+6 -1
View File
@@ -34,8 +34,13 @@ in
SSO_SCOPES = "openid profile email offline_access";
SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION = false;
SSO_CLIENT_CACHE_EXPIRATION = 0;
SSO_ONLY = true; # Set to true to disable email and master password login and require SSO
SSO_ONLY = false; # Set to true to disable email and master password login and require SSO
SSO_SIGNUPS_MATCH_EMAIL = true; # Match first SSO login to an existing account by email
SMTP_HOST = "192.168.68.33";
SMTP_PORT = "25";
SMTP_SECURITY = "off";
SMTP_FROM = "home@m0rel.eu";
};
dbBackend = "postgresql";
};
+1
View File
@@ -36,6 +36,7 @@
};
private = true;
auth = true;
group = "Système";
description = "Base de données PostgreSQL.";
icon = "https://wiki.postgresql.org/images/3/30/PostgreSQL_logo.3colors.120x120.png";
otherDomains = [
+1
View File
@@ -35,6 +35,7 @@
};
private = true;
auth = true;
group = "Système";
description = "Serveur DNS & DHCP fourni par AdGuardHome & Unbound.";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/adguard-home.png";
};
+1
View File
@@ -37,6 +37,7 @@ in
};
private = true;
auth = true;
group = "Outils";
description = "Suivi des finances via Firefly-III.";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/firefly-iii.png";
};
+1
View File
@@ -6,6 +6,7 @@
memory = 2048;
disk = "15G";
swap = 1024;
onboot = false;
};
system = {
port = 80;
+30
View File
@@ -0,0 +1,30 @@
{ ... }:
let
db_pass = import ../config/_passwords.nix;
in
{
my-lxc.mail = {
container = {
cores = 1;
memory = 512;
disk = "4G";
swap = 512;
};
system = {
importConfig = [
../config/mail-postfix.nix
];
port = 80;
additionalPorts = [
25 # smtp
465 # smtps
];
};
logging = {
enable = true;
metricsEnable = true;
};
private = true; # available only on private lan
auth = false; # auth overlay
};
}
+2 -1
View File
@@ -28,7 +28,8 @@ in
};
};
private = true;
auth = true;
auth = false;
group = "Médias";
description = "Serveur média avec Jellyfin / jellyseer (?).";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/jellyfin.png";
};
+1
View File
@@ -22,6 +22,7 @@
};
private = true;
auth = true; # unused anyway
group = "Système";
description = "Serveur de métriques fourni par Prometheus.";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/prometheus.png";
};
+2 -1
View File
@@ -8,7 +8,7 @@ in
enable = true;
cores = 2;
memory = 2048;
disk = "13G";
disk = "13824M";
swap = 1024;
};
system = {
@@ -31,6 +31,7 @@ in
};
private = true;
auth = true;
group = "Système";
description = "Interface de monitoring via Grafana.";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/grafana.png";
};
+1
View File
@@ -46,6 +46,7 @@ in
private = true; # available only on private lan
auth = true; # auth overlay
description = "Serveur MQTT";
group = "Système";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/mqtt.png";
};
}
+1
View File
@@ -26,6 +26,7 @@ in
};
private = true;
auth = true;
group = "Outils";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/paperless-ngx.png";
};
+2
View File
@@ -7,6 +7,7 @@
memory = 512;
disk = "5G";
swap = 512;
onboot = false;
};
system = {
port = 80;
@@ -20,6 +21,7 @@
};
private = true;
auth = true;
group = "Système";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/ups.png";
};
+1
View File
@@ -50,6 +50,7 @@
};
private = true;
auth = true;
group = "Système";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/traefik.png";
};
+1
View File
@@ -62,5 +62,6 @@ in
port = 9696;
}
];
group = "Médias";
};
}
+2
View File
@@ -6,6 +6,7 @@
memory = 512;
disk = "6G";
swap = 512;
onboot = false;
};
system = {
additionalPorts = [ 80 ];
@@ -19,6 +20,7 @@
};
private = true; # available only on private lan
auth = true; # auth overlay
group = "Système";
icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/zigbee2mqtt-light.png";
};
}
Generated
+35 -52
View File
@@ -23,25 +23,8 @@
"type": "github"
}
},
"authentik-go": {
"flake": false,
"locked": {
"lastModified": 1771856219,
"narHash": "sha256-zTEmvxe+BpfWYvAl675PnhXCH4jV4GUTFb1MrQ1Eyno=",
"owner": "goauthentik",
"repo": "client-go",
"rev": "4c1444ee54d945fbcc5ae107b4f191ca0352023d",
"type": "github"
},
"original": {
"owner": "goauthentik",
"repo": "client-go",
"type": "github"
}
},
"authentik-nix": {
"inputs": {
"authentik-go": "authentik-go",
"authentik-src": "authentik-src",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
@@ -54,16 +37,16 @@
"uv2nix": "uv2nix"
},
"locked": {
"lastModified": 1778768653,
"narHash": "sha256-cPvRrhNhKk88iCaZYahNOYciCbnRONfMtwGiuW7axKQ=",
"lastModified": 1780582607,
"narHash": "sha256-zAJcOvOHBdaqnmGXxeXPwIgQ3p4VDMt8ecJ2sl4cdjQ=",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "646a0fdaca63006b306578f8decfa7c5762a39f4",
"rev": "7611d20f7a0db3e08bd94b3cb3948d8e38958776",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "version/2026.2.3",
"ref": "version/2026.5.2",
"repo": "authentik-nix",
"type": "github"
}
@@ -71,16 +54,16 @@
"authentik-src": {
"flake": false,
"locked": {
"lastModified": 1778615640,
"narHash": "sha256-tTBGwajdtEPuk36va5HgnnqR8sTuSwIt/c48bIinRlA=",
"lastModified": 1779981174,
"narHash": "sha256-djsdph2E+JIIu9Sy5gJwBG378nunXXK2LPW5z/oneMs=",
"owner": "goauthentik",
"repo": "authentik",
"rev": "095e2897d52397962d153be2d689cedcdb71906c",
"rev": "2d26ce9b538df68b9d78dccdd5ac5bfb4c1b2983",
"type": "github"
},
"original": {
"owner": "goauthentik",
"ref": "version/2026.2.3",
"ref": "version/2026.5.2",
"repo": "authentik",
"type": "github"
}
@@ -151,11 +134,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1779931123,
"narHash": "sha256-ZJ855S3iWO6FkGQjmzR+kToGVBEJrm7NQG6/PEovTvs=",
"lastModified": 1782305913,
"narHash": "sha256-CW+mSdVBvJ1kuuXPrx05Kmee8YZUhOQ3gI8H8roFDOY=",
"owner": "cachix",
"repo": "devenv",
"rev": "40574661afa960888226da4d122a74132fb36835",
"rev": "5f6233e19a31955435e667c20e056ae147498ecc",
"type": "github"
},
"original": {
@@ -201,11 +184,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1769996383,
"narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=",
"lastModified": 1778716662,
"narHash": "sha256-m1Yf0wZ8j1OHjTc2UwHwyQRSnNeSgLJOd7q5Y45hzi4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "57928607ea566b5db3ad13af0e57e921e6b12381",
"rev": "f7c1a2d347e4c52d5fb8d10cb4d94b5884e546fb",
"type": "github"
},
"original": {
@@ -453,11 +436,11 @@
]
},
"locked": {
"lastModified": 1779391158,
"narHash": "sha256-NUKwtyaooPLJPBOdg0piBgR6NIzY/n2W45+qkYdh+h8=",
"lastModified": 1779748925,
"narHash": "sha256-meIhqGC04O5VXbKSFXSQoOKp+XCq5RMnwAk1Guo0VQo=",
"owner": "cachix",
"repo": "nix",
"rev": "b58ad8fb752809db919ae865c6b2aa3be7d55e1f",
"rev": "0bc443c8ff235c3547d09327b48aaa2ab98b15f2",
"type": "github"
},
"original": {
@@ -510,11 +493,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1771848320,
"narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=",
"lastModified": 1779560665,
"narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2fc6539b481e1d2569f25f8799236694180c0993",
"rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786",
"type": "github"
},
"original": {
@@ -526,11 +509,11 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1769909678,
"narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=",
"lastModified": 1777168982,
"narHash": "sha256-GOkGPcboWE9BmGCRMLX3worL4EMnsnG8MyKmXNeYuhQ=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "72716169fe93074c333e8d0173151350670b824c",
"rev": "f5901329dade4a6ea039af1433fb087bd9c1fe14",
"type": "github"
},
"original": {
@@ -541,11 +524,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1779560665,
"narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=",
"lastModified": 1781577229,
"narHash": "sha256-lrp67w8AulE9Ks53n27I45ADSzbOCn4H+CNW1Ck8B+8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786",
"rev": "567a49d1913ce81ac6e9582e3553dd90a955875f",
"type": "github"
},
"original": {
@@ -571,11 +554,11 @@
]
},
"locked": {
"lastModified": 1771423342,
"narHash": "sha256-7uXPiWB0YQ4HNaAqRvVndYL34FEp1ZTwVQHgZmyMtC8=",
"lastModified": 1779676664,
"narHash": "sha256-MbXylBTkWqVm8/VYjoULtMoVRgWBN1gSHbeRKsOsPlU=",
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"rev": "04e9c186e01f0830dad3739088070e4c551191a4",
"rev": "7bff980f37fc24e09dbc986643719900c139bf12",
"type": "github"
},
"original": {
@@ -592,11 +575,11 @@
]
},
"locked": {
"lastModified": 1771518446,
"narHash": "sha256-nFJSfD89vWTu92KyuJWDoTQJuoDuddkJV3TlOl1cOic=",
"lastModified": 1778901413,
"narHash": "sha256-GSKXTAnFqRAMlZkJrIPcQMYf+lpMr66K3i60mB9STvc=",
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"rev": "eb204c6b3335698dec6c7fc1da0ebc3c6df05937",
"rev": "a228447c3e179d477c1b6246ef3efa8cfe3c469a",
"type": "github"
},
"original": {
@@ -753,11 +736,11 @@
]
},
"locked": {
"lastModified": 1772187362,
"narHash": "sha256-gCojeIlQ/rfWMe3adif3akyHsT95wiMkLURpxTeqmPc=",
"lastModified": 1779411315,
"narHash": "sha256-IMFlxeyClau51KplhhSRGhdGTvD/knShHdybP1UOTuk=",
"owner": "pyproject-nix",
"repo": "uv2nix",
"rev": "abe65de114300de41614002fe9dce2152ac2ac23",
"rev": "fdf2a76275d7a9c27deb5d2f2ab33526ac9052ff",
"type": "github"
},
"original": {
+1 -1
View File
@@ -19,7 +19,7 @@
inputs.nixpkgs.follows = "nixpkgs";
};
authentik-nix = {
url = "github:nix-community/authentik-nix/version/2026.2.3";
url = "github:nix-community/authentik-nix/version/2026.5.2";
# inputs.nixpkgs.follows = "nixpkgs";
};
agenix = {
+74 -4
View File
@@ -35,6 +35,7 @@ in
protocol_provider = "\${resource.authentik_provider_proxy.${containerName}.id}";
meta_description = def.description;
meta_icon = def.icon;
group = def.group;
}
) cfg
)
@@ -44,34 +45,53 @@ in
slug = "home_assistant";
protocol_provider = "\${resource.authentik_provider_oauth2.home_assistant.id}";
meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/home-assistant.png";
group = "Médias";
};
matrix = {
name = "matrix";
slug = "matrix";
protocol_provider = "\${resource.authentik_provider_oauth2.matrix.id}";
meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/matrix-light.png";
group = "Outils";
};
vaultwarden = {
name = "vaultwarden";
slug = "vaultwarden";
protocol_provider = "\${resource.authentik_provider_oauth2.vaultwarden.id}";
meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/vaultwarden-light.png";
group = "Outils";
};
gitea = {
name = "gitea";
slug = "gitea";
protocol_provider = "\${resource.authentik_provider_oauth2.gitea.id}";
meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/gitea.png";
group = "Outils";
};
nas = {
name = "nas";
slug = "nas";
protocol_provider = "\${resource.authentik_provider_oauth2.nas.id}";
meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/synology-light.png";
group = "Médias";
};
jellyfin = {
name = "jellyfin";
slug = "jellyfin";
protocol_provider = "\${resource.authentik_provider_oauth2.jellyfin.id}";
meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/jellyfin.png";
group = "Médias";
};
proxmox = {
name = "proxmox";
slug = "proxmox";
protocol_provider = "\${resource.authentik_provider_oauth2.proxmox.id}";
meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/proxmox-light.png";
group = "Système";
};
};
authentik_application_entitlement = {
authentik_application_entitlement = {
gitadmin = {
name = "gitadmin";
application = "\${authentik_application.gitea.uuid}";
@@ -125,6 +145,14 @@ in
outpost = "\${data.authentik_outpost.embedded.id}";
protocol_provider = "\${authentik_provider_oauth2.nas.id}";
};
jellyfin = {
outpost = "\${data.authentik_outpost.embedded.id}";
protocol_provider = "\${authentik_provider_oauth2.jellyfin.id}";
};
proxmox = {
outpost = "\${data.authentik_outpost.embedded.id}";
protocol_provider = "\${authentik_provider_oauth2.proxmox.id}";
};
};
authentik_property_mapping_provider_scope = {
@@ -169,12 +197,9 @@ in
client_secret = hass.oidc_client_secret;
property_mappings = [
"\${data.authentik_property_mapping_provider_scope.proxy_outpost.id}"
"\${data.authentik_property_mapping_provider_scope.openid_openid.id}"
"\${data.authentik_property_mapping_provider_scope.openid_email.id}"
"\${data.authentik_property_mapping_provider_scope.openid_profile.id}"
"\${data.authentik_property_mapping_provider_scope.app_entitlement.id}"
"\${data.authentik_property_mapping_provider_scope.openid_offline_access.id}"
"\${data.authentik_property_mapping_provider_scope.authentik_api.id}"
];
@@ -270,6 +295,51 @@ in
}
];
};
jellyfin = {
name = "jellyfin";
authorization_flow = "\${data.authentik_flow.default-authorization-flow.id}";
invalidation_flow = "\${data.authentik_flow.default-invalidation-flow.id}";
client_id = "ea5qGtQMHx0w2za2Vf8zX4pxReoMdJtGtpYXnHng";
client_secret = "f76AUcoIRwsrlL8Nrul82z6rAFSX79PsH6o25xSUfCPeeL25uA2pAJGIaCU8uX0yeqJ43aCnLhDeRkStSd9kf6CUdlDjcvMxMw6GdR1sl9VSyeU6mf4fF37PXETShayt";
property_mappings = [
"\${data.authentik_property_mapping_provider_scope.openid_openid.id}"
"\${data.authentik_property_mapping_provider_scope.openid_profile.id}"
"\${data.authentik_property_mapping_provider_scope.openid_email.id}"
];
signing_key = "\${data.authentik_certificate_key_pair.generated.id}";
allowed_redirect_uris = [
{
matching_mode = "strict";
url = "https://media.plg.m0rel.eu/sso/OID/start/authentik";
}
];
};
proxmox = {
name = "proxmox";
authorization_flow = "\${data.authentik_flow.default-authorization-flow.id}";
invalidation_flow = "\${data.authentik_flow.default-invalidation-flow.id}";
client_id = "fLYPaQGtr7JYC2hIP12tQgiNiTH5h3Yl4htpPs7a";
client_secret = "mrNbX6WUZlWJOjMF2N4v91hyWgHhP1rgEtrW6TUioweHtDElLsTavX3ijB2QZgnqoUG8sR8r0fQ1OofjPNvZ8t8GFZLL5C8oRw1tKXoMFlryuw8GqwOqyxxmh0UjDK2o";
property_mappings = [
"\${data.authentik_property_mapping_provider_scope.openid_openid.id}"
"\${data.authentik_property_mapping_provider_scope.openid_profile.id}"
"\${data.authentik_property_mapping_provider_scope.openid_email.id}"
];
signing_key = "\${data.authentik_certificate_key_pair.generated.id}";
allowed_redirect_uris = [
{
matching_mode = "strict";
url = "https://proxmox.plg.m0rel.eu";
}
];
sub_mode = "user_email";
};
};
authentik_group = {
+4 -6
View File
@@ -1,14 +1,12 @@
{
config,
tools,
lib,
...
}:
let
cfg = config.my-lxc;
in
{
proxmox_lxc = lib.mapAttrs (
proxmox_lxc = builtins.mapAttrs (
name: def:
let
c = def.container;
@@ -25,19 +23,19 @@ in
network = {
name = "eth0";
bridge = "vmbr0";
ip = tools.build_ip_cidr name;
ip = "192.168.1.${name}";
gw = config.globals.gateway;
type = "veth";
};
protection = c.protection;
onboot = true;
onboot = c.onboot;
rootfs = {
storage = "local-lvm";
size = c.disk;
};
swap = c.swap;
vmid = config.id.${name};
tags = lib.strings.join ";" ([ "terraform" ] ++ c.tags);
tags = builtins.strings.join ";" ([ "terraform" ] ++ c.tags);
}
// c.overrides
) cfg;
+10 -9
View File
@@ -65,6 +65,11 @@ in
description = "Overrides to the Proxmox LXC Terraform resource";
default = { };
};
onboot = mkOption {
type = bool;
default = true;
description = "Boot at Proxmox's startup";
};
protection = mkOption {
type = bool;
description = "Whether container should be protected against changes.";
@@ -174,6 +179,11 @@ in
description = "Possible description for the service";
default = null;
};
group = mkOption {
type = nullOr str;
description = "Group for the service (on Authentik)";
default = null;
};
icon = mkOption {
type = nullOr str;
description = "URL for a logo for the service";
@@ -324,15 +334,6 @@ in
(import ./containers-terraform-proxmox.nix { inherit config tools lib; })
(import ./containers-terraform-authentik.nix { inherit config tools lib; })
];
tf.data.authentik_outpost.embedded = {
name = "authentik Embedded Outpost";
};
tf.data.authentik_flow.default-authorization-flow = {
slug = "default-provider-authorization-implicit-consent";
};
tf.data.authentik_flow.default-invalidation-flow = {
slug = "default-provider-invalidation-flow";
};
nixosModule = lib.mapAttrs (
container: def:
+1 -1
View File
@@ -3,7 +3,7 @@
terraform.required_providers = {
proxmox = {
source = "Telmate/proxmox";
version = "~> 2.9.11";
version = "= 3.0.2-rc07";
};
postgresql = {
Binary file not shown.
Binary file not shown.
Binary file not shown.
+8 -9
View File
@@ -1,10 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg xNDlDdho+Amh4Wf77L/0OfMWevmRQUB49fjNAgj4sXo
iRHPgcqPqsBJVtv4Map3WRpG173YQlwZ9hJI1hgbIB4
-> ssh-ed25519 tqMvRA MGYTH08khPjQrLGFbq2Evd1fFkFbI3ap/jM9jiDnoBo
sgWaeJ3IWV4E6LYgmFVHTIOrGZ2ZHUmFRJY+CvAFjbk
-> ssh-ed25519 720szw sC+xKVyWtGH8Hq9hwcg4X6gylYDYphP1/NanE07hhBc
30HqQ7wdYr0n1vVNwx8pkUrm+6vxtPTz/70QkJxXrlg
--- qpQfmx0AAz4q5Z7UT+vhiwRztZ0dDAotEUDJy7xR75c
ÑSFN3C¸QáBv窂Ÿl ©L|8kLâÛ…ô lm¶¹Cëß
QÓÍÚ™% ª‚¨zRTœÌ-.Qºv0-ÿ‚{‚Ç$Ï€züzJz“ôð²³ã"ÀÄ,‡íPh¹¬^Š: ÍXá9/
-> ssh-ed25519 jxhkLg YNVl9EvnlsfS8rqCORhExodr4U7doD2sc2V2Igh6wyM
2+9ccgcBxgtZiRARbYb3CGt3t/iUbJ1Z4GppNuxKpWU
-> ssh-ed25519 tqMvRA P5GUVZrILJSE/ZvF/cmSAeocAP3XWsohA8kQtW3zU2s
EFmkyCY0QZsqRhhUjYIdjV5Tqy1JrdaV0Px4rImB3j0
-> ssh-ed25519 720szw AuUmyABlgdDYkotBpRF7MmNXjz/bgnSeIF7c6t7GnBE
MfJt7x8ChIAaGNCs46gM1GbXPKTfU08/e+A2v+G+4I0
--- 78XdYtCgrNbwHYR3wk2cyVTz7nJNvbbvU2a/Vv5JIBA
 áþX¸;¾%ÖIr†X9«—/‡¡$àŒë
+8 -8
View File
@@ -1,9 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg mwMAP1IoULmBo8MiQbF7/OTFqHGEDvQAWtyu88KPkWA
b7rx/IbvpHppKH0nkomglxRkcjE6L0/SHlZ0rwSKVi4
-> ssh-ed25519 tqMvRA 08jdQsatahCoJu552xIsjf6aeKR2kfHqcpigtVEN6lA
R8VfTa9BUs7B6LZD3ZeW91VaMRGwNbP7+WkBi7mU2ec
-> ssh-ed25519 UJuwpQ ZFeIg0jF3Wgp3Az9XRaqynaAA9gVETjqMHAAHpn5o2I
v+9C2KHhDPzDDGJjBgA03pbuALaBm0VP29qtpzeDe1c
--- ucg+XE0J0RL8ZN4pH4BAly3A5eMoSUSG/AqQSfXJ9Ro
lBEÞüRÀÀIÁ½@8¥ÕP´,©à¬]¿ú–?Ÿ alÒmKž2*á:½á¨—crF^׿:S&ÁõÆqÞyÙÏØ —ˆ¿Œ"²†žö¨âò¸*é
-> ssh-ed25519 jxhkLg jmZEdYs0k0ZW68F6fhW9fCtyT4WWNUeBfvoMqAdLBxY
PW8qcAecC7ouQWBz4lyEYS/Tssc7U9D9RyI99tO+D4o
-> ssh-ed25519 tqMvRA VKn6tGS4/gim8rLKoi9N/NrsGLgUph2Xjl0ek3LwyjE
m0fNiJqN47AM7NRgFY+Wda2QL1FJYt7zKMKx4ngutLQ
-> ssh-ed25519 UJuwpQ UydkFFa+9kSqWRmhLe7878GPVrC+wAPCIhxidM93VgA
YDeQwo+b/bDrCSNyar7Je12RkhFKkN5BRKgk037uPVA
--- 7OoH3mHI3xhpIR9wG7x99bpAgRz3f/cATOo7bC1mUFI
¤hÿ#¾²Ò>žë~"þËÏðÞ‹ÿ‚{,æ±³;žèPu‚aÍ‘¥Ð¦Š®§túGÈ’i¶Â•Ùšêè–"ó>)Ñ…rÐ CÀ£›ÙÖižÌã®
Binary file not shown.
+10
View File
@@ -0,0 +1,10 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg +poePGAJ/ZVLHPXEK/Yr8tpmWZBRwB3bdx5FnLARY3A
9/OA2Mix1X+uvrFEEpZVOJZHoloVRSL35iGhxWqv2XM
-> ssh-ed25519 tqMvRA DQ+gJqcSfjmYxs+L/6DJ86yEkGtV4v+Y4xJExYNuVDI
lqv5OaNuHKtXjpgEQwlyuahp1O5a3nc83W8joaNn/mw
-> ssh-ed25519 SEy3Fw 09q3eW5ppW9JO0DWQo34VdaXHEllKlxnTdCy+K2SoAQ
bQfnSNiy5ZZCT7hpfNiLVVionG/UMVsYBxMWj/1359w
--- yiuElsPJeYH/0XB2YRd3gnwYFMPtPDXJQ71zVypdJew
¥ah)øožZŒHpü@Öÿ/®¶ÀîfM.[u!Òp” =gŒ¸
°s½Þ×F`‚FEáŸê2ÁK%w‘¸˜ÎK¬mi&`L.*þ@R€"
Binary file not shown.
Binary file not shown.
Binary file not shown.
+8 -8
View File
@@ -1,9 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg ZLzOFFu6isbAWkrXF/etG1sjvE2O0hvDCz/BFsvONQg
gagibzhJwfpwgr3XGZJcaaD7IztcAH+HlxLwlhaYah0
-> ssh-ed25519 tqMvRA c7VvH+2ZhDozgIH24PiUaWzkEgYYHgjIq2QrQ9XAWy0
SGsGZOVSCsodoc3unWEgaG2swbZ61G39rcQFJX6utQI
-> ssh-ed25519 5VK9ng g1XMAKsB6l8vWxAAnIJIJWhzBVBeLFLg7JqzadibyBM
2Drr46dDuVJOyH0kp91K/qVdQsq1+Xd7hgoan0yc6K0
--- ApI3P3YMJmzY8eFcZ+YzZeGvJRdqvgpMtW+I0KM0Y3c
Yモ}6ゥ・カsニ(ムq葛フコcチチラj蜿ア」?レセ
-> ssh-ed25519 jxhkLg WOtezChzCSmy1x5ob8CFUKcjA8tTTJaLrUj0dhKUgiA
iYFJ0cdtpHdsK4FXRgTRAaZI7CYS8VAUKmvHC0TP0x8
-> ssh-ed25519 tqMvRA 7AQf+l0+15W34unEqO3IyqD8qu2mIMXpVTActsUd8y0
3xcW7LAmcUXxQKBO36WACH44IziCiHt0G1SmT4SFC/I
-> ssh-ed25519 5VK9ng Pvw6cet2AVlGx5F1F/5OM63r0fgGYEc7dCsipRPAkVQ
3HtvmxOzT4bGn9aECfusyNCpaTCNFSRgUSbeRik1wwA
--- 9dSUckyaEH5FpzcEdNTnC6M+5v7BwJapMIcSIFR29Tg
¶n@Yß Â½”h'ÖÛ¯Ó¬³”ž»&è¢ìw%ö “ ýé
Binary file not shown.
+12 -10
View File
@@ -1,11 +1,13 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg B1+QK5IUkrya5HgZLF8oWpMiL7cBK+OYNCvNeodmqkw
mTglq5BlxDDKiYBe78Cs8tNMv0yksrvS4tyhCZKJu/M
-> ssh-ed25519 tqMvRA la4nh/Nr0sNaV6JVhSi7cYLkI+kgbIhEr2fTTa/wKRA
W5qaU2lfPLVPomrkHvdwB52LxJPcUvvcgI6wN/gqeYk
-> ssh-ed25519 5VK9ng vsmrq5wf3y4CiSgyNT0aQvrxLTJ0WcdG8B+zAbdpgGo
hDADh9v99hacIc85T+QP2oywVDyqJjlKVa0skJuf3BI
--- GT+Ns1ZRlOOO0HwG2WcpgG1XLf5NJzX2Hg3aJAL+vOA
Š0‰¥ràÉÊO>ýµ¦¸xI48ϲ¹s<Ù×ÜànÍgâ‘Ïïq'¨DMFP*ŸòŒöQ¿P+ߥ¿fŽ÷ÖgÄf6˜£ è$xoúfðq“Z 8r|=vÁ&Ÿ
¿ãLýó>,šôÛK¾Ñõ 5YI\¤Uc0Ñ<#dë3u˜Õ|tÅÊŒ}sÆíP
æv8=A Ó¡À?•­Òìó¼çÖøŸ}Êÿ«+á5™P¨­?1Ñ×´mÔpèÚçZ&cžËŒ¸îù«N'€¢ò³¶¼¼
-> ssh-ed25519 jxhkLg dADzUsvWJkprV9aYYdTQ4tLd3V6H/lMRNLaAC6fNty8
NVzvSEd7KBDfkqbkrZgVgRJkFi6UmlqEIPr2sK+o6t8
-> ssh-ed25519 tqMvRA XnsNo926VyUqSppFZ50N1KtzK/QCbi1lF6LJZYWUsGM
atsaJ7XjRum1dWvIjxdUq3Fr3Ypp7/RO7kqSqWfgUrM
-> ssh-ed25519 5VK9ng PJRg2ljsArsWYgAsHk8optwi7P/vZirhhX5FbINHjhs
pFJ2uibaYO2hWfSnyElxrvoFCC3BpcZOrnxET8ynBUI
--- 3vf+8iS73Sk0CeHRLkxxX4kGg+py39sAQVVDniljAEY
\­þE~D×3xèžœ™ `Ù{ð
‰å4[Ÿ‚&V­2\]Üc4/n=”P.ø
\E8oswÉbÞtC(9›ÇJŽŠç ÿ4ˆF-Ï+—dÓR$Ùœ:#¡÷óÙa)ŠYYHãY3yg
ð
¨Šâh„ÅÌu n‹K˜È=kWnWýŒÍÇáîÛžßçž<?ÀYŸØá¶Q}zò¼óGýõ…µyA«ý†%x¥Ÿ“ÈãxkîHÈÌø3  Ô¯cjZR=j–©Y×¼
+8 -8
View File
@@ -1,9 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg RCq2VAcmya10eK7zwPVFB0klV0zSNkHmF+WlnJXaWzw
8ySn0NB5FNb7a2qJOzx1yiCdH2MTJWBUUPc2i5ytly0
-> ssh-ed25519 tqMvRA sB9nTKSEnh1AQ0rYf1uYmd2CzCabz2hEJF1XTsvrtkk
ASWOYP+4XiLxf2OLbYXRDRTXfiuLqvxN5gkoEauL8c8
-> ssh-ed25519 5VK9ng KkXWseT01qSmhEAeotqEi6CG4zzz+50TrKclYdn57AA
hThUinxaRHWTD/wAhELcYWj6qcQ8V0Ybi60cnUc7pdk
--- h3P58TD8hmBfKLliCDSL4m3bCJHLs80yZ4i/croZp48
]sM`gィ愃モZ「=0'荿ヨcワミ┨果菅_ル・T纎
-> ssh-ed25519 jxhkLg FFstKIybiFO48aoLNDSnDSdwIHAZEwe7CSWt6+YnqyA
3i7YRHdvQ2kD+frqH1+wvCnWx4py78fahA7AWAEMx1I
-> ssh-ed25519 tqMvRA 5KeC4teldBf/QTudaRtHbP+6LfpZ/m75wxVq4M8LxEU
H8Ee4v44FRfapY8tRGEFOneVzji8QOv/u1uIUD/mrJs
-> ssh-ed25519 5VK9ng K/C8z7WTlyjLsH4n4ufAVrCMCkVgQuFPpyNz6Mcxl24
dsZ/aO4DIzni7Dkiju8JVPnklhvAdiujunaL7WfAaOc
--- kJ92gmMAzGRD8THcfjF/k00eo3+oMSiETAYR4wJOsj8
£éûÇtçü¤ãXâ¥&Ú½§ÂÖÈÄnIÄ3qÙ÷:²š<<ÿYÐàÞC'¦ñì
+10 -10
View File
@@ -1,11 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg BZflK7sIBRQVRQFl06h25sX5KiWHsu3g39r/8uMpcwE
beZ8ZBKgRvJvY3EEhJ/ylKdDdWTz2u08pvWbVaFg8m8
-> ssh-ed25519 tqMvRA CQtMI9v79kBZoiBrxLY91756LiAJGogbTb+ayd6cRmo
F2MiE9whRNZ73cskxhXeuudvMgA4JOvbtzotNpHMIf4
-> ssh-ed25519 KkzjXA uH+5mcV0ZZ5oKNfq88ihWHY/Z8YpgPjzvkcvhMJOKU8
4z8x8XyAYsaIkXFylMEAwacHyQEJ/1mYFXsEsdnZ74w
--- vlF5pHK/D7m3ErKazggz4xxdn2hcwGvvIYrZtn2sT8Q
o¯ñ5àÐ
ã2¦ƒÅx6óN/NóHèù_òSH»B­^Lhµ«›
{å‚,Cjî†Æ½©˜Âå•4„€ì51È%ëc_`§41Ñ@Ú‘T׸¦«|>¬Ðòvè¥ôvî­ 6
-> ssh-ed25519 jxhkLg b83U678xLJlB1FFoxSaeG7JN/4v1sVU4QsITY3j/awc
Dhc/V5R3bK9x7i2ws9FQ4O4HHT6xTlaEKt3SXJhihTk
-> ssh-ed25519 tqMvRA KPLjl31HwXs/ucQ/LJwEL2+px2mSkCk812bGk9rTiWs
qADzPQi44e9QiQpXpoyhNNDuULJhTXo9x0109lyOq10
-> ssh-ed25519 KkzjXA 6Xwc9hqBdR7LPYNmfEn5+M0n6QTEBkuNTBk/t7ofh3Q
GjcVMhPZ6X4ybBxtIabKFegicdTZbq+zQWvn9PYNeME
--- 3ZY5ysyGfwJ6Y0/FEO7YpsFkAJkn9B4D3gIzpZBPx10
;v"Þ‘ÛÏ×ÔF¼>´›J”4Ú^G«Èe´ÇZÔ$Íʱòc¯L¦Ü
–jŽ‹ì%HM”Ù=[]J±¾ªÚ}IWAE¶dgÝûŽWŒ«¹ŽÕbßšÞB|_©1
óŸùþÿ\HeLz¨šÑަU™F}E*‚Ô½}
Binary file not shown.
+8 -8
View File
@@ -1,9 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 jxhkLg tYj2oLp8OWZtYmj0gKJnEE5G+3tmfPul8tGt5fnnwDs
/SujjcZxvPmZurlLWETwR8JhH8LIJh/MeoogW5VxP8w
-> ssh-ed25519 tqMvRA qY8Cv7G1UJm139N9NxA4dAXAfje42n6p7ZajU8r8Fgo
Qw4WobdnlixxHxAwiTCGyeJGzcfOWxslOmS/sYhiTug
-> ssh-ed25519 DVDL4g Lkxuay1WN05O7uO+onML4INymrsBf8DrBHyGPhSW5xQ
sAdASiFmiCDRl7WfI5k6Qz+fKY/FG5H9dLucFluSFTI
--- NjnXZAi+St4JHuxdQ6/rpT//nwTwY3MA59MotWicycA
EwLKネリ? i6jw€セ2ッYMケヒrVOP?股-ロ
-> ssh-ed25519 jxhkLg Jt0tBomUSwoxIf+D0n2leQ8ULQcrpWJDN4Tm/obLnyg
yct3YGS4BiDsAZPlKZybD7GVoqQdL1EZ6dlHXSY5b8U
-> ssh-ed25519 tqMvRA amDzRhpIGTVsZxAHWSUacZ629OEttMU1VAOVKdCLyFE
2fRvar0fSfbYyw+O4zpE3DusNKtuFDOCVxSzMccaMKg
-> ssh-ed25519 DVDL4g QIXLyMveRBfhcNCrbI0ZpZqjaB5j76ROsXs7pUquZXI
vYciNWwJrTuGOZToE7eoCYhrGOlwqd6tuYeIUXQGjTs
--- 0J/foPauSiv/wNTq2TkTVBnQOqm1dll+xyqwFqM9lpY
¸øÆ‚1L<¬ÊÎ!ƒ©5T>ØKÜßm‹×+»×Šê5bµüoù‡•ƒÈ
Binary file not shown.
+4
View File
@@ -31,6 +31,10 @@ in
group = "nginx";
};
};
"mail-smtp-relay.age" = {
publicKeys = users ++ [ keys.mail ];
extra.owner = "postfix";
};
"matrix-maubot-cfg.age".publicKeys = users ++ [
keys.matrix
];
Binary file not shown.