allencai/ccl-nixos-dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: allencai:4dddb0e803e5f48351e55d5858f392155a6635e1
Branches Tags
allencai:master
..
compare: allencai:master
Branches Tags
allencai:master

21 Commits
4dddb0e803 ... master

Author SHA1 Message Date
Allen Cai
9c1e54a9b4 stash 2025-08-02 10:32:40 +08:00
Allen Cai
a614e65597 feat: 0801 update 2025-08-02 08:36:49 +08:00
Allen Cai
90a409b9b3 chore: remove README.md 2025-07-25 21:28:43 +08:00
Allen Cai
141f6f1b96 feat: update 2025-07-25 21:22:24 +08:00
Allen Cai
0b413e227c Revert "feat: disable zen" 
This reverts commit fe5ec24090.
 2025-07-25 16:09:37 +08:00
imxyy_soope_
108c68424c feat(ccl): hardware 2025-07-25 07:12:04 +00:00
imxyy_soope_
fe5ec24090 feat: disable zen 2025-07-25 13:50:02 +08:00
imxyy_soope_
f55f9b015c feat: mirror 2025-07-25 13:44:09 +08:00
imxyy_soope_
6a33ce50c1 fix(ccl): wireless network (maybe) 2025-07-25 13:01:53 +08:00
imxyy_soope_
c772c2983f feat(ccl): init 2025-07-25 12:25:06 +08:00
imxyy_soope_
125a75ec2e feat(ccl): init 2025-07-25 11:15:19 +08:00
imxyy_soope_
a0b044dbc9 feat(starship): speedup jj prompt 2025-07-24 21:48:43 +08:00
imxyy_soope_
94764e7a5a feat: television (fuzzy finder) 2025-07-22 21:28:47 +08:00
imxyy_soope_
fef786d317 feat(nix): github token 2025-07-22 21:28:27 +08:00
imxyy_soope_
8ca0a6cc0f refactor: sops-nix 2025-07-22 21:21:41 +08:00
imxyy_soope_
3263d72b59 feat(server): memos 2025-07-22 17:07:47 +08:00
imxyy_soope_
1c7e5b9f05 feat(jj): set conflict-marker-style 2025-07-22 16:43:25 +08:00
imxyy_soope_
1da34bf704 fix(headscale): RestartSec conflict 2025-07-22 16:43:25 +08:00
imxyy_soope_
88107f9fe7 feat(server): authorize imxyy-nix-x16 2025-07-22 16:43:25 +08:00
imxyy_soope_
5d1f622782 fix: immich 2025-07-22 16:42:43 +08:00
imxyy_soope_
0ed99176ad chore: update flake.lock 2025-07-22 15:51:48 +08:00
87 changed files with 338 additions and 3260 deletions
Expand all files Collapse all files

10
.sops.yaml
View File

@@ -1,13 +1,7 @@
keys: keys:
- &imxyy-nix age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns - &ccl-nix age18st0pys7g9dtezwq9n8t8jgc9w6ajzp5jl8w7sxlpv9lhv463u2swelwug
- &imxyy-nix-server age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6
- &imxyy-nix-x16 age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq
- &imxyy-cloudwin age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8
creation_rules: creation_rules:
- path_regex: secrets/.*\.(yaml|toml|json|env|dae|txt|conf)$ - path_regex: secrets/.*\.(yaml|toml|json|env|dae|txt|conf)$
key_groups: key_groups:
- age: - age:
- *imxyy-nix - *ccl-nix
- *imxyy-nix-server
- *imxyy-nix-x16
- *imxyy-cloudwin

4
Makefile
View File

@@ -4,6 +4,10 @@ switch:
@echo "Rebuilding NixOS..." @echo "Rebuilding NixOS..."
@nh os switch . @nh os switch .
switch-slow:
@echo "Rebuilding NixOS..."
@nh os switch . -- --max-jobs 1
boot: boot:
@echo "Rebuilding NixOS..." @echo "Rebuilding NixOS..."
@nh os boot . @nh os boot .

54
README.md
View File

@@ -1,54 +0,0 @@
<h2 align="center">:snowflake: imxyy_soope_'s NixOS Config :snowflake:</h2>
> This configuration and READMEs in this repo borrows heavily from [ryan4yin/nix-config](https://github.com/ryan4yin/nix-config) and his
> [cookbook](https://github.com/ryan4yin/nixos-and-flakes-book). Many thanks to his spirit of sharing!
This repository is home to the nix code that builds my systems:
Currently, this repository contains the nix code that builds:
1. NixOS Desktop: NixOS with home-manager, niri, neovim, etc.
2. NixOS home server
3. NixOS WSL
See [./config/hosts](./config/hosts) for details of each host.
## Why NixOS & Flakes?
Nix allows for easy-to-manage, collaborative, reproducible deployments. This
means that once something is setup and configured once, it works (almost)
forever. If someone else shares their configuration, anyone else can just use it
(if you really understand what you're copying/refering now).
As for Flakes, refer to
[Introduction to Flakes - NixOS & Nix Flakes Book](https://nixos-and-flakes.thiscute.world/nixos-with-flakes/introduction-to-flakes)
## Components
| | NixOS(Wayland) |
| ----------------------------- | :------------------------------------------------------ |
| **Window Manager** | Niri |
| **Terminal Emulator** | Alacritty & Kitty & Foot & Ghostty |
| **Bar** | Waybar |
| **Application Launcher** | wofi |
| **Notification Daemon** | SwayNotificationCenter |
| **Input method framework** | Fcitx5 |
| **Shell** | Zsh |
| **Netease Cloudmusic Player** | go-musicfox |
| **Media Player** | mpv |
| **Text Editor** | Neovim |
| **Fonts** | Noto Sans CJK & Jetbrains Mono & Nerd Font |
| **Filesystem** | btrfs subvolumes, clean '/' every boot for impermanence |
And more...
## Folder Structure
- `modules/` - custom NixOS modules
- `config/base.nix` - generic configs
- `config/hosts/<name>/` - hosts-specific configs
- `lib/` - custom nix library
- `pkgs/` - custom packages
- `overlays/` - nixpkgs overlays
- `vars.nix` - my variables
- `secrets/` - secrets managed by sops-nix. see [./secrets](./secrets) for details
- `flake.nix` - flake entry

4
config/base.nix
View File

@@ -6,7 +6,7 @@
networking.hostName = hostname; networking.hostName = hostname;
# don't change this unless you know what you are doing! # don't change this unless you know what you are doing!
# for further information, see wiki.nixos.org # for further information, see wiki.nixos.org
system.stateVersion = "24.11"; system.stateVersion = "25.05";
# disable this since we already have machine-id persisted # disable this since we already have machine-id persisted
systemd.services."systemd-machine-id-commit".enable = !config.my.persist.enable; systemd.services."systemd-machine-id-commit".enable = !config.my.persist.enable;
@@ -14,7 +14,7 @@
home = { home = {
# nicely reload system units when changing configs # nicely reload system units when changing configs
systemd.user.startServices = "sd-switch"; systemd.user.startServices = "sd-switch";
home.stateVersion = "24.11"; home.stateVersion = "25.05";
}; };
xdg.enable = true; xdg.enable = true;

0
config/hosts/imxyy-nix-x16/default.nix → config/hosts/ccl-nix/default.nix
View File

72
config/hosts/ccl-nix/hardware.nix Normal file
View File

@@ -0,0 +1,72 @@
{
config,
lib,
pkgs,
...
}:
{
hardware.nvidia = {
package = config.boot.kernelPackages.nvidiaPackages.latest;
modesetting.enable = true;
nvidiaSettings = true;
open = true;
};
# services.xserver.videoDrivers = [ "nvidia" ];
boot = {
initrd = {
availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
"mt76x2u"
];
verbose = false;
};
kernelPackages = lib.mkForce pkgs.linuxPackages_cachyos;
kernelModules = [
"kvm-amd"
"mt76x2u"
];
tmp.useTmpfs = true;
kernel.sysctl = {
"fs.file-max" = 9223372036854775807;
};
};
services.udev.extraRules = ''
ATTR{idVendor}=="0e8d", ATTR{idProduct}=="2870", RUN+="${lib.getExe pkgs.usb-modeswitch} -K -v %s{idVendor} -p %s{idProduct}"
'';
services.scx.enable = true;
fileSystems."/" = {
device = "/dev/disk/by-uuid/9e8cdf88-769f-494c-aa87-503b63ac218b";
fsType = "btrfs";
options = [
"compress=zstd"
];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/F028-F342";
fsType = "vfat";
options = [
"uid=0"
"gid=0"
"fmask=0077"
"dmask=0077"
];
};
networking.useDHCP = lib.mkDefault true;
hardware.enableAllFirmware = lib.mkDefault true;
hardware.enableAllHardware = lib.mkDefault true;
hardware.enableRedistributableFirmware = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkForce "x86_64-linux";
}

79
config/hosts/imxyy-nix-x16/home.nix → config/hosts/ccl-nix/home.nix
View File

@@ -9,21 +9,13 @@
home.packages = with pkgs; [ home.packages = with pkgs; [
localsend localsend
rclone
wpsoffice-cn wpsoffice-cn
wps-office-fonts wps-office-fonts
ttf-wps-fonts ttf-wps-fonts
evince evince
anki
ayugram-desktop
telegram-desktop
signal-desktop
discord
qq qq
wechat wechat-uos
gnome-clocks gnome-clocks
@@ -31,35 +23,51 @@
pavucontrol pavucontrol
pamixer pamixer
qqmusic
lumafly
scanmem
xmind
netease-cloud-music-gtk
maven
]; ];
programs.zsh = { programs.zsh = {
sessionVariables = { sessionVariables = {
PATH = "/home/${username}/bin:$PATH"; PATH = "/home/${username}/bin:$PATH";
}; };
profileExtra = ''
if [ `tty` = "/dev/tty6" ]; then
clear
fi
'';
}; };
programs.niri.settings = { programs.niri.settings = {
environment.STEAM_FORCE_DESKTOPUI_SCALING = "1.25"; outputs.HDMI-A-1 = {
outputs = {
eDP-1 = {
enable = true; enable = true;
mode = { mode = {
width = 1920; width = 1920;
height = 1200; height = 1080;
refresh = 60.002; refresh = 144.001;
};
scale = 1.25;
}; };
}; };
}; };
}; };
my = {
autologin = {
enable = true;
user = username;
ttys = [ 6 ];
};
my = {
gpg.enable = true; gpg.enable = true;
cli.all.enable = true; cli.all.enable = true;
coding.all.enable = true; coding.all.enable = true;
desktop.all.enable = true; desktop.all.enable = true;
virt.moonlight.enable = true;
desktop.browser.librewolf.enable = lib.mkForce false; desktop.browser.librewolf.enable = lib.mkForce false;
@@ -108,40 +116,5 @@
"image/webp" = imageviewer; "image/webp" = imageviewer;
}; };
}; };
persist = {
enable = true;
homeDirs = [
"Documents"
"Downloads"
"Videos"
"Music"
"Pictures"
"bin"
"workspace"
".cache"
".local/state"
".local/share/Anki2"
".local/share/shotwell"
".local/share/cheat.sh"
".local/share/Kingsoft"
".local/share/AyuGramDesktop"
".local/share/TelegramDesktop"
".config/Signal"
".config/discord"
".config/QQ"
".xwechat"
".config/Kingsoft"
".config/dconf"
".config/gh"
".config/pulse"
".config/pip"
".config/libreoffice"
".config/sunshine"
];
};
}; };
} }

34
config/hosts/imxyy-nix-x16/net.nix → config/hosts/ccl-nix/net.nix
View File

@@ -1,7 +1,8 @@
{ {
config, config,
lib,
pkgs, pkgs,
sopsRoot, secrets,
... ...
}: }:
{ {
@@ -11,6 +12,7 @@
]; ];
networking = { networking = {
networkmanager.enable = true; networkmanager.enable = true;
useDHCP = lib.mkForce true;
firewall.enable = false; firewall.enable = false;
nftables = { nftables = {
enable = true; enable = true;
@@ -52,37 +54,25 @@
}; };
}; };
sops.secrets.dae-imxyy-nix-x16 = { programs.clash-verge = {
sopsFile = sopsRoot + /dae-imxyy-nix-x16.dae;
format = "binary";
};
services.dae = {
enable = true; enable = true;
configFile = config.sops.secrets.dae-imxyy-nix-x16.path; serviceMode = true;
}; tunMode = true;
systemd.services.dae.after = [ "sops-nix.service" ]; autoStart = true;
sops.secrets.mihomo = {
sopsFile = sopsRoot + /mihomo.yaml;
format = "yaml";
key = "";
};
systemd.services.mihomo.after = [ "sops-nix.service" ];
services.mihomo = {
enable = true;
configFile = config.sops.secrets.mihomo.path;
webui = pkgs.metacubexd;
}; };
sops.secrets.et-imxyy-nix-x16 = { sops.secrets.easytier = {
sopsFile = sopsRoot + /et-imxyy-nix-x16.toml; sopsFile = secrets.easytier;
format = "binary"; format = "binary";
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
inetutils
easytier easytier
]; ];
systemd.services."easytier" = { systemd.services."easytier" = {
enable = true; enable = true;
script = "${pkgs.easytier}/bin/easytier-core -c ${config.sops.secrets.et-imxyy-nix-x16.path}"; script = "${pkgs.easytier}/bin/easytier-core -c ${config.sops.secrets.easytier.path}";
serviceConfig = { serviceConfig = {
Restart = "always"; Restart = "always";
RestartSec = 30; RestartSec = 30;

63
config/hosts/imxyy-nix-x16/nixos.nix → config/hosts/ccl-nix/nixos.nix
View File

@@ -3,7 +3,7 @@
pkgs, pkgs,
config, config,
username, username,
sopsRoot, secrets,
... ...
}: }:
{ {
@@ -18,6 +18,7 @@
boot.kernelParams = [ boot.kernelParams = [
"usbcore.autosuspend=-1" # Avoid usb autosuspend (for usb bluetooth adapter) "usbcore.autosuspend=-1" # Avoid usb autosuspend (for usb bluetooth adapter)
"fsck.mode=skip"
]; ];
boot.loader = { boot.loader = {
@@ -66,6 +67,8 @@
}; };
users.extraUsers.${username}.extraGroups = [ "audio" ]; users.extraUsers.${username}.extraGroups = [ "audio" ];
programs.nix-ld.enable = true;
fonts = { fonts = {
enableDefaultPackages = false; enableDefaultPackages = false;
fontDir.enable = true; fontDir.enable = true;
@@ -102,24 +105,21 @@
services.printing.enable = true; services.printing.enable = true;
services.keyd = {
enable = true;
keyboards.default.settings = {
main = {
capslock = "overload(control, esc)";
home = "end";
};
shift = {
home = "home";
};
control = {
delete = "print";
};
};
};
services.gvfs.enable = true; services.gvfs.enable = true;
/*
services.sunshine = {
enable = true;
autoStart = true;
capSysAdmin = true;
applications.apps = [
{
name = "Desktop";
image-path = "desktop.png";
}
];
};
*/
services.openssh = { services.openssh = {
enable = true; enable = true;
settings = { settings = {
@@ -128,33 +128,4 @@
PasswordAuthentication = true; PasswordAuthentication = true;
}; };
}; };
environment.systemPackages = [
pkgs.rclone
];
sops.secrets.imxyy-nix-rclone = {
sopsFile = sopsRoot + /imxyy-nix-rclone.conf;
format = "binary";
};
fileSystems = {
"/home/${username}/Nextcloud" = {
device = "Nextcloud:";
fsType = "rclone";
options = [
"nodev"
"nofail"
"allow_other"
"args2env"
"config=${config.sops.secrets.imxyy-nix-rclone.path}"
"uid=1000"
"gid=100"
"rw"
"no-check-certificate"
"vfs-cache-mode=full"
];
};
};
my.persist.nixosDirs = [ "/etc/NetworkManager/system-connections" ];
} }

16
config/hosts/imxyy-nix-server/ai.nix
View File

@@ -1,16 +0,0 @@
{ pkgs, ... }:
{
services.open-webui = {
enable = true;
host = "127.0.0.1";
port = 8089;
package = pkgs.stable.open-webui;
};
services.caddy.virtualHosts."ai.imxyy.top" = {
extraConfig = ''
reverse_proxy :8089 {
header_up X-Real-IP {remote_host}
}
'';
};
}

44
config/hosts/imxyy-nix-server/build.nix
View File

@@ -1,44 +0,0 @@
{
config,
pkgs,
sopsRoot,
...
}:
{
sops.secrets.et-imxyy-nix-server-nixremote = {
sopsFile = sopsRoot + /et-imxyy-nix-server-nixremote.toml;
format = "binary";
};
environment.systemPackages = [ pkgs.easytier ];
systemd.services."easytier-nixremote" = {
enable = true;
script = "${pkgs.easytier}/bin/easytier-core -c ${config.sops.secrets.et-imxyy-nix-server-nixremote.path}";
serviceConfig = {
Restart = "always";
RestartSec = 30;
User = "root";
};
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
"sops-nix.service"
];
};
users.groups.nixremote = { };
users.users.nixremote = {
isSystemUser = true;
description = "nix remote build user";
group = "nixremote";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEFLUkyeaK8ZPPZdVNEmtx8zvoxi7xqS2Z6oxRBuUPO imxyy@imxyy-nix"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBWOy0QmAyxENg/O5m3cus8U3c9jCLioivwcWsh5/a82 imxyy-hisense-pad"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8pivvE8PMtsOxmccfNhH/4KehDKhBfUfJbQZxo/SZT imxyy-ace5"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKALTBn/QSGcSPgMg0ViSazFcaA0+nEF05EJpjbsI6dE imxyy_soope_@imxyy-cloudwin"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIENauvvhVMLsUwH9cPYsvnOg7VCL3a4yEiKm8I524TE efl@efl-nix"
];
};
nix.settings.trusted-users = [
"nixremote"
];
}

10
config/hosts/imxyy-nix-server/caddy.nix
View File

@@ -1,10 +0,0 @@
{
services.caddy = {
enable = true;
email = "acme@imxyy.top";
};
security.acme = {
acceptTerms = true;
defaults.email = "acme@imxyy.top";
};
}

38
config/hosts/imxyy-nix-server/code.nix
View File

@@ -1,38 +0,0 @@
{ config, ... }:
{
services.postgresql.ensureUsers = [
{
name = "coder";
ensureDBOwnership = true;
}
];
services.postgresql.ensureDatabases = [ "coder" ];
virtualisation.oci-containers = {
containers = {
coder = {
image = "ghcr.io/coder/coder:latest";
environment = {
CODER_ACCESS_URL = "https://coder.imxyy.top";
CODER_HTTP_ADDRESS = "0.0.0.0:8086";
CODER_PG_CONNECTION_URL = "postgresql://coder:coderdatabase@127.0.0.1/coder?sslmode=disable";
};
extraOptions = [
"--network=host"
"--group-add=${toString config.users.groups.podman.gid}"
];
volumes = [
"/var/lib/coder:/home/coder/.config"
"/var/run/docker.sock:/var/run/docker.sock"
];
ports = [ "8086:8086" ];
};
};
};
services.caddy.virtualHosts."coder.imxyy.top" = {
extraConfig = ''
reverse_proxy :8086 {
header_up X-Real-IP {remote_host}
}
'';
};
}

27
config/hosts/imxyy-nix-server/default.nix
View File

@@ -1,27 +0,0 @@
{
imports = [
./nixos.nix
./hardware.nix
./home.nix
./virt.nix
./docker.nix
./minecraft.nix
./samba.nix
./net.nix
./caddy.nix
./nextcloud.nix
./mail.nix
./gitea.nix
./vault.nix
./homepage.nix
./code.nix
./yesplaymusic.nix
./ai.nix
./grafana.nix
./note.nix
./matrix.nix
./minio.nix
./build.nix
./immich.nix
];
}

9
config/hosts/imxyy-nix-server/docker.nix
View File

@@ -1,9 +0,0 @@
{ lib, ... }:
{
virtualisation.oci-containers.backend = lib.mkForce "podman";
virtualisation.podman = {
enable = true;
dockerCompat = true;
dockerSocket.enable = true;
};
}

45
config/hosts/imxyy-nix-server/gitea.nix
View File

@@ -1,45 +0,0 @@
{
services.caddy.virtualHosts."git.imxyy.top" = {
extraConfig = ''
reverse_proxy :8082 {
header_up X-Real-IP {remote_host}
}
'';
};
services.gitea = {
enable = true;
appName = "imxyy_soope_'s Gitea";
user = "git";
group = "git";
mailerPasswordFile = "/var/lib/gitea/smtp_password";
stateDir = "/mnt/nas/gitea";
settings = {
globalSection = {
LANDING_PAGE = "explore";
};
server = {
DOMAIN = "git.imxyy.top";
HTTP_ADDR = "127.0.0.1";
HTTP_PORT = 8082;
ROOT_URL = "https://git.imxyy.top/";
SSH_PORT = 2222;
};
service = {
REGISTER_MANUAL_CONFIRM = true;
};
};
};
services.openssh.ports = [
22
2222
];
users = {
users.git = {
isNormalUser = true;
description = "git user";
group = "git";
home = "/mnt/nas/gitea";
};
groups.git = { };
};
}

45
config/hosts/imxyy-nix-server/grafana.nix
View File

@@ -1,45 +0,0 @@
{ pkgs, ... }:
{
services.grafana = {
enable = true;
settings = {
server = {
http_addr = "0.0.0.0";
http_port = 8090;
domain = "grafana.imxyy.top";
};
};
};
services.prometheus = {
enable = true;
package = pkgs.stable.prometheus;
port = 8091;
exporters = {
node = {
enable = true;
port = 8092;
enabledCollectors = [
"systemd"
"zfs"
];
};
};
scrapeConfigs = [
{
job_name = "node";
static_configs = [
{
targets = [ "127.0.0.1:8092" ];
}
];
}
];
};
services.caddy.virtualHosts."grafana.imxyy.top" = {
extraConfig = ''
reverse_proxy :8090 {
header_up X-Real-IP {remote_host}
}
'';
};
}

110
config/hosts/imxyy-nix-server/hardware.nix
View File

@@ -1,110 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
btrfs = "/dev/disk/by-uuid/c7889c5c-c5b6-4e3c-9645-dfd49c2e84d0";
in
{
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "kvm-amd" ];
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_cachyos;
services.scx.enable = true;
boot.extraModulePackages = [ ];
boot.tmp.useTmpfs = true;
boot.supportedFilesystems = [ "zfs" ];
boot.zfs = {
extraPools = [ "data" ];
forceImportRoot = false;
package = pkgs.zfs_cachyos;
};
services.zfs.autoScrub.enable = true;
services.btrfs.autoScrub.enable = true;
networking.hostId = "10ca95b4";
fileSystems."/" = {
device = btrfs;
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=root"
];
};
fileSystems."/nix" = {
device = btrfs;
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=nix"
];
};
my.persist.location = "/nix/persist";
fileSystems."/nix/persist" = {
device = btrfs;
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=persist"
];
neededForBoot = true;
};
boot.initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount ${btrfs} /btrfs_tmp
mkdir -p /btrfs_tmp/old_roots
if [[ -e /btrfs_tmp/root ]]; then
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +14); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/32AA-2998";
fsType = "vfat";
options = [
"uid=0"
"gid=0"
"fmask=0077"
"dmask=0077"
];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault false;
hardware.enableRedistributableFirmware = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkForce "x86_64-linux";
}

22
config/hosts/imxyy-nix-server/home.nix
View File

@@ -1,22 +0,0 @@
{ ... }:
{
my = {
cli.all.enable = true;
coding.editor.neovim.enable = true;
coding.misc.enable = true;
coding.langs.lua.enable = true;
coding.langs.rust.enable = true;
persist = {
enable = true;
homeDirs = [
"workspace"
"Virt"
".local/state"
".cache"
".ollama"
];
};
};
}

18
config/hosts/imxyy-nix-server/homepage.nix
View File

@@ -1,18 +0,0 @@
{
virtualisation.oci-containers = {
containers = {
sun-panel = {
image = "hslr/sun-panel:latest";
volumes = [
"/var/lib/sun-panel:/app/conf"
];
ports = [ "8085:3002" ];
};
};
};
services.caddy.virtualHosts."home.imxyy.top" = {
extraConfig = ''
reverse_proxy :8085
'';
};
}

17
config/hosts/imxyy-nix-server/immich.nix
View File

@@ -1,17 +0,0 @@
{ ... }:
{
services.immich = {
enable = true;
host = "127.0.0.1";
port = 8096;
mediaLocation = "/mnt/nas/immich";
group = "nextcloud";
};
services.caddy.virtualHosts."immich.imxyy.top" = {
extraConfig = ''
reverse_proxy :8096 {
header_up X-Real-IP {remote_host}
}
'';
};
}

54
config/hosts/imxyy-nix-server/mail.nix
View File

@@ -1,54 +0,0 @@
{ pkgs, ... }:
{
services.roundcube = {
enable = true;
hostName = "mail.imxyy.top";
plugins = [
"contextmenu"
"persistent_login"
];
package = pkgs.roundcube.withPlugins (
plugins: with plugins; [
contextmenu
persistent_login
]
);
extraConfig = ''
# starttls needed for authentication, so the fqdn required to match
# the certificate
$config['imap_conn_options'] = [
'ssl' => [
'verify_peer_name' => false,
],
];
$config['imap_host'] = "tls://mail10.serv00.com";
$config['imap_user'] = "%u";
$config['imap_pass'] = "%p";
$config['smtp_conn_options'] = [
'ssl' => [
'verify_peer_name' => false,
],
];
$config['smtp_host'] = "tls://mail10.serv00.com";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
services.nginx.virtualHosts."mail.imxyy.top" = {
listen = [
{
addr = "0.0.0.0";
port = 8087;
}
];
forceSSL = false;
enableACME = false;
};
services.caddy.virtualHosts."mail.imxyy.top" = {
extraConfig = ''
reverse_proxy :8087 {
header_up X-Real-IP {remote_host}
}
'';
};
}

46
config/hosts/imxyy-nix-server/matrix.nix
View File

@@ -1,46 +0,0 @@
{
services.matrix-synapse = {
enable = true;
settings = {
server_name = "matrix.imxyy.top";
public_baseurl = "https://matrix.imxyy.top";
listeners = [
{
port = 8094;
bind_addresses = [ "127.0.0.1" ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = [
"client"
"federation"
];
compress = true;
}
];
}
];
turn_uris = [ "turns:vkvm.imxyy.top:5349" ];
turn_shared_secret = "ac779a48c03bb451839569d295a29aa6ab8c264277bec2df9c9c7f5e22936288";
turn_user_lifetime = "1h";
database_type = "psycopg2";
database_args.database = "matrix-synapse";
};
extraConfigFiles = [
"/var/lib/matrix-synapse/secret"
];
};
services.caddy.virtualHosts."matrix.imxyy.top" = {
extraConfig = ''
reverse_proxy :8094
handle_path /_matrix {
reverse_proxy :8094
}
handle_path /_synapse/client {
reverse_proxy :8094
}
'';
};
}

19
config/hosts/imxyy-nix-server/minecraft.nix
View File

@@ -1,19 +0,0 @@
{ lib, pkgs, ... }:
{
systemd.services."fabric1.20.6" = {
description = "fabric 1.20.6 minecraft server";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
WorkingDirectory = "/opt/minecraft/fabric1.20.6";
ExecStart = "${lib.getExe' pkgs.openjdk21 "java"} -Xms1G -Xmx5G -jar fabric-server-mc.1.20.6-loader.0.15.11-launcher.1.0.1.jar";
Restart = "always";
RestartSec = 120;
};
};
my.persist = {
nixosDirs = [
"/opt/minecraft"
];
};
}

26
config/hosts/imxyy-nix-server/minio.nix
View File

@@ -1,26 +0,0 @@
{ config, sopsRoot, ... }:
{
sops.secrets.minio-env = {
sopsFile = sopsRoot + /minio.env;
format = "dotenv";
};
services.minio = {
enable = true;
listenAddress = ":9000";
consoleAddress = ":9001";
region = "cn-south-gz";
configDir = "/mnt/nas/minio/config";
dataDir = [
"/mnt/nas/minio/data"
];
rootCredentialsFile = config.sops.secrets.minio-env.path;
};
services.caddy.virtualHosts."minio.imxyy.top" = {
extraConfig = ''
handle_path /* {
reverse_proxy :9000
}
'';
};
}

588
config/hosts/imxyy-nix-server/net.nix
View File

@@ -1,588 +0,0 @@
{
config,
lib,
pkgs,
username,
sopsRoot,
...
}:
{
boot.kernelParams = [
"biosdevname=0"
"net.ifnames=0"
];
networking = {
useDHCP = lib.mkForce false;
dhcpcd = {
wait = "background";
IPv6rs = true;
extraConfig = ''
interface mac0
noipv4
'';
};
interfaces = {
eth0.wakeOnLan.enable = true;
eth1.wakeOnLan.enable = true;
mac0 = {
useDHCP = true;
ipv4.addresses = [
{
address = "192.168.3.2";
prefixLength = 24;
}
];
};
};
macvlans."mac0" = {
interface = "eth0";
mode = "bridge";
};
defaultGateway = {
address = "192.168.3.1";
interface = "mac0";
};
nameservers = [
"192.168.3.2"
];
firewall.enable = false;
nftables = {
enable = true;
flushRuleset = true;
ruleset = ''
table inet firewall {
set LANv4 {
type ipv4_addr
flags interval
elements = { 10.0.0.0/8, 100.64.0.0/10, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 }
}
set LANv6 {
type ipv6_addr
flags interval
elements = { fd00::/8, fe80::/10 }
}
set tcp_ports {
type inet_service
flags interval
elements = {
http,
https,
2222,
25565
}
}
chain prerouting {
type filter hook prerouting priority mangle; policy accept;
ip daddr @LANv4 accept
ip6 daddr @LANv6 accept
}
chain output {
type filter hook output priority 100; policy accept;
ip daddr @LANv4 accept
ip6 daddr @LANv6 accept
}
chain input {
type filter hook input priority 0; policy drop;
iif lo accept
ct state invalid drop
ct state established,related accept
ip protocol { icmp, igmp } accept
ip saddr @LANv4 accept
ip6 saddr @LANv6 accept
tcp dport 2222 ct state new limit rate 15/minute counter accept
tcp dport @tcp_ports counter accept
}
chain forward {
type filter hook forward priority 0; policy accept;
}
chain nat {
type nat hook postrouting priority 0; policy accept;
ip saddr 192.168.3.0/24 masquerade
}
}
'';
};
};
services.openssh = {
enable = true;
settings = {
# PermitRootLogin = "yes";
PermitRootLogin = "prohibit-password";
PasswordAuthentication = true;
};
};
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEFLUkyeaK8ZPPZdVNEmtx8zvoxi7xqS2Z6oxRBuUPO imxyy@imxyy-nix"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBWOy0QmAyxENg/O5m3cus8U3c9jCLioivwcWsh5/a82 imxyy-hisense-pad"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8pivvE8PMtsOxmccfNhH/4KehDKhBfUfJbQZxo/SZT imxyy-ace5"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKALTBn/QSGcSPgMg0ViSazFcaA0+nEF05EJpjbsI6dE imxyy_soope_@imxyy-cloudwin"
];
users.users.${username}.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEFLUkyeaK8ZPPZdVNEmtx8zvoxi7xqS2Z6oxRBuUPO imxyy@imxyy-nix"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBWOy0QmAyxENg/O5m3cus8U3c9jCLioivwcWsh5/a82 imxyy-hisense-pad"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8pivvE8PMtsOxmccfNhH/4KehDKhBfUfJbQZxo/SZT imxyy-ace5"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKALTBn/QSGcSPgMg0ViSazFcaA0+nEF05EJpjbsI6dE imxyy_soope_@imxyy-cloudwin"
];
sops.secrets.dae-imxyy-nix-server = {
sopsFile = sopsRoot + /dae-imxyy-nix-server.dae;
format = "binary";
};
services.dae = {
enable = true;
configFile = config.sops.secrets.dae-imxyy-nix-server.path;
};
systemd.services.dae.after = [ "sops-nix.service" ];
sops.secrets.mihomo = {
sopsFile = sopsRoot + /mihomo.yaml;
format = "yaml";
key = "";
};
systemd.services.mihomo.after = [ "sops-nix.service" ];
services.mihomo = {
enable = true;
configFile = config.sops.secrets.mihomo.path;
webui = pkgs.metacubexd;
};
sops.secrets.frp-env = {
sopsFile = sopsRoot + /frp.env;
format = "dotenv";
};
systemd.services.frp.serviceConfig.EnvironmentFile = [
config.sops.secrets.frp-env.path
];
services.frp = {
enable = true;
role = "client";
settings = {
serverAddr = "hk.vkvm.imxyy.top";
serverPort = 7000;
auth.token = "{{ .Envs.FRP_AUTH_TOKEN }}";
proxies = [
{
name = "nextcloud-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "nextcloud.imxyy.top" ];
}
{
name = "nextcloud-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "nextcloud.imxyy.top" ];
}
{
name = "oidc-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "oidc.imxyy.top" ];
}
{
name = "oidc-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "oidc.imxyy.top" ];
}
{
name = "headscale-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "headscale.imxyy.top" ];
}
{
name = "headscale-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "headscale.imxyy.top" ];
}
{
name = "mail-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "mail.imxyy.top" ];
}
{
name = "mail-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "mail.imxyy.top" ];
}
{
name = "gitea-ssh";
type = "tcp";
localIP = "127.0.0.1";
localPort = 2222;
remotePort = 2222;
}
{
name = "gitea-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "git.imxyy.top" ];
}
{
name = "gitea-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "git.imxyy.top" ];
}
{
name = "vault-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "vault.imxyy.top" ];
}
{
name = "vault-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "vault.imxyy.top" ];
}
{
name = "home-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "home.imxyy.top" ];
}
{
name = "home-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "home.imxyy.top" ];
}
{
name = "coder-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "coder.imxyy.top" ];
}
{
name = "coder-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "coder.imxyy.top" ];
}
{
name = "music-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "music.imxyy.top" ];
}
{
name = "music-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "music.imxyy.top" ];
}
{
name = "ai-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "ai.imxyy.top" ];
}
{
name = "ai-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "ai.imxyy.top" ];
}
{
name = "grafana-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "grafana.imxyy.top" ];
}
{
name = "grafana-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "grafana.imxyy.top" ];
}
{
name = "note-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "note.imxyy.top" ];
}
{
name = "note-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "note.imxyy.top" ];
}
{
name = "siyuan-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "sy.imxyy.top" ];
}
{
name = "siyuan-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "sy.imxyy.top" ];
}
{
name = "matrix-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "matrix.imxyy.top" ];
}
{
name = "matrix-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "matrix.imxyy.top" ];
}
{
name = "immich-http";
type = "http";
localIP = "127.0.0.1";
localPort = 80;
customDomains = [ "immich.imxyy.top" ];
}
{
name = "immich-https";
type = "https";
localIP = "127.0.0.1";
localPort = 443;
customDomains = [ "immich.imxyy.top" ];
}
{
name = "minecraft";
type = "tcp";
localIP = "127.0.0.1";
localPort = 25565;
remotePort = 25565;
}
];
};
};
services.tailscale = {
enable = true;
useRoutingFeatures = "both";
extraSetFlags = [ "--accept-dns=false" ];
};
services.headscale = {
enable = true;
address = "0.0.0.0";
port = 8080;
settings = {
logtail.enabled = false;
server_url = "https://headscale.imxyy.top";
dns.magic_dns = false;
dns.override_local_dns = false;
ip_prefixes = "100.64.0.0/10";
oidc = {
only_start_if_oidc_is_available = true;
issuer = "https://oidc.imxyy.top";
client_id = "https://headscale.imxyy.top";
allowed_domains = [
"imxyy.top"
"*.imxyy.top"
];
client_secret = "";
expiry = 0;
extra_params.domain_hint = "imxyy.top";
};
};
};
systemd.services."headscale" = {
serviceConfig = {
Restart = "always";
RestartSec = 120;
};
after = [
"podman-obligator.service"
];
requires = [
"podman-obligator.service"
];
};
sops.secrets.et-imxyy-nix-server = {
sopsFile = sopsRoot + /et-imxyy-nix-server.toml;
format = "binary";
};
environment.systemPackages = [ pkgs.easytier ];
systemd.services."easytier" = {
enable = true;
script = "${pkgs.easytier}/bin/easytier-core -c ${config.sops.secrets.et-imxyy-nix-server.path}";
serviceConfig = {
Restart = "always";
RestartSec = 30;
User = "root";
};
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
"sops-nix.service"
];
};
virtualisation.oci-containers = {
containers = {
obligator = {
image = "anderspitman/obligator:latest";
volumes = [
"/var/lib/obligator:/data"
"/var/lib/obligator:/api"
];
ports = [ "8081:1616" ];
cmd = [
"-storage-dir"
"/data"
"-api-socket-dir"
"/api"
"-root-uri"
"https://oidc.imxyy.top"
"-port"
"1616"
];
};
};
};
services.caddy.virtualHosts."headscale.imxyy.top" = {
extraConfig = ''
reverse_proxy :8080 {
header_up X-Real-IP {remote_host}
}
'';
};
services.caddy.virtualHosts."oidc.imxyy.top" = {
extraConfig = ''
reverse_proxy :8081 {
header_up X-Real-IP {remote_host}
}
'';
};
systemd.services.ddns-go =
let
ddns-go = pkgs.buildGoModule rec {
pname = "ddns-go";
version = "6.6.7";
src = pkgs.fetchFromGitHub {
owner = "jeessy2";
repo = "ddns-go";
rev = "v${version}";
hash = "sha256-Ejoe6e9GFhHxQ9oIBDgDRQW9Xx1XZK+qSAXiRXLdn+c=";
};
meta.mainProgram = "ddns-go";
vendorHash = "sha256-XZii7gV3DmTunYyGYzt5xXhv/VpTPIoYKbW4LnmlAgs=";
doCheck = false;
};
in
{
description = "Go Dynamic DNS";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${lib.getExe ddns-go} -l :9876 -f 10 -cacheTimes 180 -c /var/lib/ddns-go/config.yaml";
Restart = "always";
RestartSec = 120;
};
path = [
pkgs.bash
];
};
services.dnsmasq =
let
subDomains = [
"home"
"nextcloud"
"mail"
"git"
"vault"
"coder"
"headscale"
"grafana"
"matrix"
"note"
"oidc"
"mc"
"music"
"ai"
"sy"
"minio"
];
in
{
enable = true;
resolveLocalQueries = false;
settings = {
server = [
"120.53.53.53"
"223.5.5.5"
];
address = map (sub: "/${sub}.imxyy.top/192.168.3.2") subDomains ++ [
"/imxyy-nix-server/192.168.3.2"
"/imxyy-cloudwin/192.168.3.4"
"/printer.home/192.168.3.53"
];
cache-size = 0;
};
};
}

143
config/hosts/imxyy-nix-server/nextcloud.nix
View File

@@ -1,143 +0,0 @@
{
lib,
pkgs,
hostname,
...
}:
let
nextcloud = "nextcloud.${imxyy}";
imxyy = "imxyy.top";
in
{
environment.systemPackages = with pkgs; [
exiftool
ffmpeg
rclone
];
services.nextcloud = {
enable = true;
package = pkgs.nextcloud31;
extraApps = {
inherit (pkgs.nextcloud31.packages.apps)
bookmarks
previewgenerator
spreed
notes
registration
;
};
extraAppsEnable = true;
hostName = nextcloud;
home = "/mnt/nas/nextcloud";
https = true;
nginx.recommendedHttpHeaders = true;
caching.redis = true;
configureRedis = true;
database.createLocally = true;
config = {
dbtype = "pgsql";
adminpassFile = toString (pkgs.writeText "nextcloud-pass" "admin12345!");
adminuser = "admin";
};
settings.trusted_domains = [
hostname
"192.168.3.2"
"10.0.0.1"
];
phpExtraExtensions =
all: with all; [
pdlib
];
maxUploadSize = "16G";
phpOptions = {
"opcache.enable" = 1;
"opcache.enable_cli" = 1;
"opcache.interned_strings_buffer" = 8;
"opcache.max_accelerated_files" = 10000;
"opcache.memory_consumption" = 128;
"opcache.save_comments" = 1;
"opcache.revalidate_freq" = 1;
memory_limit = lib.mkForce "2G";
};
poolSettings = {
pm = "dynamic";
"pm.max_children" = "12";
"pm.min_spare_servers" = "6";
"pm.max_spare_servers" = "12";
};
};
services.nginx.virtualHosts."nextcloud.imxyy.top" = {
listen = [
{
addr = "0.0.0.0";
port = 8084;
}
];
};
/*
services.caddy.virtualHosts.":80" = {
extraConfig = ''
redir https://{host}{uri}
'';
};
services.caddy.virtualHosts.":443" = {
extraConfig =
let
path = "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/nextcloud.imxyy.top";
in
''
reverse_proxy :8084
tls ${path}/nextcloud.imxyy.top.crt ${path}/nextcloud.imxyy.top.key
'';
};
*/
services.caddy.virtualHosts."nextcloud.imxyy.top" = {
extraConfig = ''
reverse_proxy :8084 {
header_up X-Real-IP {remote_host}
}
'';
};
/*
systemd.timers."kopia" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "daily";
Persistent = true;
Unit = "kopia.service";
};
};
*/
systemd.services."kopia" = {
script = ''
${pkgs.kopia}/bin/kopia snapshot create /mnt/nas/share
${pkgs.kopia}/bin/kopia snapshot create /mnt/nas/nextcloud/data
'';
serviceConfig = {
Type = "oneshot";
User = "nextcloud";
};
};
systemd.timers."nextcloud-cronjobs" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "daily";
Persistent = true;
Unit = "nextcloud-cronjobs.service";
};
};
systemd.services."nextcloud-cronjobs" = {
script = ''
/run/current-system/sw/bin/nextcloud-occ preview:pre-generate
'';
serviceConfig = {
Type = "oneshot";
User = "nextcloud";
};
};
}

14
config/hosts/imxyy-nix-server/nginx.nix
View File

@@ -1,14 +0,0 @@
{
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
clientMaxBodySize = "0";
};
security.acme = {
acceptTerms = true;
defaults.email = "acme@imxyy.top";
};
}

33
config/hosts/imxyy-nix-server/nixos.nix
View File

@@ -1,33 +0,0 @@
{
lib,
config,
username,
sopsRoot,
...
}:
{
boot.loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = true;
grub.enable = false;
timeout = 0;
};
hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true;
systemd.services.nix-daemon = {
environment.TMPDIR = "/var/cache/nix";
serviceConfig.CacheDirectory = "nix";
};
environment.variables.NIX_REMOTE = "daemon";
sops.secrets.imxyy-nix-server-hashed-password = {
sopsFile = sopsRoot + /imxyy-nix-server-hashed-password.txt;
format = "binary";
neededForUsers = true;
};
users.users.${username}.hashedPasswordFile =
lib.mkForce config.sops.secrets.imxyy-nix-server-hashed-password.path;
users.users.root.hashedPasswordFile = lib.mkForce config.sops.secrets.imxyy-nix-server-hashed-password.path;
}

61
config/hosts/imxyy-nix-server/note.nix
View File

@@ -1,61 +0,0 @@
{
config,
sopsRoot,
...
}:
{
sops.secrets = {
flatnote-env = {
sopsFile = sopsRoot + /flatnote.env;
format = "dotenv";
};
siyuan-env = {
sopsFile = sopsRoot + /siyuan.env;
format = "dotenv";
};
};
virtualisation.oci-containers = {
containers = {
flatnotes = {
image = "dullage/flatnotes:latest";
volumes = [
"/mnt/nas/flatnotes/data:/data"
];
environmentFiles = [
"${config.sops.secrets.flatnote-env.path}"
];
ports = [ "8093:8080" ];
};
siyuan = {
image = "apkdv/siyuan-unlock:v3.1.30";
volumes = [
"/mnt/nas/siyuan/workspace:/workspace"
"/mnt/nas/siyuan:/home/siyuan"
];
cmd = [
"--workspace=/workspace"
];
environment = {
PUID = "0";
PGID = "0";
};
environmentFiles = [
"${config.sops.secrets.siyuan-env.path}"
];
ports = [ "8095:6806" ];
};
};
};
services.caddy.virtualHosts = {
"note.imxyy.top" = {
extraConfig = ''
reverse_proxy :8093
'';
};
"sy.imxyy.top" = {
extraConfig = ''
reverse_proxy :8095
'';
};
};
}

34
config/hosts/imxyy-nix-server/samba.nix
View File

@@ -1,34 +0,0 @@
{
services.samba = {
enable = true;
nsswins = true;
settings = {
global = {
security = "user";
"netbios name" = "NAS";
};
share = {
path = "/mnt/nas/share";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0664";
"directory mask" = "0775";
"force user" = "nextcloud";
"force group" = "nextcloud";
};
};
};
services.samba-wsdd.enable = true;
# ensure dir exists
systemd.tmpfiles.rules = [
"d /mnt/nas/share 0775 nextcloud nextcloud - -"
];
users = {
users.nas = {
isSystemUser = true;
description = "NAS user";
group = "nextcloud";
};
};
}

31
config/hosts/imxyy-nix-server/vault.nix
View File

@@ -1,31 +0,0 @@
{ config, sopsRoot, ... }:
{
sops.secrets.vaultwarden-env = {
sopsFile = sopsRoot + /vaultwarden.env;
format = "dotenv";
};
services.postgresql.ensureUsers = [
{
name = "vaultwarden";
ensureDBOwnership = true;
}
];
services.postgresql.ensureDatabases = [ "vaultwarden" ];
services.vaultwarden = {
enable = true;
dbBackend = "postgresql";
config = {
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8083;
DOMAIN = "https://vault.imxyy.top";
};
environmentFile = "${config.sops.secrets.vaultwarden-env.path}";
};
services.caddy.virtualHosts."vault.imxyy.top" = {
extraConfig = ''
reverse_proxy :8083 {
header_up X-Real-IP {remote_host}
}
'';
};
}

33
config/hosts/imxyy-nix-server/virt.nix
View File

@@ -1,33 +0,0 @@
{ lib, ... }:
let
# T400
gpuIDs = [
"8086:56a0" # A770
"8086:4f90"
"10de:1f82" # 1650
"10de:10fa"
"10de:1fb2" # T400
];
in
{
boot = {
initrd.kernelModules = [
"vfio_pci"
"vfio"
"vfio_iommu_type1"
];
kernelParams = [
"pcie_acs_override=downstream,multifunction"
"amd_iommu=on"
"vfio-pci.ids=${lib.concatStringsSep "," gpuIDs}"
];
extraModprobeConfig = ''
options kvm ignore_msrs=Y
options kvm report_ignored_msrs=N
'';
};
virtualisation.spiceUSBRedirection.enable = true;
my.virt.enable = true;
}

23
config/hosts/imxyy-nix-server/yesplaymusic.nix
View File

@@ -1,23 +0,0 @@
{
virtualisation.oci-containers.containers."YesPlayMusic" = {
image = "git.imxyy.top/imxyy1soope1/yesplaymusic:latest";
environment = {
"NODE_TLS_REJECT_UNAUTHORIZED" = "0";
};
volumes = [
"/etc/localtime:/etc/localtime:ro"
];
ports = [
"8088:80/tcp"
];
log-driver = "journald";
};
services.caddy.virtualHosts."music.imxyy.top" = {
extraConfig = ''
reverse_proxy :8088 {
header_up X-Real-IP {remote_host}
}
'';
};
}

6
config/hosts/imxyy-nix-wsl/default.nix
View File

@@ -1,6 +0,0 @@
{
imports = [
./nixos.nix
./home.nix
];
}

14
config/hosts/imxyy-nix-wsl/home.nix
View File

@@ -1,14 +0,0 @@
{ lib, username, ... }:
{
my.home.programs.zsh.shellAliases = {
localproxy_on = "export http_proxy=http://192.168.128.1:7890 https_proxy=http://192.168.128.1:7890 all_proxy=socks://192.168.128.1:7890";
};
my = {
sops.sshKeyPath = "/home/${username}/.ssh/id_ed25519";
coding.all.enable = true;
coding.editor.vscode.enable = lib.mkForce false;
cli.misc.enable = true;
xdg.enable = true;
cli.media.all.enable = true;
};
}

27
config/hosts/imxyy-nix-wsl/nixos.nix
View File

@@ -1,27 +0,0 @@
{
lib,
username,
inputs,
...
}:
{
imports = [
inputs.nixos-wsl.nixosModules.wsl
];
wsl.enable = true;
wsl.defaultUser = username;
services.openssh = {
enable = true;
settings = {
# Forbid root login through SSH.
PermitRootLogin = "no";
PasswordAuthentication = true;
};
};
# fix vscode remote
programs.nix-ld.enable = true;
nixpkgs.hostPlatform = lib.mkForce "x86_64-linux";
}

106
config/hosts/imxyy-nix-x16/hardware.nix
View File

@@ -1,106 +0,0 @@
{
config,
lib,
pkgs,
username,
...
}:
let
btrfs = "/dev/disk/by-uuid/69ab72d4-6ced-4f70-8b5e-aa2daa8c0b6b";
in
{
boot = {
initrd = {
kernelModules = [ "amdgpu" ];
availableKernelModules = [
"nvme"
"xhci_pci"
"thunderbolt"
"uas"
"sd_mod"
];
verbose = false;
};
kernelPackages = lib.mkForce pkgs.linuxPackages_cachyos;
kernelModules = [ "kvm-amd" ];
tmp.useTmpfs = true;
kernel.sysctl = {
"fs.file-max" = 9223372036854775807;
};
};
services.scx.enable = true;
fileSystems."/" = {
device = btrfs;
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=root"
];
};
fileSystems."/nix" = {
device = btrfs;
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=nix"
];
};
my.persist.location = "/nix/persist";
fileSystems."/nix/persist" = {
device = btrfs;
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=persist"
];
neededForBoot = true;
};
boot.initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount ${btrfs} /btrfs_tmp
mkdir -p /btrfs_tmp/old_roots
if [[ -e /btrfs_tmp/root ]]; then
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +14); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/96D3-93B0";
fsType = "vfat";
options = [
"uid=0"
"gid=0"
"fmask=0077"
"dmask=0077"
];
};
networking.useDHCP = lib.mkDefault false;
hardware.enableRedistributableFirmware = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkForce "x86_64-linux";
}

9
config/hosts/imxyy-nix/default.nix
View File

@@ -1,9 +0,0 @@
{
imports = [
./nixos.nix
./hardware.nix
./home.nix
./virt.nix
./net.nix
];
}

162
config/hosts/imxyy-nix/hardware.nix
View File

@@ -1,162 +0,0 @@
{
config,
lib,
pkgs,
username,
...
}:
let
btrfs = "/dev/disk/by-uuid/0404de0a-9c4d-4c98-b3e5-b8ff8115f36c";
in
{
boot = {
initrd = {
kernelModules = [ "amdgpu" ];
availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
];
verbose = false;
};
kernelPackages = lib.mkForce pkgs.linuxPackages_cachyos;
kernelModules = [ "kvm-amd" ];
tmp.useTmpfs = true;
kernel.sysctl = {
"fs.file-max" = 9223372036854775807;
};
resumeDevice = btrfs;
kernelParams = [
"resume_offset=6444127"
];
};
services.scx.enable = true;
fileSystems."/" = {
device = btrfs;
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=root"
];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/843c36ae-f6d0-46a1-b5c7-8ab569e1e63f";
fsType = "btrfs";
options = [ "compress=zstd" ];
};
my.persist.location = "/nix/persist";
fileSystems."/nix/persist" = {
device = btrfs;
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=persistent"
];
neededForBoot = true;
};
fileSystems."/swap" = {
device = btrfs;
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=swap"
];
neededForBoot = true;
};
boot.initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount ${btrfs} /btrfs_tmp
mkdir -p /btrfs_tmp/old_roots
if [[ -e /btrfs_tmp/root ]]; then
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +14); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/B7DC-E9AC";
fsType = "vfat";
options = [
"uid=0"
"gid=0"
"fmask=0077"
"dmask=0077"
];
};
fileSystems."/home/${username}/Documents" = {
device = "/dev/disk/by-uuid/a4e37dcd-764a-418c-aa1c-484f1fbd4bbe";
fsType = "ext4";
};
fileSystems."/home/${username}/Downloads" = {
device = "/dev/disk/by-uuid/18717cb4-49ac-40fa-95d4-29523a458dd0";
fsType = "ext4";
};
fileSystems."/home/${username}/Videos" = {
device = "/dev/disk/by-uuid/b67bbeab-58bc-4814-b5e3-08404e78b25e";
fsType = "ext4";
};
fileSystems."/home/${username}/Pictures" = {
device = "/dev/disk/by-uuid/a31bfe7e-cc17-4bd2-af74-ae5de9be35d3";
fsType = "ext4";
};
fileSystems."/home/${username}/Music" = {
device = "//192.168.3.2/share/imxyy_soope_/Music";
fsType = "cifs";
options = [
"username=nas"
"password=nasshare"
"x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"
"nodev"
"nofail"
"uid=1000"
"gid=100"
"vers=3"
"rw"
];
};
swapDevices = [
{
device = "/swap/swapfile";
size = 32 * 1024;
}
];
networking.useDHCP = lib.mkDefault false;
hardware.enableRedistributableFirmware = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkForce "x86_64-linux";
}

185
config/hosts/imxyy-nix/home.nix
View File

@@ -1,185 +0,0 @@
{
config,
lib,
pkgs,
username,
...
}:
{
my.home = {
home.packages = with pkgs; [
localsend
rclone
wpsoffice-cn
wps-office-fonts
ttf-wps-fonts
evince
anki
ayugram-desktop
telegram-desktop
signal-desktop
discord
qq
wechat
gnome-clocks
wineWowPackages.waylandFull
pavucontrol
pamixer
];
programs.zsh = {
shellAliases = {
cageterm = "cage -m DP-2 -s -- alacritty -o font.size=20";
cagefoot = "cage -m DP-2 -s -- foot --font=monospace:size=20";
cagekitty = "cage -m DP-2 -s -- kitty -o font_size=20";
};
sessionVariables = {
no_proxy = "192.168.3.0/24";
PATH = "/home/${username}/bin:$PATH";
};
profileExtra = ''
if [ `tty` = "/dev/tty6" ]; then
clear
fi
'';
};
programs.niri.settings = {
environment.STEAM_FORCE_DESKTOPUI_SCALING = "1.25";
outputs = {
DP-2 = {
enable = true;
mode = {
width = 2560;
height = 1440;
refresh = 75.033;
};
scale = 1.25;
position = {
x = 0;
y = 0;
};
};
DP-3 = {
enable = true;
mode = {
width = 2560;
height = 1440;
refresh = 75.033;
};
scale = 1.25;
};
};
};
};
my = {
autologin = {
enable = true;
user = username;
ttys = [ 6 ];
};
gpg.enable = true;
cli.all.enable = true;
coding.all.enable = true;
desktop.all.enable = true;
desktop.browser.librewolf.enable = lib.mkForce false;
i18n.fcitx5.enable = true;
xdg = {
enable = true;
defaultApplications =
let
browser = [ "zen-beta.desktop" ];
editor = [ "codium.desktop" ];
imageviewer = [ "org.gnome.Shotwell-Viewer.desktop" ];
in
{
"inode/directory" = [ "nemo.desktop" ];
"application/pdf" = [ "org.gnome.Evince.desktop" ];
"text/*" = editor;
"application/json" = editor;
"text/html" = editor;
"text/xml" = editor;
"application/xml" = editor;
"application/xhtml+xml" = editor;
"application/xhtml_xml" = editor;
"application/rdf+xml" = editor;
"application/rss+xml" = editor;
"application/x-extension-htm" = editor;
"application/x-extension-html" = editor;
"application/x-extension-shtml" = editor;
"application/x-extension-xht" = editor;
"application/x-extension-xhtml" = editor;
"x-scheme-handler/about" = browser;
"x-scheme-handler/ftp" = browser;
"x-scheme-handler/http" = browser;
"x-scheme-handler/https" = browser;
"x-scheme-handler/unknown" = browser;
"audio/*" = imageviewer;
"video/*" = imageviewer;
"image/*" = imageviewer;
"image/gif" = imageviewer;
"image/jpeg" = imageviewer;
"image/png" = imageviewer;
"image/webp" = imageviewer;
};
extraBookmarks =
let
homedir = config.my.home.home.homeDirectory;
in
[
"file://${homedir}/Documents/%E7%8F%AD%E7%BA%A7%E4%BA%8B%E5%8A%A1 "
"file://${homedir}/NAS NAS"
"file://${homedir}/NAS/imxyy_soope_ NAS imxyy_soope_"
"file://${homedir}/NAS/imxyy_soope_/OS NAS OS"
];
};
persist = {
enable = true;
homeDirs = [
".android"
"Android"
"bin"
"workspace"
"Virt"
".cache"
".local/state"
".local/share/Anki2"
".local/share/shotwell"
".local/share/cheat.sh"
".local/share/Kingsoft"
".local/share/AyuGramDesktop"
".local/share/TelegramDesktop"
".config/Signal"
".config/discord"
".config/QQ"
".xwechat"
".config/Kingsoft"
".config/dconf"
".config/gh"
".config/pulse"
".config/pip"
".config/libreoffice"
".config/sunshine"
];
};
};
}

128
config/hosts/imxyy-nix/net.nix
View File

@@ -1,128 +0,0 @@
{
config,
lib,
pkgs,
sopsRoot,
username,
...
}:
{
boot.kernelParams = [
"biosdevname=0"
"net.ifnames=0"
];
networking = {
useDHCP = lib.mkForce false;
dhcpcd = {
wait = "background";
IPv6rs = true;
extraConfig = ''
interface eth0
noipv4
'';
};
interfaces = {
eth0 = {
useDHCP = lib.mkForce true;
wakeOnLan.enable = true;
macAddress = "3C:7C:3F:7C:D3:9D";
ipv4 = {
addresses = [
{
address = "192.168.3.3";
prefixLength = 24;
}
];
};
};
};
defaultGateway = {
address = "192.168.3.1";
interface = "eth0";
};
nameservers = [
"192.168.3.2"
];
firewall.enable = false;
nftables = {
enable = true;
flushRuleset = true;
ruleset = ''
table inet firewall {
set LANv4 {
type ipv4_addr
flags interval
elements = { 10.0.0.0/8, 100.64.0.0/10, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 }
}
set LANv6 {
type ipv6_addr
flags interval
elements = { fd00::/8, fe80::/10 }
}
chain output {
type filter hook output priority 100; policy accept;
}
chain input {
type filter hook input priority 0; policy drop;
iif lo accept
ct state invalid drop
ct state established,related accept
ip saddr @LANv4 accept
ip6 saddr @LANv6 accept
}
chain forward {
type filter hook forward priority 0; policy drop;
}
}
'';
};
};
sops.secrets.dae-imxyy-nix = {
sopsFile = sopsRoot + /dae-imxyy-nix.dae;
format = "binary";
};
services.dae = {
enable = true;
configFile = config.sops.secrets.dae-imxyy-nix.path;
};
systemd.services.dae.after = [ "sops-nix.service" ];
sops.secrets.mihomo = {
sopsFile = sopsRoot + /mihomo.yaml;
format = "yaml";
key = "";
};
systemd.services.mihomo.after = [ "sops-nix.service" ];
services.mihomo = {
enable = true;
configFile = config.sops.secrets.mihomo.path;
webui = pkgs.metacubexd;
};
sops.secrets.et-imxyy-nix = {
sopsFile = sopsRoot + /et-imxyy-nix.toml;
format = "binary";
};
environment.systemPackages = [ pkgs.easytier ];
systemd.services."easytier" = {
enable = true;
script = "${pkgs.easytier}/bin/easytier-core -c ${config.sops.secrets.et-imxyy-nix.path}";
serviceConfig = {
Restart = "always";
RestartSec = 30;
User = "root";
};
wantedBy = [ "multi-user.target" ];
after = [
"network.target"
"sops-nix.service"
];
};
}

264
config/hosts/imxyy-nix/nixos.nix
View File

@@ -1,264 +0,0 @@
{
lib,
pkgs,
config,
username,
sopsRoot,
...
}:
let
btreset = pkgs.writeScriptBin "btreset" ''
#!${lib.getExe pkgs.python3}
import subprocess
import os
import sys
SYM = "BT"
def action(line: str) -> bool:
if line.find(SYM) == -1:
return False
temp = line.split(" ")
bus = temp[1]
device = temp[3][:-1]
subprocess.run(["${lib.getExe usbreset}", f"/dev/bus/usb/{bus}/{device}"])
return True
if __name__ == "__main__":
if os.path.exists("/tmp/.btreseted") and len(sys.argv) == 1 and "-f" not in sys.argv[1:]:
exit(0)
res_byte = subprocess.check_output("/run/current-system/sw/bin/lsusb")
res = res_byte.decode()
lst = res.split("\n")
if any(tuple(map(action, lst))):
with open("/tmp/.btreseted", "w"):
...
'';
usbreset = pkgs.writeCBin "usbreset" ''
#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/ioctl.h>
#include <linux/usbdevice_fs.h>
int main(int argc, char **argv)
{
const char *filename;
int fd;
int rc;
if (argc != 2) {
fprintf(stderr, "Usage: usbreset device-filename\n");
return 1;
}
filename = argv[1];
fd = open(filename, O_WRONLY);
if (fd < 0) {
perror("Error opening output file");
return 1;
}
printf("Resetting USB device %s\n", filename);
rc = ioctl(fd, USBDEVFS_RESET, 0);
if (rc < 0) {
perror("Error in ioctl");
return 1;
}
printf("Reset successful\n");
close(fd);
return 0;
}
'';
in
{
security.pam.loginLimits = [
{
domain = "*";
type = "soft";
item = "nofile";
value = "524288";
}
];
systemd.services.btreset = {
script = lib.getExe btreset;
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "oneshot";
};
boot.kernelParams = [
"usbcore.autosuspend=-1" # Avoid usb autosuspend (for usb bluetooth adapter)
"fsck.mode=skip"
];
boot.loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = true;
grub.enable = false;
timeout = 0;
};
hardware.graphics.enable = true;
hardware.graphics.enable32Bit = true;
systemd.services.nix-daemon = {
environment.TMPDIR = "/var/cache/nix";
serviceConfig.CacheDirectory = "nix";
};
environment.variables.NIX_REMOTE = "daemon";
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = false;
alsa.support32Bit = false;
pulse.enable = false;
audio.enable = false;
};
services.pulseaudio = {
enable = true;
support32Bit = true;
package = pkgs.pulseaudioFull;
extraConfig = ''
load-module module-switch-on-connect
unload-module module-suspend-on-idle
'';
};
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
Enable = "Source,Sink,Media,Socket";
Disable = "HeadSet";
MultiProfile = "multiple";
};
};
};
users.extraUsers.${username}.extraGroups = [ "audio" ];
fonts = {
enableDefaultPackages = false;
fontDir.enable = true;
packages = with pkgs; [
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
jetbrains-mono
nerd-fonts.symbols-only
];
fontconfig.defaultFonts = {
serif = [
"Noto Serif CJK SC"
"Noto Serif"
"Symbols Nerd Font"
];
sansSerif = [
"Noto Sans CJK SC"
"Noto Sans"
"Symbols Nerd Font"
];
monospace = [
"JetBrains Mono"
"Noto Sans Mono CJK SC"
"Symbols Nerd Font Mono"
];
emoji = [ "Noto Color Emoji" ];
};
};
services.printing.enable = true;
services.keyd = {
enable = true;
keyboards.default.settings = {
main = {
capslock = "overload(control, esc)";
home = "end";
};
shift = {
home = "home";
};
control = {
delete = "print";
};
};
};
services.gvfs.enable = true;
programs.wireshark.enable = true;
programs.wireshark.package = pkgs.wireshark;
users.users.${username}.extraGroups = [ "wireshark" ];
services.sunshine = {
enable = true;
autoStart = true;
capSysAdmin = true;
applications.apps = [
{
name = "Desktop";
image-path = "desktop.png";
}
];
};
services.openssh = {
enable = true;
settings = {
# Forbid root login through SSH.
PermitRootLogin = null;
PasswordAuthentication = true;
};
};
environment.systemPackages = [
pkgs.rclone
btreset
];
sops.secrets.imxyy-nix-rclone = {
sopsFile = sopsRoot + /imxyy-nix-rclone.conf;
format = "binary";
};
fileSystems = {
"/home/${username}/Nextcloud" = {
device = "Nextcloud:";
fsType = "rclone";
options = [
"nodev"
"nofail"
"allow_other"
"args2env"
"config=${config.sops.secrets.imxyy-nix-rclone.path}"
"uid=1000"
"gid=100"
"rw"
"no-check-certificate"
"vfs-cache-mode=full"
];
};
"/home/${username}/NAS" = {
device = "//192.168.3.2/share";
fsType = "cifs";
options = [
"username=nas"
"password=nasshare"
"x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"
"nodev"
"nofail"
"uid=1000"
"gid=100"
"vers=3"
"rw"
];
};
};
}

12
config/hosts/imxyy-nix/virt.nix
View File

@@ -1,12 +0,0 @@
{
...
}:
{
hardware.graphics.enable = true;
virtualisation.spiceUSBRedirection.enable = true;
my.virt = {
enable = true;
moonlight.enable = true;
};
}

164
flake.lock generated
View File

@@ -37,11 +37,11 @@
"base16-helix": { "base16-helix": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1748408240, "lastModified": 1752979451,
"narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=", "narHash": "sha256-0CQM+FkYy0fOO/sMGhOoNL80ftsAzYCg9VhIrodqusM=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "base16-helix", "repo": "base16-helix",
"rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e", "rev": "27cf1e66e50abc622fb76a3019012dc07c678fac",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -107,11 +107,11 @@
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1752141190, "lastModified": 1753875761,
"narHash": "sha256-RHNq77Z84BtLTwyRtrBffm5V9006Dqw4vh3vrvULlxM=", "narHash": "sha256-FqsfIWS0mQ5OzLRLFgVEBWew/7WROSNr8lvTJJ7AQ4w=",
"owner": "chaotic-cx", "owner": "chaotic-cx",
"repo": "nyx", "repo": "nyx",
"rev": "ef0794b8e94eea166407141f7e92da75f6df925a", "rev": "b184ca87254844a6c2098b27b4ab493e6faf6cf7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -128,11 +128,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1750940343, "lastModified": 1753219021,
"narHash": "sha256-qmc/jreM09MOwQ8dOa/+yyh99rU7TowSqo8L33VHfto=", "narHash": "sha256-wYL0oMGwFPbhYT0G2NcR4ud00TI06TEWOrvPpN4eNl0=",
"owner": "Bali10050", "owner": "Bali10050",
"repo": "Darkly", "repo": "Darkly",
"rev": "77770c8d3c35f7ad39da2c57122c360096df0aac", "rev": "79ec260ff2a9af1f4de10e670c75b31b7fbcd5da",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -171,11 +171,11 @@
"rust-analyzer-src": "rust-analyzer-src" "rust-analyzer-src": "rust-analyzer-src"
}, },
"locked": { "locked": {
"lastModified": 1752129689, "lastModified": 1753858083,
"narHash": "sha256-0Xq5tZbvgZvxbbxv6kRHFuZE4Tq2za016NXh32nX0+Q=", "narHash": "sha256-9eNLBxVBaOLGTOC1QkwrzRtnb1x9MB/3PYLb+CiALZY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "fenix", "repo": "fenix",
"rev": "70bb04a7de606a75ba0a2ee9d47b99802780b35d", "rev": "2c5508b7563b9138a00cd82e213febfc9cbbb36c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -457,11 +457,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1748528448, "lastModified": 1751817769,
"narHash": "sha256-Tyn+PgBm78Ibq28/WbEz8+pYJZMdbJKsyXMCpT6TjrM=", "narHash": "sha256-j7ORyAJFNxYWwF+6fs2z5IcJ40TpVwrkFYU9/CGHwfA=",
"owner": "imxyy1soope1", "owner": "imxyy1soope1",
"repo": "go-musicfox", "repo": "go-musicfox",
"rev": "1870fd3501631577ad4daef1489b03885abcb037", "rev": "179b9440b6f209e7fd6ade589117b72bdd9042a6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -500,11 +500,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751824240, "lastModified": 1753761827,
"narHash": "sha256-aDDC0CHTlL7QDKWWhdbEgVPK6KwWt+ca0QkmHYZxMzI=", "narHash": "sha256-mrVNT+aF4yR8P8Fx570W2vz+LzukSlf68Yr2YhUJHjo=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "fd9e55f5fac45a26f6169310afca64d56b681935", "rev": "50adf8fcaa97c9d64309f2d507ed8be54ea23110",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -520,11 +520,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1752202894, "lastModified": 1753888434,
"narHash": "sha256-knafgng4gCjZIUMyAEWjxxdols6n/swkYnbWr+oF+1w=", "narHash": "sha256-xQhSeLJVsxxkwchE4s6v1CnOI6YegCqeA1fgk/ivVI4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "fab659b346c0d4252208434c3c4b3983a4b38fec", "rev": "0630790b31d4547d79ff247bc3ba1adda3a017d9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -542,11 +542,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1743604125, "lastModified": 1752603129,
"narHash": "sha256-ZD61DNbsBt1mQbinAaaEqKaJk2RFo9R/j+eYWeGMx7A=", "narHash": "sha256-S+wmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR+kw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "180fd43eea296e62ae68e079fcf56aba268b9a1a", "rev": "e8c19a3cec2814c754f031ab3ae7316b64da085b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -595,11 +595,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751529406, "lastModified": 1753764272,
"narHash": "sha256-jwKDHyUycp678zDYa5Hyfq3msO73YMXdZPxp96dU7po=", "narHash": "sha256-8/tZ3ZJpplWaVxgMeRg26cUclBZ27UUnnJdzd+RQKqE=",
"owner": "Jovian-Experiments", "owner": "Jovian-Experiments",
"repo": "Jovian-NixOS", "repo": "Jovian-NixOS",
"rev": "b2e5ce654e4f5bf8905c2e07a96dcf4966e6277d", "rev": "448688ae3df3152fec412e583239473934109486",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -668,11 +668,11 @@
"xwayland-satellite-unstable": "xwayland-satellite-unstable" "xwayland-satellite-unstable": "xwayland-satellite-unstable"
}, },
"locked": { "locked": {
"lastModified": 1752291616, "lastModified": 1753839324,
"narHash": "sha256-zpPFo4cgr5tOy8DCLIoD++idsKjnzgVPnBeZLmazYc4=", "narHash": "sha256-ipcsHV+XE7gaItRhqLsjLCYKIk57IAP1s9BHajQRotA=",
"owner": "sodiboo", "owner": "sodiboo",
"repo": "niri-flake", "repo": "niri-flake",
"rev": "30962469e2e8fb93c3672ee605316b89b8e9a198", "rev": "0108605855b3222c8965fa23fc05d713b77d0564",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -701,11 +701,11 @@
"niri-unstable": { "niri-unstable": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1750791124, "lastModified": 1752870529,
"narHash": "sha256-F5iVU/hjoSHSSe0gllxm0PcAaseEtGNanYK5Ha3k2Tg=", "narHash": "sha256-23DJk5EfEDCq7Xy1QELcayG0VxbbWpdQ6t7jbhae1Ok=",
"owner": "YaLTeR", "owner": "YaLTeR",
"repo": "niri", "repo": "niri",
"rev": "37458d94b288945f6cfbd3c5c233f634d59f246c", "rev": "fefc0bc0a71556eb75352e2b611e50eb5d3bf9c2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -804,11 +804,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1752199438, "lastModified": 1753704990,
"narHash": "sha256-xSBMmGtq8K4Qv80TMqREmESCAsRLJRHAbFH2T/2Bf1Y=", "narHash": "sha256-5E14xuNWy2Un1nFR55k68hgbnD8U2x/rE5DXJtYKusw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NixOS-WSL", "repo": "NixOS-WSL",
"rev": "d34d9412556d3a896e294534ccd25f53b6822e80", "rev": "58c814cc6d4a789191f9c12e18277107144b0c91",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -819,11 +819,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1751984180, "lastModified": 1753694789,
"narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=", "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0", "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -847,11 +847,11 @@
}, },
"nixpkgs-master": { "nixpkgs-master": {
"locked": { "locked": {
"lastModified": 1752206449, "lastModified": 1753941802,
"narHash": "sha256-NVAbC/s4CupABWGXF8M9mDiVw/n0YCftxwc1KatVjDk=", "narHash": "sha256-pQt2gqpCCA0GWEqcm4IzvkbLw4fNMn6JNq+5BBPpyAM=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1bd4d0d4a678d48b63eb18f457d74df2fcee6c69", "rev": "ed33ba16ce8e8605d8e9ef2dc6e802bc3134781d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -863,11 +863,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1752203688, "lastModified": 1753907720,
"narHash": "sha256-uJ054F5PVGPu5SvLPMevhdY/EfK0X5DUyRtXhQYNUyo=", "narHash": "sha256-rkoY2MZqt8qZbL/R+kUAm9unGXeEBaRpyls/mvImbJQ=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "a70a12c75e13aa546c20ce0fe515de634d52c39e", "rev": "22e6141f9c24030dbbd0a7b7c55f5714830e22b5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -879,11 +879,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1752124863, "lastModified": 1753904442,
"narHash": "sha256-5rWuf6RAlMDp/CAEuyYEz7ryxzgjxOCgUDhWEef864c=", "narHash": "sha256-XHeb6yarZ9YLd3aQsnc0c8FrpnBGtHckQGZBPYXF7Uk=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "40de82b434526744da778ed53c742c1282d9e75e", "rev": "d02f407d2bb5a5cb2f2f75c2a7c30d5b854be11b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -943,11 +943,11 @@
}, },
"nixpkgs_5": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1751984180, "lastModified": 1753694789,
"narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=", "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0", "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -963,11 +963,11 @@
"nixpkgs": "nixpkgs_5" "nixpkgs": "nixpkgs_5"
}, },
"locked": { "locked": {
"lastModified": 1752207112, "lastModified": 1753942697,
"narHash": "sha256-dnVoQSGQqEGJQzS6iHAG95c0oFrezzBinwu1bDLj9J4=", "narHash": "sha256-rZfW0XNiJVQojH9jBqifnccZykcIzugXxy+J4mZAl8E=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "f166dc14862dfec043f9545e8291cc4402f8b866", "rev": "fcab7393172a4a8821d70fe1df23b93fb3217ef7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1008,11 +1008,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1752146885, "lastModified": 1753595452,
"narHash": "sha256-ZJK989GL+bTCQSxbG8v8/7tHMCEl/FPovkeDBNyClQE=", "narHash": "sha256-vqkSDvh7hWhPvNjMjEDV4KbSCv2jyl2Arh73ZXe274k=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "d7079b75241c6e2b67f2429996fa7679ffc052e2", "rev": "a5431dd02dc23d9ef1680e67777fed00fe5f7cda",
"revCount": 616, "revCount": 665,
"type": "git", "type": "git",
"url": "https://git.outfoxxed.me/outfoxxed/quickshell" "url": "https://git.outfoxxed.me/outfoxxed/quickshell"
}, },
@@ -1049,11 +1049,11 @@
"rust-analyzer-src": { "rust-analyzer-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1752086493, "lastModified": 1753789923,
"narHash": "sha256-USpVUdiWXDfPoh+agbvoBQaBhg3ZdKZgHXo/HikMfVo=", "narHash": "sha256-z45szWoM2UZJuo2791LnkI6agdtBhZFSo87elnhp/eI=",
"owner": "rust-lang", "owner": "rust-lang",
"repo": "rust-analyzer", "repo": "rust-analyzer",
"rev": "6e3abe164b9036048dce1a3aa65a7e7e5200c0d3", "rev": "e57f18480dc3b1a0f46cd83e2aaa1cf3b53d8ece",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1071,11 +1071,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751856221, "lastModified": 1753757591,
"narHash": "sha256-/QE1eV0ckFvgRMcKjZqgdJDoXFNwSMepwRoBjaw2MCk=", "narHash": "sha256-3okLvry8fRWZhJZP75pPC9P6U1dcu84VOCPhPLXYozI=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "34cae4b56929c5b340e1c5b10d9a98a425b2a51e", "rev": "b372cf71b4125d420d7648cbd898ab8f5c355be2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1091,11 +1091,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751606940, "lastModified": 1752544651,
"narHash": "sha256-KrDPXobG7DFKTOteqdSVeL1bMVitDcy7otpVZWDE6MA=", "narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "3633fc4acf03f43b260244d94c71e9e14a2f6e0d", "rev": "2c8def626f54708a9c38a5861866660395bb3461",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1125,11 +1125,11 @@
"tinted-zed": "tinted-zed" "tinted-zed": "tinted-zed"
}, },
"locked": { "locked": {
"lastModified": 1752201883, "lastModified": 1753919664,
"narHash": "sha256-SZVbQ4YThvYU50cJ4W4GNMy7/rVOJI8qmXqbEcRNsug=", "narHash": "sha256-U7Ts8VbVD4Z6n67gFx00dkpQJu27fMu173IUopX3pNI=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "d395780b9c5c36f191b990b2021c71af180a1982", "rev": "30f5022236cf8dd257941cb0f910e198e7e464c7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1269,11 +1269,11 @@
"xwayland-satellite-unstable": { "xwayland-satellite-unstable": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1751228685, "lastModified": 1752338000,
"narHash": "sha256-MENtauGBhJ+kDeFaawvWGXaFG3Il6qQzjaP0RmtfM0k=", "narHash": "sha256-Fxlp/yKtynug0jyuauAmvZU2SzHCfwlwWf85j+IvQ0U=",
"owner": "Supreeeme", "owner": "Supreeeme",
"repo": "xwayland-satellite", "repo": "xwayland-satellite",
"rev": "557ebeb616e03d5e4a8049862bbbd1f02c6f020b", "rev": "ba78881a68182ce338041846164cbfed0d70935c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1290,17 +1290,17 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1752164817, "lastModified": 1753933355,
"narHash": "sha256-LJFIx27IOUowLsJn5wci9mHZ4CesJsiAivQWDjnZPCc=", "narHash": "sha256-4QxMcKS6oc+cG8efwwAin4M+YOokBak1dVS8u5P3b5M=",
"owner": "0xc000022070", "ref": "refs/heads/main",
"repo": "zen-browser-flake", "rev": "fa795a139a8c92b140bc21f11f61da1c97ad5b1d",
"rev": "9193992c4c2c4349b4280ec2b49648cae208fe63", "revCount": 608,
"type": "github" "type": "git",
"url": "https://gh-proxy.com/github.com/0xc000022070/zen-browser-flake"
}, },
"original": { "original": {
"owner": "0xc000022070", "type": "git",
"repo": "zen-browser-flake", "url": "https://gh-proxy.com/github.com/0xc000022070/zen-browser-flake"
"type": "github"
} }
} }
}, },

13
flake.nix
View File

@@ -52,7 +52,7 @@
fenix.url = "github:nix-community/fenix"; fenix.url = "github:nix-community/fenix";
fenix.inputs.nixpkgs.follows = "nixpkgs"; fenix.inputs.nixpkgs.follows = "nixpkgs";
zen.url = "github:0xc000022070/zen-browser-flake"; zen.url = "git+https://gh-proxy.com/github.com/0xc000022070/zen-browser-flake";
zen.inputs.nixpkgs.follows = "nixpkgs"; zen.inputs.nixpkgs.follows = "nixpkgs";
infuse.url = "git+https://codeberg.org/amjoseph/infuse.nix"; infuse.url = "git+https://codeberg.org/amjoseph/infuse.nix";
@@ -90,6 +90,7 @@
infuse = (import inputs.infuse { inherit (nixpkgs) lib; }).v1.infuse; infuse = (import inputs.infuse { inherit (nixpkgs) lib; }).v1.infuse;
in in
{ {
packages = forAllSystems ( packages = forAllSystems (
system: system:
lib.haumea.load { lib.haumea.load {
@@ -185,8 +186,14 @@
outputs outputs
hostname hostname
; ;
sopsRoot = ./secrets; secrets =
} // vars; with lib.haumea;
load {
src = ./secrets;
loader = lib.singleton (matchers.always loaders.path);
};
}
// vars;
modules = modules =
(lib.umport { (lib.umport {
paths = [ ./modules ]; paths = [ ./modules ];

2
modules/cli/media/cava/config/config
View File

@@ -1,4 +1,4 @@
## Configuration file for CAVA. Default values are commented out. Use either ';' or '#' for commenting. #t Configuration rile for CAVA. Default values are commented out. Use either ';' or '#' for commenting.
[general] [general]

6
modules/cli/media/go-musicfox/go-musicfox.ini
View File

@@ -47,9 +47,9 @@ altScreen=true
# 双列显示,开启务必使用等宽字体 # 双列显示,开启务必使用等宽字体
doubleColumn=true doubleColumn=true
# 下载目录,默认为$HOME/.go-musicfox/download # 下载目录,默认为$HOME/.go-musicfox/download
downloadDir=/home/imxyy/Music/go-musicfox downloadDir=/home/ccl/Music/go-musicfox
# 缓存目录,默认为${MUSICFOX_ROOT}/cache # 缓存目录,默认为${MUSICFOX_ROOT}/cache
cacheDir=/home/imxyy/Music/go-musicfox/.cache cacheDir=/home/ccl/Music/go-musicfox/.cache
# 缓存大小以MB为单位0为不使用缓存-1为不限制默认为0 # 缓存大小以MB为单位0为不使用缓存-1为不限制默认为0
cacheLimit=-1 cacheLimit=-1
# 是否显示歌单下所有歌曲默认不开启仅获取歌单前1000首开启后可能会占用更多内存大量歌曲数据和带宽会同时发送多个请求获取歌单下歌曲数据 # 是否显示歌单下所有歌曲默认不开启仅获取歌单前1000首开启后可能会占用更多内存大量歌曲数据和带宽会同时发送多个请求获取歌单下歌曲数据
@@ -78,7 +78,7 @@ engine=mpd
# mpd配置 # mpd配置
mpdBin=mpd mpdBin=mpd
# !!!注意!!! 一定要在配置文件中设置pid_file否则在退出时不会kill掉mpd进程 # !!!注意!!! 一定要在配置文件中设置pid_file否则在退出时不会kill掉mpd进程
mpdConfigFile=/home/imxyy/.config/mpd/mpd.conf mpdConfigFile=/home/ccl/.config/mpd/mpd.conf
mpdNetwork=tcp mpdNetwork=tcp
mpdAddr=127.0.0.1:6600 mpdAddr=127.0.0.1:6600

6
modules/cli/media/mpd/mpd.conf
View File

@@ -1,8 +1,8 @@
bind_to_address "127.0.0.1" bind_to_address "127.0.0.1"
port "6600" port "6600"
music_directory "/home/imxyy/Music/go-musicfox/.cache" music_directory "/home/ccl/Music/go-musicfox/.cache"
pid_file "/home/imxyy/.config/mpd/mpd.pid" pid_file "/home/ccl/.config/mpd/mpd.pid"
db_file "/home/imxyy/.config/mpd/mpd.db" db_file "/home/ccl/.config/mpd/mpd.db"
input { input {
plugin "file" plugin "file"

4
modules/cli/misc.nix
View File

@@ -80,6 +80,10 @@ lib.my.makeSwitch {
enableAutoUpdates = true; enableAutoUpdates = true;
settings.updates.auto_update = true; settings.updates.auto_update = true;
}; };
programs.television = {
enable = true;
enableZshIntegration = true;
};
}; };
}; };
} }

2
modules/cli/monitor/btop/config/btop.conf
View File

@@ -199,7 +199,7 @@ net_auto = False
net_sync = True net_sync = True
#* Starts with the Network Interface specified here. #* Starts with the Network Interface specified here.
net_iface = "eth0" net_iface = "wlan0"
#* Show battery stats in top right if battery is present. #* Show battery stats in top right if battery is present.
show_battery = False show_battery = False

18
modules/cli/shell/zsh.nix
View File

@@ -44,11 +44,11 @@ lib.my.makeSwitch {
jj = { jj = {
ignore_timeout = true; ignore_timeout = true;
description = "The current jj status"; description = "The current jj status";
when = "jj root"; when = true;
symbol = " ";
command = '' command = ''
jj log --revisions @ --no-graph --ignore-working-copy --color always --limit 1 --template ' jj log --revisions @ --no-graph --ignore-working-copy --color always --limit 1 --template '
separate(" ", separate(" ",
" ",
change_id.shortest(4), change_id.shortest(4),
bookmarks, bookmarks,
"|", "|",
@@ -64,19 +64,9 @@ lib.my.makeSwitch {
"(no description set)", "(no description set)",
) ++ raw_escape_sequence("\x1b[0m"), ) ++ raw_escape_sequence("\x1b[0m"),
) )
' ' || (starship module git_branch && starship module git_status)
''; '';
}; };
git_branch = {
when = true;
command = "jj root >/dev/null 2>&1 || starship module git_branch";
description = "Only show git_branch if we're not in a jj repo";
};
git_status = {
when = true;
command = "jj root >/dev/null 2>&1 || starship module git_status";
description = "Only show git_status if we're not in a jj repo";
};
}; };
git_state.disabled = true; git_state.disabled = true;
git_commit.disabled = true; git_commit.disabled = true;
@@ -88,7 +78,7 @@ lib.my.makeSwitch {
}; };
programs.zsh = { programs.zsh = {
enable = true; enable = true;
dotDir = ".config/zsh"; dotDir = "${config.my.home.xdg.configHome}/zsh";
history = { history = {
path = "${stateHome}/zsh_history"; path = "${stateHome}/zsh_history";
ignorePatterns = [ ignorePatterns = [

6
modules/cli/vcs/git.nix
View File

@@ -1,7 +1,6 @@
{ {
config, config,
lib, lib,
pkgs,
username, username,
userfullname, userfullname,
useremail, useremail,
@@ -27,11 +26,6 @@ lib.my.makeHomeProgramConfig {
}; };
extraConfig = { extraConfig = {
push.autoSetupRemote = true; push.autoSetupRemote = true;
gpg.ssh.allowedSignersFile =
(pkgs.writeText "allowed_signers" ''
imxyy1soope1@gmail.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEFLUkyeaK8ZPPZdVNEmtx8zvoxi7xqS2Z6oxRBuUPO imxyy@imxyy-nix
imxyy@imxyy.top ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEFLUkyeaK8ZPPZdVNEmtx8zvoxi7xqS2Z6oxRBuUPO imxyy@imxyy-nix
'').outPath;
}; };
}; };
programs.lazygit = { programs.lazygit = {

6
modules/cli/vcs/jj.nix
View File

@@ -26,16 +26,12 @@ lib.my.makeHomeProgramConfig {
ui = { ui = {
graph.style = "square"; graph.style = "square";
default-command = "status"; default-command = "status";
conflict-marker-style = "snapshot";
}; };
signing = { signing = {
backend = "ssh"; backend = "ssh";
behavior = "own"; behavior = "own";
key = "/home/${username}/.ssh/id_ed25519"; key = "/home/${username}/.ssh/id_ed25519";
backends.backends.ssh.allowed-signers =
(pkgs.writeText "allowed_signers" ''
imxyy1soope1@gmail.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEFLUkyeaK8ZPPZdVNEmtx8zvoxi7xqS2Z6oxRBuUPO imxyy@imxyy-nix
imxyy@imxyy.top ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOEFLUkyeaK8ZPPZdVNEmtx8zvoxi7xqS2Z6oxRBuUPO imxyy@imxyy-nix
'').outPath;
}; };
}; };
}; };

2
modules/coding/editor/neovim/nvim/lua/plugins/lsp/lspconfig.lua
View File

@@ -56,7 +56,7 @@ local extra_config = {
}, },
options = { options = {
nixos = { nixos = {
expr = '(builtins.getFlake ("git+file://" + toString ./.)).nixosConfigurations.imxyy-nix.options', expr = '(builtins.getFlake ("git+file://" + toString ./.)).nixosConfigurations.ccl-nix.options',
}, },
}, },
}, },

4
modules/coding/editor/vscode.nix
View File

@@ -15,11 +15,11 @@ lib.my.makeHomeProgramConfig {
extraConfig = { extraConfig = {
my.home = { my.home = {
programs.vscode = { programs.vscode = {
package = pkgs.vscodium; package = pkgs.vscode;
}; };
}; };
my.persist.homeDirs = [ my.persist.homeDirs = [
".config/VSCodium" ".config/VSCode "
".vscode-oss" ".vscode-oss"
]; ];
}; };

1
modules/coding/langs/all.nix
View File

@@ -16,6 +16,7 @@ lib.my.makeSwitch {
rust.enable = true; rust.enable = true;
lua.enable = true; lua.enable = true;
qml.enable = true; qml.enable = true;
java.enable = true;
}; };
}; };
} }

22
modules/coding/langs/java.nix Normal file
View File

@@ -0,0 +1,22 @@
{
config,
lib,
pkgs,
...
}:
lib.my.makeSwitch {
inherit config;
optionName = "java";
optionPath = [
"coding"
"langs"
"java"
];
config' = {
my.home = {
home.packages = with pkgs; [
openjdk24
];
};
};
}

1
modules/coding/langs/js.nix
View File

@@ -16,7 +16,6 @@ lib.my.makeSwitch {
my.home = { my.home = {
home.packages = with pkgs; [ home.packages = with pkgs; [
nodejs nodejs
nodePackages.npm
typescript typescript
]; ];

2
modules/desktop/browser/chromium.nix
View File

@@ -1,7 +1,6 @@
{ {
config, config,
lib, lib,
pkgs,
... ...
}: }:
lib.my.makeHomeProgramConfig { lib.my.makeHomeProgramConfig {
@@ -14,7 +13,6 @@ lib.my.makeHomeProgramConfig {
]; ];
extraConfig = { extraConfig = {
my.home.programs.chromium = { my.home.programs.chromium = {
package = pkgs.ungoogled-chromium;
extensions = [ extensions = [
{ {
id = "jokpcbcafcbkjgcbjdcbadhfhimkafab"; # BitWarden id = "jokpcbcafcbkjgcbjdcbadhfhimkafab"; # BitWarden

2
modules/desktop/gaming/minecraft.nix
View File

@@ -15,8 +15,6 @@ lib.my.makeSwitch {
config' = { config' = {
my.home.home.packages = with pkgs; [ my.home.home.packages = with pkgs; [
hmcl hmcl
openjdk21
]; ];
my.persist.homeDirs = [ my.persist.homeDirs = [

1
modules/desktop/wm/niri/config.nix
View File

@@ -10,7 +10,6 @@
input = { input = {
focus-follows-mouse = { focus-follows-mouse = {
enable = true; enable = true;
max-scroll-amount = "40%";
}; };
workspace-auto-back-and-forth = true; workspace-auto-back-and-forth = true;
}; };

3
modules/getty-autologin.nix
View File

@@ -11,8 +11,7 @@ let
cfg = config.my.autologin; cfg = config.my.autologin;
gettycfg = config.services.getty; gettycfg = config.services.getty;
baseArgs = baseArgs = [
[
"--login-program" "--login-program"
"${gettycfg.loginProgram}" "${gettycfg.loginProgram}"
] ]

3
modules/nix.nix
View File

@@ -3,6 +3,7 @@
config, config,
lib, lib,
pkgs, pkgs,
secrets,
... ...
}: }:
lib.my.makeSwitch { lib.my.makeSwitch {
@@ -37,8 +38,8 @@ lib.my.makeSwitch {
# Deduplicate and optimize nix store # Deduplicate and optimize nix store
auto-optimise-store = true; auto-optimise-store = true;
substituters = [ substituters = [
"https://mirror.sjtu.edu.cn/nix-channels/store"
"https://mirrors.sjtug.sjtu.edu.cn/nix-channels/store" "https://mirrors.sjtug.sjtu.edu.cn/nix-channels/store"
# "https://mirror.sjtu.edu.cn/nix-channels/store"
"https://mirrors.ustc.edu.cn/nix-channels/store" "https://mirrors.ustc.edu.cn/nix-channels/store"
"https://nix-community.cachix.org" "https://nix-community.cachix.org"
"https://cache.nixos.org" "https://cache.nixos.org"

6
modules/sops.nix
View File

@@ -16,7 +16,11 @@ in
}; };
sshKeyPath = lib.mkOption { sshKeyPath = lib.mkOption {
type = lib.types.str; type = lib.types.str;
default = "${config.my.persist.location}/home/${username}/.ssh/id_ed25519"; default =
if config.my.persist.enable then
"${config.my.persist.location}/home/${username}/.ssh/id_ed25519"
else
"/home/${username}/.ssh/id_ed25519";
}; };
}; };

10
modules/user.nix
View File

@@ -4,7 +4,7 @@
pkgs, pkgs,
username, username,
userdesc, userdesc,
sopsRoot, secrets,
... ...
}: }:
lib.my.makeSwitch { lib.my.makeSwitch {
@@ -15,8 +15,8 @@ lib.my.makeSwitch {
config' = { config' = {
programs.zsh.enable = true; programs.zsh.enable = true;
sops.secrets.imxyy-nix-hashed-password = { sops.secrets.hashed-password = {
sopsFile = sopsRoot + /imxyy-nix-hashed-password.txt; sopsFile = secrets.hashed-password;
format = "binary"; format = "binary";
neededForUsers = true; neededForUsers = true;
}; };
@@ -30,11 +30,11 @@ lib.my.makeSwitch {
username username
"wheel" "wheel"
]; ];
hashedPasswordFile = lib.mkDefault config.sops.secrets.imxyy-nix-hashed-password.path; hashedPasswordFile = lib.mkDefault config.sops.secrets.hashed-password.path;
}; };
groups.${username} = { }; groups.${username} = { };
}; };
users.users.root.hashedPasswordFile = lib.mkDefault config.sops.secrets.imxyy-nix-hashed-password.path; users.users.root.hashedPasswordFile = lib.mkDefault config.sops.secrets.hashed-password.path;
security.sudo.enable = false; security.sudo.enable = false;
security.doas = { security.doas = {

12
overlays/default.nix
View File

@@ -22,7 +22,17 @@
cage.__output.patches.__append = [ ./cage-specify-output-name.patch ]; cage.__output.patches.__append = [ ./cage-specify-output-name.patch ];
matrix-synapse.__assign = final.stable.matrix-synapse; matrix-synapse.__assign = final.stable.matrix-synapse;
bottles.__input.removeWarningPopup.__assign = true; bottles.__input.removeWarningPopup.__assign = true;
qq.__output.preInstall.__append = '' vscode.__output.preFixup.__append = ''
gappsWrapperArgs+=(
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--wayland-text-input-version=3}}"
)
'';
vscodium.__output.preFixup.__append = ''
gappsWrapperArgs+=(
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--wayland-text-input-version=3}}"
)
'';
qq.__output.preFixup.__append = ''
gappsWrapperArgs+=( gappsWrapperArgs+=(
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--wayland-text-input-version=3}}" --add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--wayland-text-input-version=3}}"
) )

27
secrets/dae-imxyy-nix-server.dae
View File

File diff suppressed because one or more lines are too long

27
secrets/dae-imxyy-nix-x16.dae
View File

File diff suppressed because one or more lines are too long

27
secrets/dae-imxyy-nix.dae
View File

File diff suppressed because one or more lines are too long

15
secrets/easytier.toml Normal file
View File

@@ -0,0 +1,15 @@
{
"data": "ENC[AES256_GCM,data:eB0RdiZUWK5q56R12B9wn/NK8qhA31YUbVsVDO0/xVj6kF+Z6QQySUX5WOwPI2D9dkuKiYniEbhnsXVbjt0h/fsWC5OSHcj4KC7WrpbMuXiwWbTMkOsjPASGNqCUFM/Hl+wTlC6sCF3IGZ/OHEtqu1i+34S3j+FcE7zvRjVe3bs+XkYS8yQeqBwOdDhqpLmsWBCEu71i1/pTMMp3jigoKEewgUyxdDgXVkb1fvVAvNey5gwjZM92fNr0qAKxCzGAjMhMmL2mS+fuRoTJAC0VwJu8ytyp6g6zsYHD/5paZoQ31pzykS9EHvjY7qcRJhOKR9uB6rbdXQa8U8K0Jy4HhJX/nn74Z0CpoTcLImuhSAuc0Cv2+dONn8F43O8JIEDKpih3fi9f8RUNcO1nIlLVojbO8TOT7sGNJgTjCZ0wmZH/Q8keyJx+th0YOTqdN2E26xR+Ry/hoTtoqFBLk/Xsstn15z6cFAcPhEyrZFd7cidgIkl58FcoNiy/2MwY8p0p4cYqZW9ZhWBSzFfugo+e2zIl3EMH/hA3aK9GZTFaot0cvSQOm06S6z4vZZRpP+cJOpZBrkCgLc0vyDHe6biID+lk4SL6G32wctvAZjU/B939JE7B5NQFmmuKb8NyvczCEpTFgjdR2Rb1zHx8oLVlCSREPkj8jHZ7LS/4+wZAS8bPAbcWf8RMFiiq1ZDyubGIwqVWb0lQjviAV0H/mx1yvuPzUird5f8iB9qqyQ6FRBSbTOswIjVyqgtG1wCdGevRc7AecmfCiv4=,iv:K8ZgwiNzUzBFqsWp1YrX0MMLQd9t+mj81jpiZw+3duM=,tag:F3nEoIY1Aj6LFBWNsN1aRg==,type:str]",
"sops": {
"age": [
{
"recipient": "age18st0pys7g9dtezwq9n8t8jgc9w6ajzp5jl8w7sxlpv9lhv463u2swelwug",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2ZWtXSlRwZDBCdHI0eXg1\nVTZXMVlqQ3c1bGhPUXdzL0UxUFY3RkhDZm5JCmJCRE1VbUJFMWdjOUxPMWd5cGM4\nSkV2YzZYZTNFTDZSNFhiMkhZNkM3Q2MKLS0tIFZaRFdqcnJSNnQxQ0JPeE40eURI\neGxNWE9URlo3WWQyTEoxU1RhWTkvdEUKmPFzVbFFRapy3zl+Ud9P2ONU6wrZcnp7\nC118wKU/1Ht8zbU3nDpkhVJmvW3RGnMWCHH/MiOmFf6dZh99rUq4QA==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-28T10:44:37Z",
"mac": "ENC[AES256_GCM,data:eLdxjaAPB5w56GXdyqV9fgxdzNvD/rp08T44dV4mTOfbd05GQH+35wcNUXLzfUmcH6NSQ5fhUQmthWGEXEXsZawJ31GJqXtzuBJ9ZJiID7yg+gwJAaUh3JcYWke00ke3M+2PZ7/JMydTU2v7I3zkh58pLSUcOO8yZ1L6/q4X96s=,iv:QyJvIh6PW65i8ZcJTvAJt+MShn/bNRuRsxsD0pcNQ0w=,tag:9RvBU32Sx0+pPcaAu0LXow==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

27
secrets/et-imxyy-nix-server-nixremote.toml
View File

@@ -1,27 +0,0 @@
{
"data": "ENC[AES256_GCM,data:XGaYFf+y9qx3lKof7LiL08cv2xmm39Cx7yvCvjQj2hL9OGuB6mOQ8WYD+O6HpJaAJTGzpEE/965mA0fZ1Qjl7kyXeeE4DzPv32N8a6lM4+m8qMJhwTZt1gOe3HqwKl+4j7T2CJeNXKgSJaaMOzmJztOBxoL+RUj4ozhjUJJNLonzbsKsOVCA9RCbySDulUA6L14H7+4ouG1MvVQ8pz6OoKejGg62UYXQXmUDSmE2iGj45GaYzQJYGajxBPhbnuu/p5fd5WhPF1Eg7RRJ3WlMISwdP+4v6t2YC3Dg1faC+hEVFiMcC4Cu1Oh6bpaU1FIU7PlkCvZnIQ+pYEHOoc+4Csw4707Tgcly8I16qKEnZOd9emK3ZeUUCL8lzQDJfSQRYv5adf81tEpj1ki2H9FDOGFcDjFnZ13DE+SrTOXRbuepGLCycxHCEArL70TCMHMWInUubajN1bSd4elcPMimKQjGAgYVmEv/RUD1wYQ5N07dzp9Wb6hRcB9Cu7bdZ+5BywjEfxkQzl0l8Y9moQa8pRXdoC8pt+qOXCvKox9epWJlMOy8Ryhs1E2YF6UiL9w8HttDCrfRtXyD172KJKYXLx4bmPCtxDTAhViaDF+HlfUScvH/0fs8lnwhuRkrqXtjEvhT8mecIFB6Mxmy/2BNIb5XLKn4sWQoMG5pHK+q8KRV9XYpzoau+RtM3+Y7JYULLl9laDRdvY5akPIdwYPEVLcFnfvkeTxb2ZUwm3kmkkNiqQNfFubDuEEtIwPbs5S8bVFaXto5+PElpTKtmrU1xiIRa+xZ2KhKJYsnLK9BlC4aRKGR5HDmFxfSKg+sif4=,iv:Aw02ogS30lI3rRGREaeOBFN9RR+KOvWQ0ZIzQNgCVK0=,tag:p8PYkQ8wB6cUDzMP60+dzQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvQmk1OU5hcXpMSGhHQWcx\nVlFHN3c4a2pIekpUL3FEUnlVUXBwdjJlT0RZClhteUdNMGdMQWl0WTRGK0p5czFv\nTTh3WkR4dlMwTmFzTTkvekgzREhZY2sKLS0tIDA1K2tSQWxhNlM4djByV1RaT1NC\nNXdNR0poRlpMOVJsQURMbDF2OXN2aEkKcgwIWqVHG6iIgfWvZBmbthlyusIECSHl\n1dPrE3nOx8X2vfl5vwP0w0uOTaAaHrI0Afnh6mnIz1d/qIbzGycYjA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2dmVrN045MGpsZHNCZTV1\nVFZkZ1JVTXhzWE1VQ3cwYTBLQ2JsS2xrTjJnClZwWjVJY3NYVytnL2NoMDVHR2c4\nMVU1WlBYaEFDL20yZkxYR0J2MTVMbXcKLS0tIDlsOTBtREZWNGthTytGOUNxSnlS\nTkc1NDZrK0FlRGJkSzBibkZxQ0R3T0kK/em5c4vwXA25vtDduSsKPzKSXWUqvTqa\nZQ2pzhqwM3O5XGd3VySQRnzdAOcdLfvPMQEDTHwlNk5bj5i8fWShUA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBZVZDMlo5ajRyakZwcC9W\nY2RWT3ZtdE9qUUZ1WE8reEZna3pvbnVHR1FFCnVqQlo4eXdZUWxibm9TcnFGemN6\nNXZjTHd4TTUxdFpPc2dITTMyYnhXS00KLS0tIHJ4SERnZy9FUjhVZkVveXFMTzdo\nTlg0MnNJbFBzdWM3WEJLSlFXSzdGdk0K/CpPqIi2zloQrdE/sE2vobrXcgOIl28l\nmokeEUrGLpcnJIHue0eq9YBWXJBFDxoRyPtLvP89LScu5K6gmq0h4Q==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3OEtWNFpDWVdTcnNnN2d6\nVEVSR240VHRQdUFIa2ZKWUcrTjMxM2UrRG5zCnk5aU5DdzdoNGN3d2NQKzRMS1Vv\nTnpWUDBCVW5xK3d3Z1BET1laTUVsZUUKLS0tIFRMb09RbTlDQ1l2RWpQamZPa2Jk\nRURYUFhpUmpUbkdQSDdOTStOa3ZCZzgK/bt8btAM5jbeXiDcMhjKOphMIBOh/lFQ\n8sNVTESTUWWu53FPkeMA+sDrsG5iM/5q+57OXN+X/SxIcyVzklkpJQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-06-28T15:14:52Z",
"mac": "ENC[AES256_GCM,data:tAX/KU/iqeBr6AC4kLOqEF9NV6hfQNre8Yg1wPgJEryUGjPykXWh/NhdyoM1if3smSHJ+v+5DcPdsJDhWnl+ULgznka8IHdSTNBdAoZl5AzgmowIt1vAIALP4XwgbCVIo+wzqtcmdzCowQYatSTa+4mue4t6stdotue/j/b9EUM=,iv:xw4d83AHpxmaJi6vB5pnaHGcuPzKyYSw1BljYmUenM4=,tag:FHWq3uMktMvurSpFvi85bg==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

27
secrets/et-imxyy-nix-server.toml
View File

@@ -1,27 +0,0 @@
{
"data": "ENC[AES256_GCM,data:NTD/oO1/t8NCDkesfvScz6GfcwNKtEqtZa5TPlqbYNsicGNiM6P/hj37TbzqWkVJNB7asGkdfr9tkHZp2wgbjqciAo2Im+tylRWlRPS9rvqg07TyN7PVypMS7dhtERLwhyInCQb/iYI+Gljon+D/iavOdvdROyzrmwBwwDaE9eGlxszo2CPlZ4IUkU/4BD0t7zbMQKafNM//gDTXnneT58zMA8H4aep02OCnyCZKycLuM3GbiQfDodd6r+2ihiF/UEj1x8H7pUX+B1HkAFadZqLsNjOVB4Hh2boR17c8/2VY6T11KvAqg1yFVra6uTvyS9kznmkhGYtCI6OwCidxuMflMtA5YpgFj0BlGzU6v4l/tVy6vfI4tw+q7IVmOgsFxODSkpOpYZXilWjCwicslJ+ao6rBJpX2QuLqy6nU+aLxK3vWJZLEyfYeecM+Hi3eWNZ9kQ5Gd7zMxC7/zFRTspoeFxbC+KB8gYsKUDWz0HbXmg/pWqCRObaz8x/soi3Kc7BDlwAyMohKU0K0bCNtVeGE4hn5+xn5zxXGV4MPrvMuFCc7csJ/FLAm/YEzZiQIvC1LpAmms2r5uqzqlflJ/rjx/SZyLs3HRJ1mGKPDorD2Jm9hl0vyMO5uwbO1iPLtUykfOkfw1uGPucNn7Ig4uzjIqSn1Sd3V87Tdw3ex1MIKP/XKwFfzCzpAU58ONAyXzAT+uytPQYy2YeDZZINi5urXg3Pk9sJimGmlXMoscZgSA3rOxVnr6WeIID4fTU34Yrl/iV/ehYeZZ8dYIGMhapIXmbe3cE/ng+5lvluhLRzzah0tsWPJTL2zsU5qj4uxsxLMxMRGdWiwxA==,iv:zBsQCcPxoRtZ3PTyP8XCz2RgF+4KNb+YO5bD4MTr0lw=,tag:j77MuHDxO2QrhlOko71iIQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFY3lTTjRKSmxZMFhXYzNO\nQ2NIQ2ZrUWNEUTMxL09aWW02RXE2NGhJbEdnCkJpaE8yaTVTWDJZQzJFUW5zN05j\nV2FVSmIvVllJa2M2OWpuMWpTTFRRcTgKLS0tIG5PYXcweHNsYUNPRVYzMTBHYmFp\nUUxFMnlXdDFUUjFQM1hRKytGMWEraWMKiUfQEFQYezVH+sd/bJbCMcOMt79+XjK+\nTOZazSVg7ZSu7VsXv0h/uMWNpQZc6y7Nq/hEalMcpwHpdPCjp5HRNA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhek1aeW9nRXpTOTBHV0Fq\nRmNvZHFnaHJhUXdRMWo3QTlYMEljQitobXg0CmxTTkxOenFhZHlsMFpPMVgzSk1G\nQi96Y245a3VWL2dZcUk3MndmRTlhVTAKLS0tIDZIMkJwYVNZTDdua1BjRm15V2Ft\nbEppeFBRb1hrTVFiU0VGT01vWDF2QlUKxVgS3L/kU0+N1KqzJxHokzj1zAuvlzlA\nv44bTVEA1p5Z1LGB8yswQS7zQRh7S0spgJukZfcqlzsMDpf9RY5TVA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0U3hMOWFWWHlXWFBnV3do\na3kzNmtnT0VMOUprT21scmtDQVBxRVhZQmo4CkhQdDBibE10aUJtTXlBbkY3bU5Y\nY1VVVElVdkp4c1QzTnhPVG9hM0orem8KLS0tIFJJRllZZjd3bHFyV3FEREZ3djc5\nbE83bHk3anhUcDNKd0NmeXppcU9mc3cKrMmYNq/R0gr8ZKm0+xP9nFay+FW+2LhU\ndrbXL5zN4qVFT51uxDQLnaoTHs86gZbYrK4bciLtQgQJTZ0ppiDWAw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvVzBRaDM5ZmlrS2hBMjd0\nQi8rZE9DOEE2UllhYlh0SzluYjZXQXFMUVJBCktoWWl2UGwvbWxES0ltUnhQWXFp\nWkFkOEpOTWg3b1U2QjJlY2RMRGY5TUUKLS0tIC9rOUt6WkVnaHhsUlJIQ1NKOGJ4\nQ2YraElCai9XZkNONjhXNkpxUHhyRlkKi/poARA4FzYojwF+tcgZRiS1z0vCbG5T\nmofxZ1JYWLbqIc+aP2r3sD/gle4v2BpMJ63KuC9R0rtWCdClQYAVtA==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-28T10:44:26Z",
"mac": "ENC[AES256_GCM,data:1kxJPbk4Fxh8CXBhukRVed10Nn/YbWjKHrsQhVYA5SjjCEpVO2J8Yb3j9Kc9nhhIHjat/IpLLHlbFscsJ3QP3u4p5cG6P/cfYMyz0LOInwDr8dJl6DJ1tkaeociZp7TFbgeIgyyUH2KNJemD0vTgQuoLI6z3ktrBvH5/LP5CkAA=,iv:7SEBswkWBygTeOOx3LXMTMiH8LpJNhHIdpZBpfiq6Gs=,tag:M8rEJTm8A7aTKJXhOz2t2Q==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

27
secrets/et-imxyy-nix-x16.toml
View File

@@ -1,27 +0,0 @@
{
"data": "ENC[AES256_GCM,data:eB0RdiZUWK5q56R12B9wn/NK8qhA31YUbVsVDO0/xVj6kF+Z6QQySUX5WOwPI2D9dkuKiYniEbhnsXVbjt0h/fsWC5OSHcj4KC7WrpbMuXiwWbTMkOsjPASGNqCUFM/Hl+wTlC6sCF3IGZ/OHEtqu1i+34S3j+FcE7zvRjVe3bs+XkYS8yQeqBwOdDhqpLmsWBCEu71i1/pTMMp3jigoKEewgUyxdDgXVkb1fvVAvNey5gwjZM92fNr0qAKxCzGAjMhMmL2mS+fuRoTJAC0VwJu8ytyp6g6zsYHD/5paZoQ31pzykS9EHvjY7qcRJhOKR9uB6rbdXQa8U8K0Jy4HhJX/nn74Z0CpoTcLImuhSAuc0Cv2+dONn8F43O8JIEDKpih3fi9f8RUNcO1nIlLVojbO8TOT7sGNJgTjCZ0wmZH/Q8keyJx+th0YOTqdN2E26xR+Ry/hoTtoqFBLk/Xsstn15z6cFAcPhEyrZFd7cidgIkl58FcoNiy/2MwY8p0p4cYqZW9ZhWBSzFfugo+e2zIl3EMH/hA3aK9GZTFaot0cvSQOm06S6z4vZZRpP+cJOpZBrkCgLc0vyDHe6biID+lk4SL6G32wctvAZjU/B939JE7B5NQFmmuKb8NyvczCEpTFgjdR2Rb1zHx8oLVlCSREPkj8jHZ7LS/4+wZAS8bPAbcWf8RMFiiq1ZDyubGIwqVWb0lQjviAV0H/mx1yvuPzUird5f8iB9qqyQ6FRBSbTOswIjVyqgtG1wCdGevRc7AecmfCiv4=,iv:K8ZgwiNzUzBFqsWp1YrX0MMLQd9t+mj81jpiZw+3duM=,tag:F3nEoIY1Aj6LFBWNsN1aRg==,type:str]",
"sops": {
"age": [
{
"recipient": "age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByWCtldEc5SkxxMUtUZTI3\nTExjbFRUSngwdmszMVFyYXlLTkNDSHU4SUFRClp2Sk9MWktQdnRNR1RMaUpNOHZM\ncm93Y0R0OXB4L0xvdGlLOEEyRlo4WEEKLS0tIHhQOFF2cExJTC8wYWY1RU5BWkd2\nblpFRFdpenkrSnh4bXE4RG8xZmt1d1EKgNNSj6Fpx1bnlPOXXt+l2lgH4kS8PrIe\nZhU0Y6yM60G6qpV4mrOWy+JEOAtSrZU5K48DOgZl+Us0ZuRO1jXTKg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWSXZxSk5rZTZCMnkyNVZj\nK0Q5MURqNzJwRnIrZmgyeHVrOWFIcy91VERFCkhvT1Nac211OC9BWVlOUmd6amMy\neW90czl1alZ4R25VcGlIcmY0R0VwTWsKLS0tIGJEcXB0Sk9meURpcm00eTkyei9h\nNnpWTG5vYk5iVHdITVlvQkpnUGVLVVEK/UDh251NXPc9hnnmTVFRnR2yUufRRVKR\nMNJBH2Ku0IcpJFiYQ+xNonIQKmZCg5zP3Ncqj/teKOkA9lx7CL4Ncg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzN2ppQUltaFFpVFNIdWNo\ndFNrYnl0enNKdnRBQ2dyWVRzdjlMUThnRmdjClZTazNOVlNXeVRwNG9wenZJcXBM\ndnBqUWZTTlRBeHl3ZFE2c3lnUERwZUkKLS0tIFA0cVV6d285L3cyNkcyeFZUWDRm\nVHdveTRxRys2a1dDcU0zaWdTeHVlb2sK5c/jnmcwSn0BhATWbN/mVoRt59hQ3v7F\nAwdVdqGzFqiMVDIooMNTSFhrIRiq2W2YtmzkMW358ur69CD/85e0YQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2aE5yVkdEVUtENCtxZTZB\nOG1lMWdoWmJ5MWx1SUtuSk1ZVDhPeGhtL3c4CmNTWnl6Q0FWaHlVanhxRVdlTHFj\nTmRWKy82Y3RVVVZ4L1Znd0ZkbWs5dTQKLS0tIHFSMzJtY1R2WHorNHVnRzRjd3U4\nZytia05EbFBDQ1V5RnBLOHc5TFpYSjAKbtlr4VIM6MCohc11RIJ21lOMvPnJfNSL\n1j0niVAToYLPH5U7ZmZb6QO0xsB3QQxe0O8+SjkW0RQ8rXu5CDd36g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-28T10:44:37Z",
"mac": "ENC[AES256_GCM,data:eLdxjaAPB5w56GXdyqV9fgxdzNvD/rp08T44dV4mTOfbd05GQH+35wcNUXLzfUmcH6NSQ5fhUQmthWGEXEXsZawJ31GJqXtzuBJ9ZJiID7yg+gwJAaUh3JcYWke00ke3M+2PZ7/JMydTU2v7I3zkh58pLSUcOO8yZ1L6/q4X96s=,iv:QyJvIh6PW65i8ZcJTvAJt+MShn/bNRuRsxsD0pcNQ0w=,tag:9RvBU32Sx0+pPcaAu0LXow==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

27
secrets/et-imxyy-nix.toml
View File

@@ -1,27 +0,0 @@
{
"data": "ENC[AES256_GCM,data:eB0RdiZUWK5q56R12B9wn/NK8qhA31YUbVsVDO0/xVj6kF+Z6QQySUX5WOwPI2D9dkuKiYniEbhnsXVbjt0h/fsWC5OSHcj4KC7WrpbMuXiwWbTMkOsjPASGNqCUFM/Hl+wTlC6sCF3IGZ/OHEtqu1i+34S3j+FcE7zvRjVe3bs+XkYS8yQeqBwOdDhqpLmsWBCEu71i1/pTMMp3jigoKEewgUyxdDgXVkb1fvVAvNey5gwjZM92fNr0qAKxCzGAjMhMmL2mS+fuRoTJAC0VwJu8ytyp6g6zsYHD/5paZoQ31pzykS9EHvjY7qcRJhOKR9uB6rbdXQa8U8K0Jy4HhJX/nn74Z0CpoTcLImuhSAuc0Cv2+dONn8F43O8JIEDKpih3fi9f8RUNcO1nIlLVojbO8TOT7sGNJgTjCZ0wmZH/Q8keyJx+th0YOTqdN2E26xR+Ry/hoTtoqFBLk/Xsstn15z6cFAcPhEyrZFd7cidgIkl58FcoNiy/2MwY8p0p4cYqZW9ZhWBSzFfugo+e2zIl3EMH/hA3aK9GZTFaot0cvSQOm06S6z4vZZRpP+cJOpZBrkCgLc0vyDHe6biID+lk4SL6G32wctvAZjU/B939JE7B5NQFmmuKb8NyvczCEpTFgjdR2Rb1zHx8oLVlCSREPkj8jHZ7LS/4+wZAS8bPAbcWf8RMFiiq1ZDyubGIwqVWb0lQjviAV0H/mx1yvuPzUird5f8iB9qqyQ6FRBSbTOswIjVyqgtG1wCdGevRc7AecmfCiv4=,iv:K8ZgwiNzUzBFqsWp1YrX0MMLQd9t+mj81jpiZw+3duM=,tag:F3nEoIY1Aj6LFBWNsN1aRg==,type:str]",
"sops": {
"age": [
{
"recipient": "age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByWCtldEc5SkxxMUtUZTI3\nTExjbFRUSngwdmszMVFyYXlLTkNDSHU4SUFRClp2Sk9MWktQdnRNR1RMaUpNOHZM\ncm93Y0R0OXB4L0xvdGlLOEEyRlo4WEEKLS0tIHhQOFF2cExJTC8wYWY1RU5BWkd2\nblpFRFdpenkrSnh4bXE4RG8xZmt1d1EKgNNSj6Fpx1bnlPOXXt+l2lgH4kS8PrIe\nZhU0Y6yM60G6qpV4mrOWy+JEOAtSrZU5K48DOgZl+Us0ZuRO1jXTKg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWSXZxSk5rZTZCMnkyNVZj\nK0Q5MURqNzJwRnIrZmgyeHVrOWFIcy91VERFCkhvT1Nac211OC9BWVlOUmd6amMy\neW90czl1alZ4R25VcGlIcmY0R0VwTWsKLS0tIGJEcXB0Sk9meURpcm00eTkyei9h\nNnpWTG5vYk5iVHdITVlvQkpnUGVLVVEK/UDh251NXPc9hnnmTVFRnR2yUufRRVKR\nMNJBH2Ku0IcpJFiYQ+xNonIQKmZCg5zP3Ncqj/teKOkA9lx7CL4Ncg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzN2ppQUltaFFpVFNIdWNo\ndFNrYnl0enNKdnRBQ2dyWVRzdjlMUThnRmdjClZTazNOVlNXeVRwNG9wenZJcXBM\ndnBqUWZTTlRBeHl3ZFE2c3lnUERwZUkKLS0tIFA0cVV6d285L3cyNkcyeFZUWDRm\nVHdveTRxRys2a1dDcU0zaWdTeHVlb2sK5c/jnmcwSn0BhATWbN/mVoRt59hQ3v7F\nAwdVdqGzFqiMVDIooMNTSFhrIRiq2W2YtmzkMW358ur69CD/85e0YQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2aE5yVkdEVUtENCtxZTZB\nOG1lMWdoWmJ5MWx1SUtuSk1ZVDhPeGhtL3c4CmNTWnl6Q0FWaHlVanhxRVdlTHFj\nTmRWKy82Y3RVVVZ4L1Znd0ZkbWs5dTQKLS0tIHFSMzJtY1R2WHorNHVnRzRjd3U4\nZytia05EbFBDQ1V5RnBLOHc5TFpYSjAKbtlr4VIM6MCohc11RIJ21lOMvPnJfNSL\n1j0niVAToYLPH5U7ZmZb6QO0xsB3QQxe0O8+SjkW0RQ8rXu5CDd36g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-28T10:44:37Z",
"mac": "ENC[AES256_GCM,data:eLdxjaAPB5w56GXdyqV9fgxdzNvD/rp08T44dV4mTOfbd05GQH+35wcNUXLzfUmcH6NSQ5fhUQmthWGEXEXsZawJ31GJqXtzuBJ9ZJiID7yg+gwJAaUh3JcYWke00ke3M+2PZ7/JMydTU2v7I3zkh58pLSUcOO8yZ1L6/q4X96s=,iv:QyJvIh6PW65i8ZcJTvAJt+MShn/bNRuRsxsD0pcNQ0w=,tag:9RvBU32Sx0+pPcaAu0LXow==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

17
secrets/flatnote.env
View File

@@ -1,17 +0,0 @@
FLATNOTES_USERNAME=ENC[AES256_GCM,data:0PQXYoefoXiJZ0uC,iv:ZMDEJBDEz6a6p6ZMN3fHCuOV+KhBlsPB449Yd3XoP7o=,tag:uYuqobQom35xKi+GHCbmpw==,type:str]
FLATNOTES_PASSWORD=ENC[AES256_GCM,data:jC/lVZPDGvcYzXhdnvjs,iv:0O6nNNlWjD5OWIa2ovp2wGqtjtelOLH46dFTpVH0XLg=,tag:H/fSfzI9suDaRgz8Hz8XUQ==,type:str]
FLATNOTES_SECRET_KEY=ENC[AES256_GCM,data:I8zrSTMRnPNWn7u+KZiQW2YdpAkKOBxRKv7ov7dLLNA=,iv:I4YP4KqyMR6jfofEdYxQ+I9PQjTNQwCgnTUfHnDW55A=,tag:P7QcugaQWMCfb5+G5JdMXw==,type:str]
PUID=ENC[AES256_GCM,data:ZA==,iv:xfnOzfWvf7gozw9YMTAw2uarfsGHRpx3rsEN5ja1k7w=,tag:yuXkWMkXAUpF7h+AaYW14g==,type:str]
PGID=ENC[AES256_GCM,data:RA==,iv:m8CO/d9Gh0cjc4QYX6CsUx87Vu5iqtU0uVOsA3AeWgs=,tag:Ri0arOjuwRC83fz4EynVtg==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiWm9aaVVCa3V2Z1RYTVpi\nd055ZUk0ZXd3eFl5dEM3R0N1THVmRENrNFNRCkVPNTVIRWRFVVhoa1BSRWVvN1RP\nMmZldUsrSVhQa1RWd0YrZmRvR2RPOUUKLS0tIGpqK2doVDdwTDV6MXh4TUpQbnU5\nc1ZORHAvR0tCZ0RLVkpqNm96OW5nR3MKkw9A7/3o3XVxLr6xVXAsS29PgWw1RiuJ\nRM7riGPrQIPuiNqwOIRR5PnWXKsWLeoE7ybQ/NJuxEFBbW+KP4LzPA==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDVWhuUTFJS2R0MjNKbUNY\nZDllbXowY2NLWnBkbC9qY25jNVR5RHFKUmxNCjl2bnlOVTc3Q0hqT2x0MDFWcG4r\nV3o1MlJqdkpwNnp5d2pqN2loNTNkZzQKLS0tIGQ5TjBVakEwQkxKcytqeEVQYVVM\nRzBUN0ZoeG5ydUk0UHAvOTZxb3JMZkEKejQzUpkFJdx0xUVpVOZ7CH5fqGY2SZ+i\nBoUjB4UxwENQ3jVVfJUzmY81O4HYr9NW2lUj4gwIHFMcG6DQ6Q7AaQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6
sops_age__list_2__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArVFRwWXowT0RWbERmc0FJ\ndUxUMXA1NWk2bEcvWnVNem5zTmVuMCtmMTEwClZCZGZzd3J2cWxscS96U0ppOUtO\nQ2FwY05PeDM4cE5SNzFwZC84WFdoeTQKLS0tIDJkTmtxTXJSbktJcjRyNWNMcHNB\nRWUzeUIxbVh2anJDUDFKTXl1VnU2K0UKHN3kcm4XGU2gDSuMt2UftaaBKbPHq2rI\n6LCPtG4caf+kTieQMgZ6x3ofmKpKOoW4xFGf77aGaMFA7i3cdbS3IQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_2__map_recipient=age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq
sops_age__list_3__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUblBoSUkwS21VbkNXMm1u\nZ1BDZi9NUEZQWjFacW1FV1NDaDVYYzBxaHdrCkVqTUJLZ0lZcHdkMUxSL2k1SVox\nWFE1SXJGejlYKzRkaHhLREIrR3dPNFUKLS0tIGwvU25POS9yMTFZTVBoZDhtRXh4\nWGlzZ2RKWWFFckt0OGtYVVc5eTBSazgKRZVGa+o9qY8bOKuQAH7dqmp4/qR/le7W\ns06L5qs1429IHinhmoEjauQmnSl5nS4YDq0K9pEr+JW9g/aiNWZhNQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_3__map_recipient=age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8
sops_lastmodified=2025-03-02T03:46:13Z
sops_mac=ENC[AES256_GCM,data:j/JqiPLHw6a21iJV/qNhAr+4kVkCnXG0uYGEJ4m5K5UerN/nXLzVafa7ciaMzBC1k6KBZwSyuKcQxJt3Q5+R733AD97VgrClSAU8w1pQhlWAUpzD959PwW5dTX8N9G+gih0xcJ5RsMALfWppeTImAAyAoKo1mtxE2MtfQZw1DU4=,iv:jYM3YfA2cbDjKVLHhQ8Rzv90Rg2R4iiY6zFL1N8knv0=,tag:8wRhD2XDZXI9v2j5XHKtqQ==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.9.4

13
secrets/frp.env
View File

@@ -1,13 +0,0 @@
FRP_AUTH_TOKEN=ENC[AES256_GCM,data:CXFJwOOHEbtn1PI0TQc=,iv:yItYliwZGxZs8YAWksV7BqJP3TUBadxXpf99J5nXR3A=,tag:9earTQfuoLO132UZnTjlWQ==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5cFA1K1RGbkxpYmgwMGJo\naGdYYzVZNVljcEJWbUNBNUZZbWoxTHBDcEVFCm1BNTgyU21IeXE1bjQ2ZlU5VTJp\nMFpXUXIrQ1JuQ3hydXBzREhkMWRacFkKLS0tIHJYMG9HS0xydW5IYW5Bd0pNd3F2\nK3U3WWFSV2U4dEpadmFaRW9RdGJ5amMKt+lVGKjc8Mh3EfkDlFrHB6hMMlwNc9g7\nc+s5I7ivWqkKMBW0yzdLZbv4xBc8fbgjnCAp01PMTLgh+kFGWmktlQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkam5kT2tBQzg5RjA5ZEFn\nZnhqaXo1NTg3emtpVENkUGpNVGhPV0N4MFVZClFMZFI5OFFhaCtRQlUvU201cjcy\nUnoyZzQzQ0w1eU90cm5uelBxOVF3LzgKLS0tIHJ3b2lmOXdGVGZBYnk2a29nRjFv\nKzMxQVlQK3c5OFJlQ21KYytmZS9tZXMKaqcjYNcNV9EY8zBxpqSYQzZ8jlx4usoq\nHKfa1/fVNSGt3Zr5tbTuXExGdfQvsyVI+2TpVMMALBj8/vonjsnWpg==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6
sops_age__list_2__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmQnYwOW5USUNkRGpwYlZj\nVHVGY2VabDMyRUlQb2ZrbmNRL3NJbWwrb2djCk0ycWtlZEtDcDVpc3poZTJ3TnhK\nN1hnU01SWGZFUlJsSDZaemR4SGs3c2sKLS0tIDhOV2RDc0JRbkIrM2NabE9oQXRn\nR3VUdDYrVG52QVd3bC9EY21qQTdhR00KPAv1yi75FhrOtdZEEQQExSkZ8wxkFxjA\n1ze4YARfnkrkILs1C/wtULc9lHr4pzTF4+B4aql42GKcuv3n798pzA==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_2__map_recipient=age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq
sops_age__list_3__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIalYrWEZLc2tZUUw1YUYx\ncHJyRFY0eUZZU28yU21wN0dFbUFTUGRpUlhVClJTSVVONGJQY3B6eEkzcG5yUndN\naURMNVhNc3B4V2JkU0F0R0hqbWgwY0EKLS0tIHJ1ZVVrRjRjZEFjSmJHS2M0dFBZ\nWFhuSGJpaFhDTXkwM3JwanlPM1RKZ00KL9ts0rd+CUg1jeh9K3nMVUaoIduwB/8X\nyyVEUXH+Z6AHN9RB+eCbxhPBwdU0wI4FJdATkpDXFSTW0eBMkrnlcw==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_3__map_recipient=age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8
sops_lastmodified=2025-04-13T06:57:07Z
sops_mac=ENC[AES256_GCM,data:WJ9FCO78LRFbU7o9uEZ70s/OJIHN5/UQVKrgt/Zve6x9yVChaRtHmvk7kF/SoRsheLIbeYoY8RI0rUn3Sx7Y7o/ib/u9dMAec0xGt0K6+yde0DUO/uH1KpjXd6WHRPjoMERld6xA1fWVRu7G+gXrEZA1dN5Jbs8ZWVYGF6IBw2A=,iv:r4eYeCDJOw40hK7cyIEbEW+Pq+VFgUOJr1ydkSyjaEg=,tag:ucFH1pNqAHg7eWm1tYYi/g==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.10.1

15
secrets/hashed-password.txt Normal file
View File

@@ -0,0 +1,15 @@
{
"data": "ENC[AES256_GCM,data:/v/b9H5H5Aqczt/KzQ5BWkX6ns+FOgn547u1kEDI9reuWcYwIfmcnVWZ26VXVE0Rn7nRKGhfj/yOe7b8e+bxC3Em8Pk2eTBKSWw=,iv:Vyyx6Ls9dGP/DJ7BCRytAsRrGVuWXvJSwQAVX/s+VZU=,tag:4zza/uyZ4MzmdjeHZRbAAw==,type:str]",
"sops": {
"age": [
{
"recipient": "age18st0pys7g9dtezwq9n8t8jgc9w6ajzp5jl8w7sxlpv9lhv463u2swelwug",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXb0dRanU3MkdIemgxZWpz\nQm4zYUNJa2JJa3ZKR0t4L09WVUk4Y1hTOTNFCkEyM0p4Z2hGenVhNVpCaXdpdlVa\nMnJmbi9UUVgxZm9xZGQ2cjVNQ1lheUUKLS0tIEY1Rit6eVhIWjVBdlNtc3IzZVJs\nS2ZKV050cW5QNTkzMU8rUmZtekxjajQKfmXUBNJtiqJtMzSPw3IRb1KdSQh3liub\noZLMouUJJiW5GukVZRmW7zOV6nuAiXjUBgZo7BTJZBeSJQfKsfqazw==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-07-25T10:49:14Z",
"mac": "ENC[AES256_GCM,data:s5bh7E4IYt14kkk95GgtorFQbfLQ4QA8vSYA93pvqkd9h+e1VNnaS5fyEwIaAev8M7avyw8knJjgx8bfkpXonA6udthpdZiXIRgwTcx8v/uKkq68W3daBuv/6wVd6uMQwRVwe10V7UJshbHLEzQrmq2laV2DJZSgDqeiLKPLWIk=,iv:tJJcmU5psNRGNURZ3y34D96ClBk9QyvpmWKGwviBuok=,tag:cAKxeUgu8FaX705nJt119w==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

27
secrets/imxyy-nix-hashed-password.txt
View File

@@ -1,27 +0,0 @@
{
"data": "ENC[AES256_GCM,data:7VtJ88KkGDRsHwqxjau5rZIOffHwT+zP214BKX9GQiXi2PTdCKAkNA78kJLL3Ru/+mR6f1McZapkwlFBnyoG+qrI+fyj5qhMqmk=,iv:GE2Caho/Ng7opzLD65WLMU4pZqHlllacT0IClz8cXlE=,tag:/VupPxTEvaaXEIpjVc2CUg==,type:str]",
"sops": {
"age": [
{
"recipient": "age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4TlZGM3N1OGxKQ0NiMDZJ\ndGZET3cydHRnS0xmK1o0ZFhYcVM4d1lYNUZJCkN6MHdPc2wzejdsb2JXQ08wK042\nR3IwVS83d3NqQ2I5WGlxWDNLcElJZXMKLS0tIEdVck5OaXlnTzQwbHYxVDIreWRN\namNpQnZpUGlZMkdiaTFSRHNGZG9tb3cK8/m06LMrEr+Adrv13LdlpLSU7JV3US6w\nE4/SUJk8qm1i4lQ6Y8rzaQMpYkmLJJuCLlLcjP2retjUS93/wwE6lg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2NUswaXc2ZksySXR6b1Ix\nWFEwT2N5bkJ2WDF3Vi9aempVS3ZHRnMyRVhzCmdQODZSM1FzZldCdG9jZFJjS3VV\nNHdSSDRzcm9PaS85U0kyaTZxc3h5YmcKLS0tIEZjMTFrU3llRGhKbHpkeGJ5YzU3\nN2FJcEthOFV2c2JvOEJKSmgrVjMyNjQKPaqDJcG+bCVCJmkwaeO2F2PAoIERDOaI\ndpoq4SoBcFRS71C2GzPvZPBs7RFaDGSlIqALpYzbDwdA+z7uqplcoA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1VUNCcnNEOWEzWFFaU29N\nQTFzdnpRcTZCUjN4NFJ3TExyR3M0QytuU0FnCmlyZkNyVk04NDBhay8xVExpWnhr\nK2JzUUwvTGFBeWQ4dndwUzUwbjMxMlUKLS0tIHRRdlNwdE1NdDlxajBOd1ZkNmh0\nSG5oY1o3L2t2SHB6VmlnTmFscHFudWMKsg2o0xG3P5hTeHz5N5rs3QwUc35qV0eC\nrup+751+KYUPE5/xtdhQ5t4uqeUY2LXT7diW6fo4wNR5BL5mIoaP3A==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvTHM0WXRTMFloYUUrOFVL\naGZwclBzL3BNeUZwd0dnYk9iaHRKTXlwY1NFCkNGQlBrMTRwdlVoVWtFL0Q3YXVS\nOEtyOGJJVjU3ZlBQb0VrMUVBTFdCMWMKLS0tIDFiajl5a1d2ZWwxak5NRUd1YTJK\nU3NqVVVUVVdlN3RrU3NTYmN6NFJOTU0KM31BZlxkvg66NghMELNM2KMOcN0tuDuD\nu7ujktQMC68GZ+wuAN1ki/vuA8ZCSDqC0EDfxT/BezjYxXHOd7CQNg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-06-28T14:43:36Z",
"mac": "ENC[AES256_GCM,data:ZrmJFSXOCrf5Nvf+v0IzEa8RH/3ZdmcD/mQBSUQ5SBSKOyh+uQcBQF5+aRe9GXjEyOVJolYA25xEHi8YyNI3+/VvAAPaP4g0LA22gpLelP7zvJBGB4F/74SbmkmkkU1yMSCihcyBrxQVtcPU3jtyLsyMalbigYOf28BInqxFNqM=,iv:h/VzHqyvIxBzNJ+IH8Ei/A5OV5QL73MKV92ayFxs81Y=,tag:WXqLzUGWkeEdaHnWcJAhgw==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}

27
secrets/imxyy-nix-rclone.conf
View File

@@ -1,27 +0,0 @@
{
"data": "ENC[AES256_GCM,data:H5CGsFM58ivxF2x4RSSU7frD44nsrVh55493Icy6WhaSeLhTTfxfoweSXm5WYSvHorA9wiTLA0VljML1kj0+wTJM+A3PqpaU81uE3V33GNzLpDZw7B0dHtNrX/9C1TC574rOsI3w+6PVA+NpGJs4ROcNouHDIrDxuSlyie7lZwW1f/VikELIx73LMMJfqL50+LKgQpvey7jz0rLMjv1nRg484LoepXd3s/dVZD6DzBY49CSu6OZzpq49LxLgiKSMorgOFhfffbsuBto2zfw1J28cgzFjiIfKp+38mhK/LHSuT9GIXqavH7CoHPAqy1hfbkLc1P4m2FdAFcF5Db0tg6E=,iv:tP9AFJRuRoRe/fNjen7wNAglPydILlW6+BEbS8VoTmw=,tag:68VCpplQp0vZ/oW/h53poQ==,type:str]",
"sops": {
"age": [
{
"recipient": "age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxTmVNRkJ6ZTBObWF1RE5v\nUkdHMXkyQXU5RlEvblZ3bitBMTFURzUvTGlZClMrMlVDejRkZHpiWUlpRm5jSHdi\nbXAyc1l2S2JUZjh0Y2xjZEJ2YklCRzgKLS0tIDFKWEY4R2JJeFIzMUN3ZUUzVjQw\nMkprdnJYek44OWs1L1VXSTR6VlVTYkkK8zqmmr8iiYvNMPyGha1g5WKqYCbOEnAw\ncO1T7eN3IMfwK7ueBZkZQsDL/XZ4JoNKL2aseCDxbiDqIxHV5Dttdw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1bFFaNUd2Tm9TSyt0WjJV\nRVhDeHpGWlB5SHRNRGoxOGwxZi81OEpYQ240CjRvZFJhVDNRTlFUOHFtSUtrVk11\nYXpiYjZ1OFRJYmEwUDd3bklJRlJWMmMKLS0tIHN5dFpxUE43ZlpkdHJFb1daWjB5\nRTZxWEJIOGNhNkJHTWRSVExvUVpkYk0K/8zXTA8HjMQzoUpyK+Sa1orZzukLxJPw\nR8ts/mKk/lL+hXWN0QdLu8cSvOGth1QvzeGjNb/2eToQa9fZtar6YA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvYm5Zb2ozdTI0TTVuWE92\naHRUOGhhVW9jSTVxRlJMSk4xVVBBeXVlMnh3CnZCUUVvTjl0VzFVVHhLOXNpYmdu\nYmp4SWxBTGc0MU1Sc3N5S2NwVlkvNGcKLS0tIHZ0c0hRNlRyR09TRGFYUXBsVnZQ\nbENCNlZucFVDcm1ZazJOU3VMbjJuZncKbwTyidmzUzITHdFiihdToOyvJ8BEdrgU\naOftPVH2B9YJ6GuLRFLSMJEhSStITLFkzEshB6EJbUkZPbUSwHnX+g==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5WnRMbVczYVNSblF6YThh\nMmpwWDUrWjV1Q1ljYUxDZFp5U2k2NUR6aFdZCjZ1SW02cTB2cDhIOHBqSFFuU0du\naENsUFhlcG80ZnRuVkRFYysyc1ZRejAKLS0tIDZTa2NJYnc5bXNSUUpkb0EwUkhu\nQXI2RnNFRmNxUXJXMTh2OWVERHVRZjgK5YtTAGRr1a1qT3A2zYbutc7kpa1mVC0g\nKr5dsCrjzvLUxs1bP8ynFX2zhsy47GEEwL3LMwIZY9JAZiLuyeA3tA==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-04-19T02:58:06Z",
"mac": "ENC[AES256_GCM,data:TEwHcXhV76VyQf7lzaP7I7LKfcOKWhgdt3bemfO/M7/ZLEc8A8tCN1SGjH5hpOMCJEx4Pws0pcY+EqjlWmA8q4eSR2mZNGGrFsCJCfQJSwpicD0/IDEUNfdSoygmjtyvnnYfioxqbvPc64eR9emG2DedvLKvWeZ5ZmvfZ8ujP+8=,iv:VkvwOTAznJsO4PaD+b0wCxDJN5mSMrjqVT4bZ7EQrvI=,tag:JBOomz0dAX18HDxwM2jyeg==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.1"
}
}

27
secrets/imxyy-nix-server-hashed-password.txt
View File

@@ -1,27 +0,0 @@
{
"data": "ENC[AES256_GCM,data:3FRwUs3qmYisK4GL2WbLAkejvbUDyKsYCAxs8QNU5rkrzMFVaHS83/zOK3eGmEFkMVm7Hri+uMW6fyNIuKVxsYo7+xmKhmw4TXk=,iv:dM8hgg086DjjRPIsThIYqWfRKfuJpI1JXsdx+WOxtoY=,tag:BO1G1r4o4QHuDeB+OrydPw==,type:str]",
"sops": {
"age": [
{
"recipient": "age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkOVVqKzZGejZUZzlNSDhD\nNEFNTzZrWXgrVjkrbEp2NzhoUm9pS2Q5dFI0CmxBcVVDek53dDJPVVlQT2lERWRH\nUnM1bzc1dWtJU3pFa1RZRWY4akM3ZVEKLS0tIHV6TEtUNkFySytmRGM3bThTOHdq\nV3RYS0FSdUNSQVYyMStIenF5TEJWOFEKwvn0+N9jwrfcAziwfd1eSL+3oacoh/90\n6x+RlGR6ZPV4uK2zkS3D1kCTmlDsFUhQInhRaaPG+RFXRjhOCKxs8A==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQY3pRdVNSV2RLQThmK01B\nU1NWeHhkeU80Wkhkb3ZwQzk5WW00cGNCZHpzClByendzSjQ0WlE0ZmcvbHV3QzNa\nMmJNZ3IzempuMjF3SFAzdXZwRzlrV3cKLS0tIHpDUUdqTExXc1lKWEVsMlp4bFN1\nbG52aXgrSG1PTGd3YUtZS29UbzNGYnMKYXcr/5+Z9+KT6JDqAGEuxeLZryYxMTi6\nG1UxTWJ/yqoEHovENdMGSyvu1GiEll0irlY2DygD+hI0PML7S5aA5g==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwSzMrNmR0eDNLbnp4ZjJ5\nU0lDU3NxRzNyN0Q4K0V0WmtSajlKK2x1Zm00CnZkYThLKy9uSzFjVnBpbnVqSytK\nanhKNVlzb0RmT0RJdEFtVHRKUDNzSFkKLS0tIDZUMnR3T2VGdkRUTGhCSHJEenE5\nZTRZRW1CVWcrcFpsT09IMFlNRm1TWmMKYq2J6Kwxh4cUs/NhqXc/rrWavcjZXZ/h\nbqBhZ6sTEAG5zcRyhYt2r3X7QW/A3TcYxEmAmWDNitug2Cv3jihkLg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkTUtuZmYvdk9OcHdMVnFt\ncGNHK2dpazlsMFhmNFhHWFVHZGVXOGgxQW5ZCjZXZk03WjlZR1RJMWNqaHIwbC84\nWHBjVit6czd6TTYvWGJNOGFUNFZ1WEkKLS0tIFpSa3pRVEJ2SUxaT2dlYUZhckRB\nWEovTDhOV05OZDBjV1loeTdMQ0RUbGsKFJWailZoXIJ1RnaduJakdTahOJZUweIc\nKT1IGw022cKd6EEKw/z9z4SCG3bltwYrNZ7TazgWVQlFLLU5tqaXSg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-04-13T06:45:59Z",
"mac": "ENC[AES256_GCM,data:QRncQXUWxoafT8yTqnJLEaWGWPxPNNnga8IyE4JuYIOXTHg1NqDQoCRwxJYVBfcYJyF/P3L1hrhQ+lSJPKGD0ediXsIW+ClDMyZ6w0vknDCcHJ1fy/GAyKJGHUbtlEzlcXknwIOsNrCfkNB75wHhWTRH7yLqovedyp+VYFuEbig=,iv:eB3YrskOHboHGcPZRdGVp+bAKqsqI6lsmTsXCkkNgF0=,tag:bNFfloM5PbtQ8rpba7h4sA==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.1"
}
}

137
secrets/mihomo.yaml
View File

@@ -1,137 +0,0 @@
allow-lan: ENC[AES256_GCM,data:/NS2lg==,iv:rdjmAyJ5hQZsaqf9xLTuu9103mlBrJ5rRpWcRg4unfA=,tag:wIjPvBgmBZ4U6HRnAyZmzw==,type:bool]
bind-address: ENC[AES256_GCM,data:lQ==,iv:Il8zZQY8bkOQq82n9FfEJxfllYkL0XSz3w8fIQF5nLg=,tag:Um/lxN3hrQP/ojS3tvkh0A==,type:str]
mixed-port: ENC[AES256_GCM,data:3pO+YQ==,iv:d5fQRnaXwELshI267IRhNrBi+lrkE1tAVQtGWbTTL58=,tag:bjvnJGc/ot0mwWJlXZdAGg==,type:int]
mode: ENC[AES256_GCM,data:tLvZMA==,iv:ZTHCuf/fGBrqXKy1U8FqCPOPk/xhwXH+d+LCeuU1YN0=,tag:XSvkAx/HGQInFcxod6p7ag==,type:str]
log-level: ENC[AES256_GCM,data:GjK0SA==,iv:p3B73kKmAklWWsrQZJYT8KnH5I4SyGHaFWo6fqr57V0=,tag:LvOxkFkNOBo3GAj9Gx1l8g==,type:str]
ipv6: ENC[AES256_GCM,data:TkqT508=,iv:vYn61sFKuKeDqC3pCBMvn/SZaxTmuUA1Dp5r+Wyjl0c=,tag:iT6e7MPvLtMVntqZrdVWfA==,type:bool]
external-controller: ENC[AES256_GCM,data:DuI/L1mDF5soS5aS,iv:1U5msjsK1kLCUEWmhRp3poKFnTa4T2wgq08WtLn+NDs=,tag:iqQF8LHCAWGvMuKrf2ieYA==,type:str]
external-controller-cors:
allow-origins:
- ENC[AES256_GCM,data:Ow==,iv:C2R4gooPGj4lranMXP6Uu+nCbGhVk1S37dBKbYgdsRU=,tag:onXhjT4c/qMoayForPKwEQ==,type:str]
allow-private-network: ENC[AES256_GCM,data:mxDrog==,iv:L4hT2zLieK7nQnp5GvdHTsnSkeTz61v77nr281lAcag=,tag:jCQgs+0aDrl7BSZYxI7qUw==,type:bool]
proxies:
- name: ENC[AES256_GCM,data:CoSf2ETY,iv:stqOA3auCgfdMF5dtHrxUtM1fmrjpBzF++Oq4CaaxDw=,tag:Ep8+Do2KSGyyI3htJMyO+Q==,type:str]
type: ENC[AES256_GCM,data:h0grklnXHcch,iv:iyAYk+ozaR+lFYgqPU/7HN5zXhphBnGNu6boqwbGhwM=,tag:Jjh/GrkKo/Vw9OUshTz+aw==,type:str]
server: ENC[AES256_GCM,data:fByASUq0i6vl00aT,iv:m7iykG0sJnyjBSuu9qD78bS918FD3fj9Gak0cBSidJw=,tag:U0y1WHvOmQ6f3qnz1Qs+Ag==,type:str]
port: ENC[AES256_GCM,data:D/2Y,iv:/TOva98IWHrSeNHeFPkMq/GzkRu5k7RgddR0V5fp1mw=,tag:rS/kTisQ5Im4mcczmYpK/g==,type:int]
ports: ENC[AES256_GCM,data:Y/HnLKFSNVJC3WM=,iv:kiQw+GKtY3n0+mP2Tt7HiQTALs+6sTWpFdsygWy+1S4=,tag:/C7yfaEWV01rJ5y0kifs5A==,type:str]
password: ENC[AES256_GCM,data:41qnTwmzIWiGA8eVCWs7sq6gpg==,iv:6G8Zxi8P9h9wCF303ADTuOAV830NErok1bN2neFx8jM=,tag:6JxLB9sSF+2MzZAnTz7qsw==,type:str]
up: ENC[AES256_GCM,data:d6L+m9ArMrM=,iv:EqD8slVt/Wf8Edj6qTKt2qFovgGDDBEUN+YFPF8ug7M=,tag:8FIxAgkKF4fu4Z8Zauar2Q==,type:str]
down: ENC[AES256_GCM,data:RM5qROOyjsvf,iv:ESOrGbRPijJ9ptQrEduG3PW3CsuqCbneUxZg05lRcq4=,tag:FT/s5TYu+54byvfxv7eKvQ==,type:str]
sni: ENC[AES256_GCM,data:p7XIiaPEC5UUe0Hc,iv:CgLd9lQ9ivfouzxihzR/OX8KgvIvyj0DktI5YYZ6epE=,tag:EzBxiAuEeEz2jyF0M5Ee6A==,type:str]
skip-cert-verify: ENC[AES256_GCM,data:uea1ExU=,iv:z7oRGpeLjzXA1RB5E3ucJu/bPo110v81AFR+4dDQYwA=,tag:AsorLzyJfwJNsJShlXQBtw==,type:bool]
alpn:
- ENC[AES256_GCM,data:0HY=,iv:I1stdmbZ2wKbYBN7bRLtz+4Ma7j8xect4HS9g0PKl0o=,tag:vI+jTgZWJSyag0dhXi0MKw==,type:str]
- name: ENC[AES256_GCM,data:I/gOScJ4PYyG,iv:Wi3x1D25WX/m28FYenmU+g/laqosIHe0YpFQGYTIAAI=,tag:Vg/KqSIhxVetaloyeEp2FA==,type:str]
type: ENC[AES256_GCM,data:C7hjfARP,iv:r+5/qimlashka+qMjrtlsOEMBFuN8/4SDrzzW/WM+KE=,tag:VVpvomQxVFxh/GTRW59p6g==,type:str]
server: ENC[AES256_GCM,data:fByASUq0i6vl00aT,iv:m7iykG0sJnyjBSuu9qD78bS918FD3fj9Gak0cBSidJw=,tag:U0y1WHvOmQ6f3qnz1Qs+Ag==,type:str]
port: ENC[AES256_GCM,data:x46frQ==,iv:y3ZtVJQP3q08duFGUXSH5xLo9Q6GZmGvhmCKzNiztfE=,tag:2k6WGrK1wGa4QwOYJHnwkw==,type:int]
password: ENC[AES256_GCM,data:SoxJyZJLwxRQoErQ1ZHObnM=,iv:YVDRtTb0P15vA67ZUQgCBX1s16iqjrtG0oodE9RPDMI=,tag:zsKj2mwEWwDtJ9QGtbix2g==,type:str]
sni: ENC[AES256_GCM,data:p7XIiaPEC5UUe0Hc,iv:CgLd9lQ9ivfouzxihzR/OX8KgvIvyj0DktI5YYZ6epE=,tag:EzBxiAuEeEz2jyF0M5Ee6A==,type:str]
skip-cert-verify: ENC[AES256_GCM,data:uea1ExU=,iv:z7oRGpeLjzXA1RB5E3ucJu/bPo110v81AFR+4dDQYwA=,tag:AsorLzyJfwJNsJShlXQBtw==,type:bool]
alpn:
- ENC[AES256_GCM,data:bG8=,iv:7UIRMQ7KGnZUPvfFMGLcworWFQFdd9toCasEeg/IEco=,tag:QwkRWsGXBGxODKIasUqXuA==,type:str]
- name: ENC[AES256_GCM,data:M1xh1A7B,iv:fmajJEeiZ6g9QCzmX9dAqJxcWgNKd17nDqQW+DVHAXI=,tag:2k+lMI4SgUFOYYN561NDaw==,type:str]
type: ENC[AES256_GCM,data:h0grklnXHcch,iv:iyAYk+ozaR+lFYgqPU/7HN5zXhphBnGNu6boqwbGhwM=,tag:Jjh/GrkKo/Vw9OUshTz+aw==,type:str]
server: ENC[AES256_GCM,data:UlqxHe1H1J1OH4Ld,iv:um1xP8HAqMTv8sqZewFBFaIoKq5MaVqultx7q9A9v4A=,tag:gGR1Uxwcap2gZYBmPuG76A==,type:str]
port: ENC[AES256_GCM,data:D/2Y,iv:/TOva98IWHrSeNHeFPkMq/GzkRu5k7RgddR0V5fp1mw=,tag:rS/kTisQ5Im4mcczmYpK/g==,type:int]
ports: ENC[AES256_GCM,data:Y/HnLKFSNVJC3WM=,iv:kiQw+GKtY3n0+mP2Tt7HiQTALs+6sTWpFdsygWy+1S4=,tag:/C7yfaEWV01rJ5y0kifs5A==,type:str]
password: ENC[AES256_GCM,data:41qnTwmzIWiGA8eVCWs7sq6gpg==,iv:6G8Zxi8P9h9wCF303ADTuOAV830NErok1bN2neFx8jM=,tag:6JxLB9sSF+2MzZAnTz7qsw==,type:str]
up: ENC[AES256_GCM,data:d6L+m9ArMrM=,iv:EqD8slVt/Wf8Edj6qTKt2qFovgGDDBEUN+YFPF8ug7M=,tag:8FIxAgkKF4fu4Z8Zauar2Q==,type:str]
down: ENC[AES256_GCM,data:RM5qROOyjsvf,iv:ESOrGbRPijJ9ptQrEduG3PW3CsuqCbneUxZg05lRcq4=,tag:FT/s5TYu+54byvfxv7eKvQ==,type:str]
sni: ENC[AES256_GCM,data:rkDSKvEwqgNZE4Yh,iv:Nfi9j5/IKygbSDgBAvAzHrqEYFMQPXjdI3aKHNiFdFs=,tag:N7MZw4nUOGlo4RIo08DAmA==,type:str]
skip-cert-verify: ENC[AES256_GCM,data:uea1ExU=,iv:z7oRGpeLjzXA1RB5E3ucJu/bPo110v81AFR+4dDQYwA=,tag:AsorLzyJfwJNsJShlXQBtw==,type:bool]
alpn:
- ENC[AES256_GCM,data:0HY=,iv:I1stdmbZ2wKbYBN7bRLtz+4Ma7j8xect4HS9g0PKl0o=,tag:vI+jTgZWJSyag0dhXi0MKw==,type:str]
- name: ENC[AES256_GCM,data:524kL2VUV/Zr,iv:up5Map4oTAPmalvdpiZAob4wrxMAPu9w3Nk8VclDPOI=,tag:9FKxdoiHzUI9LBpt9QOy4g==,type:str]
type: ENC[AES256_GCM,data:C7hjfARP,iv:r+5/qimlashka+qMjrtlsOEMBFuN8/4SDrzzW/WM+KE=,tag:VVpvomQxVFxh/GTRW59p6g==,type:str]
server: ENC[AES256_GCM,data:UlqxHe1H1J1OH4Ld,iv:um1xP8HAqMTv8sqZewFBFaIoKq5MaVqultx7q9A9v4A=,tag:gGR1Uxwcap2gZYBmPuG76A==,type:str]
port: ENC[AES256_GCM,data:x46frQ==,iv:y3ZtVJQP3q08duFGUXSH5xLo9Q6GZmGvhmCKzNiztfE=,tag:2k6WGrK1wGa4QwOYJHnwkw==,type:int]
password: ENC[AES256_GCM,data:SoxJyZJLwxRQoErQ1ZHObnM=,iv:YVDRtTb0P15vA67ZUQgCBX1s16iqjrtG0oodE9RPDMI=,tag:zsKj2mwEWwDtJ9QGtbix2g==,type:str]
sni: ENC[AES256_GCM,data:rkDSKvEwqgNZE4Yh,iv:Nfi9j5/IKygbSDgBAvAzHrqEYFMQPXjdI3aKHNiFdFs=,tag:N7MZw4nUOGlo4RIo08DAmA==,type:str]
skip-cert-verify: ENC[AES256_GCM,data:uea1ExU=,iv:z7oRGpeLjzXA1RB5E3ucJu/bPo110v81AFR+4dDQYwA=,tag:AsorLzyJfwJNsJShlXQBtw==,type:bool]
alpn:
- ENC[AES256_GCM,data:bG8=,iv:7UIRMQ7KGnZUPvfFMGLcworWFQFdd9toCasEeg/IEco=,tag:QwkRWsGXBGxODKIasUqXuA==,type:str]
- name: ENC[AES256_GCM,data:1M31k80NuPJaT90=,iv:3EMCEptjHXOHDOkPcfLw0BHR/eOAndYLtJyXFIM8Xwg=,tag:di9w082wTA1mk8iu8oA8yQ==,type:str]
type: ENC[AES256_GCM,data:h0grklnXHcch,iv:iyAYk+ozaR+lFYgqPU/7HN5zXhphBnGNu6boqwbGhwM=,tag:Jjh/GrkKo/Vw9OUshTz+aw==,type:str]
server: ENC[AES256_GCM,data:xPCnWkVYwD2Ty0IzUJPvY6U=,iv:Vz2QPfHSsVc3jVWj4hPNkMl2zCAvQgb9UdmMTEjdLHM=,tag:Ym1vSk7J5Zfi5UAVoCNq7Q==,type:str]
port: ENC[AES256_GCM,data:D/2Y,iv:/TOva98IWHrSeNHeFPkMq/GzkRu5k7RgddR0V5fp1mw=,tag:rS/kTisQ5Im4mcczmYpK/g==,type:int]
ports: ENC[AES256_GCM,data:Y/HnLKFSNVJC3WM=,iv:kiQw+GKtY3n0+mP2Tt7HiQTALs+6sTWpFdsygWy+1S4=,tag:/C7yfaEWV01rJ5y0kifs5A==,type:str]
password: ENC[AES256_GCM,data:41qnTwmzIWiGA8eVCWs7sq6gpg==,iv:6G8Zxi8P9h9wCF303ADTuOAV830NErok1bN2neFx8jM=,tag:6JxLB9sSF+2MzZAnTz7qsw==,type:str]
up: ENC[AES256_GCM,data:d6L+m9ArMrM=,iv:EqD8slVt/Wf8Edj6qTKt2qFovgGDDBEUN+YFPF8ug7M=,tag:8FIxAgkKF4fu4Z8Zauar2Q==,type:str]
down: ENC[AES256_GCM,data:RM5qROOyjsvf,iv:ESOrGbRPijJ9ptQrEduG3PW3CsuqCbneUxZg05lRcq4=,tag:FT/s5TYu+54byvfxv7eKvQ==,type:str]
sni: ENC[AES256_GCM,data:+PlKKl8N73CiANmWYnMLQDI=,iv:NizAQl+xLuvJHVpGfzrJLNa1b+B7q2SbIHpLjdoUjfY=,tag:tdNPsIgMO1s3CRggRm+gpA==,type:str]
skip-cert-verify: ENC[AES256_GCM,data:uea1ExU=,iv:z7oRGpeLjzXA1RB5E3ucJu/bPo110v81AFR+4dDQYwA=,tag:AsorLzyJfwJNsJShlXQBtw==,type:bool]
alpn:
- ENC[AES256_GCM,data:0HY=,iv:I1stdmbZ2wKbYBN7bRLtz+4Ma7j8xect4HS9g0PKl0o=,tag:vI+jTgZWJSyag0dhXi0MKw==,type:str]
- name: ENC[AES256_GCM,data:zKRNc9xfDgCx8Yxpp0I=,iv:plmHDReDGfVCz1i7QlN/Oo+5hhME2mw0il+LdgE+pN4=,tag:BtXj8qG5UeAYMAbcWSRnaQ==,type:str]
type: ENC[AES256_GCM,data:C7hjfARP,iv:r+5/qimlashka+qMjrtlsOEMBFuN8/4SDrzzW/WM+KE=,tag:VVpvomQxVFxh/GTRW59p6g==,type:str]
server: ENC[AES256_GCM,data:xPCnWkVYwD2Ty0IzUJPvY6U=,iv:Vz2QPfHSsVc3jVWj4hPNkMl2zCAvQgb9UdmMTEjdLHM=,tag:Ym1vSk7J5Zfi5UAVoCNq7Q==,type:str]
port: ENC[AES256_GCM,data:x46frQ==,iv:y3ZtVJQP3q08duFGUXSH5xLo9Q6GZmGvhmCKzNiztfE=,tag:2k6WGrK1wGa4QwOYJHnwkw==,type:int]
password: ENC[AES256_GCM,data:SoxJyZJLwxRQoErQ1ZHObnM=,iv:YVDRtTb0P15vA67ZUQgCBX1s16iqjrtG0oodE9RPDMI=,tag:zsKj2mwEWwDtJ9QGtbix2g==,type:str]
sni: ENC[AES256_GCM,data:+PlKKl8N73CiANmWYnMLQDI=,iv:NizAQl+xLuvJHVpGfzrJLNa1b+B7q2SbIHpLjdoUjfY=,tag:tdNPsIgMO1s3CRggRm+gpA==,type:str]
skip-cert-verify: ENC[AES256_GCM,data:uea1ExU=,iv:z7oRGpeLjzXA1RB5E3ucJu/bPo110v81AFR+4dDQYwA=,tag:AsorLzyJfwJNsJShlXQBtw==,type:bool]
alpn:
- ENC[AES256_GCM,data:bG8=,iv:7UIRMQ7KGnZUPvfFMGLcworWFQFdd9toCasEeg/IEco=,tag:QwkRWsGXBGxODKIasUqXuA==,type:str]
proxy-providers:
ykk:
type: ENC[AES256_GCM,data:QFH7Kw==,iv:uBwdbVdfQuoJ4wIxT9lAS/b0C167IwJbD2KhrB1VzkM=,tag:8ogC9VITAOfeMtceq20Wtw==,type:str]
url: ENC[AES256_GCM,data:aTVsXCfaCkdZes1CW8SJVQFiTZ/KbYky6ei0FKSmeCF8/TbaLIKKR46FX2yQ8682fdcLGcAB8ekblQ==,iv:7OQ69sjVWNyOrPVlA8DWTAbw/LIVzFFm5dK4FBcwvyk=,tag:gLVzTM5PypNLpaIOiPYc/Q==,type:str]
proxy: ENC[AES256_GCM,data:BIEXrZQ=,iv:ZzEEJmLgbOhBTcZEgPfsL0AC72GpydlFTKhJ4+fgTec=,tag:v8URxwAU5wSHD5GPr/sTfw==,type:str]
exclude-filter: ENC[AES256_GCM,data:Uc9L0zm7TWGAgIQq6thwK4evIuYoEJyRJ2M=,iv:CbJp7BcobOfkxyY7/fvaECif57yhPZ1/IuPjLwYUwUQ=,tag:xtGissYFtBX3OVinstWRug==,type:str]
proxy-groups:
- name: ENC[AES256_GCM,data:O6LAzFQ=,iv:a+dfdy14adLlYbJQ5wAQLsD5hxuEXKW8Y/erhBVAREE=,tag:79++dpg2E2Mtc8y63nRcHw==,type:str]
type: ENC[AES256_GCM,data:JR3d3D1p,iv:n0u8vayA0PVDM7yvh2pk36S8EeqMnZRN8TZlwNnEC3U=,tag:ZmxXOralviL2xyd8+hN3ZA==,type:str]
proxies:
- ENC[AES256_GCM,data:IEFd/SNk,iv:JFLQaa5nk02nXesGC1fcyV7LexOa4dHjjqNKlttwp4Y=,tag:DeP4oT3xcfOEzff8RwoZyQ==,type:str]
- ENC[AES256_GCM,data:W4BYLRg/tYN3,iv:QfLjSOm/tVDihmgUaFAI3fp2+c0kSil34pdR2pZobLw=,tag:aLvSMitNmxbgFU/mapYgwg==,type:str]
- ENC[AES256_GCM,data:heJ5CLaS,iv:yF6YaM4UmxcwgPMgbi5shzLC4fv+yNX15rVLRCos6c4=,tag:+0EKyuEHx2hu7BEXZEdJew==,type:str]
- ENC[AES256_GCM,data:fDVLR0770KUF,iv:prsxi6lcvMg6I+2o4rlAYuepUdjAPHpFfzCf6LyXj3M=,tag:rXMVs9EBOq5oCWHYtesZXQ==,type:str]
- ENC[AES256_GCM,data:iYSMK4S+yuT9p9s=,iv:yBGjJSYItlzA6mBDdHYgcx0oM+WL5CfgWB68cFOmvXc=,tag:49lgLg8hE9hs3Pbv6nZTkg==,type:str]
- ENC[AES256_GCM,data:BRdw54Oq5sR2SaFXg/U=,iv:yS1MyVh0MjxctPFE1D3wrbVqztJJM8JP0gtkqgu6zdY=,tag:rJtHptplT8ZiPOXiQqvr8w==,type:str]
use:
- ENC[AES256_GCM,data:hGy4,iv:LS9vHmdXUMuy0Na1z5YMpB+vEwKFLfezsftdWcWjTv0=,tag:lueXcksvaPC1yKpHT2zUag==,type:str]
rules:
- ENC[AES256_GCM,data:S6yGMmG4UUUWE04=,iv:FWz0kNu0hhQ+PyIMSxl6NPX/INluS7jAO9loX+E+jlE=,tag:tXK35hMiYDU8X0yl+0PRuQ==,type:str]
sops:
age:
- recipient: age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKSVRMQ0N3bTVqb3BWbU1B
SlVtdlVHcWRjcmt1Z1dadUhmOHVtcFYwUkVJCjFvMlZWRUh0Y05pRUx3NFFqaVVv
cU5kZlIwNXBzNHZsZlJ0VUNTVkNRRzgKLS0tIGVWZmE0d000OGcxNzNNdDc2SVhJ
SXdoWFJPdGhraWp4MVFiV3BoeUFOTkUK2WLT9gvtLcXWTd5MyKufysJCPRsaL4TB
Avt7XdHWhHq1NmLLFcnk9oMfYbwO/ORGkH5zLPzwxsf4d4fwn0pGpQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByQXk0RVZWWFpieXZMNHNI
c3dic0liY21nTWh1V082K1gwQmlGc2w0am5vCjhvL1V4ZUtkZ2o4RGE5SDA0b1lt
bmRTN1FIRFJnQzUyN0lQU0x2bnVrZGcKLS0tIElOMXVkcjZTUkt4UjRQWHNCREJQ
b1dEcjdwV3ozaEFBUzhZZ0lDQWhIeFEKRR25xAFhJdZhnH1f1Rf4J79479Bv3mry
XzCtyeXd6ebW65K0FWc5jSQIZEQ1OfezLxD1yw0JbKUyCD8TJH+ufw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5U09rb2FkSExGSEVkVHpk
N284RTZ0c1k0cWI3a1EyaFNmVHV2VU8yMTJZCmdVakZlUXF4Uit6b1c4UkhRYkR3
dCs1L0RHM1ZuZktwMVAwcDdva1hWT00KLS0tIHFza28vQjYvVHIzWTFLYkV0MDNR
QWl5TlFDUUVvSlllYmNsRCt0YWtheWcK/JdSshuONFF5D8eoCaBFvfr4P7jN1LY6
qYL40WZiXFiQYAor9HgO+VRVDpDdgveLmyedUr9tNu5ku39olVL87w==
-----END AGE ENCRYPTED FILE-----
- recipient: age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByQzNEOS9IRG5jNG9BeXc5
WnM1anBPZE9SdjRYeFYwSjdrUUJJU3hQRVhBCjdvSzFsMHQwVFVEVUFZQnpwQzdM
RDVOV2RYdzNqNk02MmZrdGxhdXVPYWMKLS0tIGM0QndQdDFkMk5OVWF1T1lMRUR3
Q2xnck11TXpVQzJWVWRrdlZWNkcwY0EKQiQJDUDU0ChvrdjqlOTngigPneFDWMIH
i6T5x8cJ1w4MDm1izOHdf8XT1IO5h8OgcnazoVxQomNRxj3A930wiw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-12T13:49:28Z"
mac: ENC[AES256_GCM,data:/APVRajT68Ysyd8fPKrU3eHX9V1lyRVBhLFUh6rxkAudwmxqKP0O4AcNl5p1ICdPkItSBKGzxHlOkjDDIK5d/dYKJjGzLxAvyVxoJwcmLGHZuPEpLS1gsElw9lpQRJxVbbm7A0tb2PeoUgaPm/jMETrg0FL8jsstOQomd06izJQ=,iv:cdkRZjiBYIK+dIQ7pIclRTeDaPnJ/w6c9hs1ttywmOY=,tag:UlDYkcjkGqWKC4sDurwyfA==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

14
secrets/minio.env
View File

@@ -1,14 +0,0 @@
MINIO_ROOT_USER=ENC[AES256_GCM,data:sBnNpnA=,iv:Z2K8Cg/4DW+MxcKIFVMRWlFj2/qqFLCDnzJF6Uq8eLE=,tag:Y+A/FZm/3k35+bNgl89xPQ==,type:str]
MINIO_ROOT_PASSWORD=ENC[AES256_GCM,data:sgYwUxp2Ao6nlUJ8RE7V9Bz1ZG4=,iv:LJJg62vCiguOp8aHCSYOTMtW3vjvXy+RnwghKJmaTR4=,tag:TnyxLzshfe53e2vav1QblQ==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpMnk4T3Fsai9xcjRrSFBQ\nZm9SUXFMMDExKzVvUkE0eXAyc0VkanJQNnlNCmlDL3dFTnpSMXREbFpuWjhMOFNp\nRU5nSFJWVVZkL1paQURVZS96UXlXOTgKLS0tIDZGNWszYmUyQnJCYVFhZ0pidnZ0\nZ3N1bjU2c0lWL2w2eDZPaHN0bGVkL0kKXfxq4JSy/E8ToiliaJv3kjuB/28srtFS\nvuDv9FJstqzvjh/uX9mrLlkY4H8lLB3JKunZuLIqyrTnd8iAshrJVA==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzZkZFRUVBQVJ5V0lZVlVR\nR016TWJRTWczQWtHcStGTXI2czd6N0ZaeWxJCitjbFBHaXFUUFZVU0ZvY28rK3RL\nMnRBQk9DNFViWnJYbkNtQitvNzRMNHMKLS0tIGRBb0hQdEZsL29Scm9JejliUlp4\nWUI5ZC9rVEZGRXZBR3E5WjV4SGhLbjgKUbKUIC5Z0BI64b60FATzzELP1xsra9hE\nNt+YlekdN/WXAUeZMEeCsLv1N97dlNl5xpWNNbtTO6fgI6q5NE12bQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6
sops_age__list_2__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjK2ljWjlSOXB3dWVMVXBB\nbEZ3WnUxMERlZ0cvSFh5eUZaMndRVG1qdWdvCkxzWEhLM25RS0hBNU1EQlhqM2M0\nL0JDOThKZmE1a2RBNU00QWExQit2bWsKLS0tIHF1TE5JU0pDWVNYUWtQZzlOdmZl\nUVZwcmpCckxFWDgreXBEb3lhK2tIaGcKTfvcjaM22Zdm67604xdPhKwmn67+1F3t\nHvGE7UClZdQiLDRWW35/7csacS9XJE3OgOlqWGVEjNDqcUUTNFyETw==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_2__map_recipient=age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq
sops_age__list_3__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpVHlncC9wTmNHSDB0VmFP\nTXBkWW96SEhLS2VsTy9VdHM5Z0cvdDU2UndNCjRIeWt4WitOQzJra25jd2E4L0tz\nZ3RNRlp0eXBzVHEydnNjU1lLY2JWQVEKLS0tIC81R2FCUmxFOGp1NE5oY2R5YlFF\nRndQT2x6dGxtTlpMSGN6WDBhTmJ1aEkKNLKE+lArpvYJbkrHXVNer1VZ8NapMqf2\nh9hslcVjHio1hDVcJC1xWoHB4MYjL6YxOB+bC46uewg7/HN4wrcGsQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_3__map_recipient=age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8
sops_lastmodified=2025-03-09T02:24:31Z
sops_mac=ENC[AES256_GCM,data:ium37/C2+zybZDnSlhr6RmB3RiGmjVx4BbHXsfdZ6T+5/DFtkvduhuu0QxLReVBIZ/yYJgttTJq4wIqbUWMvsy2OafCB2piqISe0FAk2KfcM8kqfKFbLFghjkn6Nu1l331MKt/PMLy47ilS5i0Sh3QyD28/pe/tw4vpF3Vz8VjQ=,iv:vLoax3u4RCsisoSUIxy0EA+d2P/WfcPxfXM27QqmVpU=,tag:oCiXH1E9a9NBNbUikNvuBg==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.9.4

27
secrets/sing-box-outbounds.json.txt
View File

@@ -1,27 +0,0 @@
{
"data": "ENC[AES256_GCM,data:W/BV2xkSlsPYp8AwDcxVRbJQwxPMlXLBnEvnpJsHSmLK1vH0KxpgXM1lKohpSQWDCZQjp+ZwX4+tg99FK+SAQzoOOdCWGqdI4tIaOyiamaEY0rsLGIXXxiOms3XYiMN9fjsJhDIERTRuCeLIiVQ6ioQyBVmZSLqV+G4qCz4gCLD2gLI5MppDA42/MnJjWTZV2zICQBF0Gqx1Z3uHTehikPOfk2R19JV0lhvKq7Bpbj0fkLR1ZeWRWM+vNWxE9SdogLhZv2dEZDlADttDVCEd9DCk1wqwTKPlY6aZJ0xKC/SPXlbBPUPhfGYahg3EkInZoVimm/FuCx/+NoNSihfxA/w47D/axxN8ogspH4txFtHi9/Dwe75R8mHv9Haxp5bYe26cKJbTo2Gk4dQSLtv4+5srywNiHbWeb8hvCOhouKIvU4dz4Ut63oP5ACJDh6zspHc7RzSB4QFcSnz0Y3hABl48u6QT85R68I/KlS80EOYo1J+46VTiii48Tul27gaGbZdxAvkw6Sau2HdXEDdgLsj78nyRf9g02DU+zCx6eNzeLBOXvRgxCVodQ3RIb13FB8QPysBCWmwIpue9HdocW2ztp3Md8P0E3mL/w6htr9S0kbBixh0iefN7sgaYgnWBqZnF0QgJXvQE01UmqWxJ8a3R9zrBpfVKVOaHQPavJg8i5BDRIKoUWABbN/34gdRMpNRoxuv+snqG0HfNvY/nJ13hTmWclrsGCBuWHQM2ta6J5d/sfUiR7DExtqDmfrpADBDTb+TwX6qvnineQX7cocNX5hGw7zSQ8vO8Gje5aGT6yDvZT4hlqewF4aZCx4UIUKreg3vQ0FGV3MUwX2ZjVj09NzYXpf3jC43kantQqOwVQxrJdJzxYNalhPV+kszURkNL3Bm3lGXn1h43IJB/nPzzbDnAHODHY8GPiFeG8EPj7Dtpc18d/kn3z8CSMq8SrkhlUbX5GJQkA+58vRO+WeYDw4T7ufrO8bp4PndTV9cYqhcrcVQkwNH9//Vp6f8sJZZILkH0FMTkrHTR7FTLM7mCv+BMskMF+UywdfO9wan7NUOFfft5z0Mr6TBLlYDbIFYnn124dxAwBp6MN+fK3inpMaj/Myf+faYhf2a54JTX+jKTPnS2ETtzPa9i3bx7gRTb5R3dca4/I7Rft+04iNYySK8SVPtgxTsMpofaY6sKt9H+tIxEQD5CkInV0KaO5qlRRoBnfbOb/FMCNIESUljMO5qdep/6aLMtmg0gW7tFZd2BHF5dMFpg9H3aMuwiQX98P9K2h9E6Q0H+gn4K2LneEdsYwZWp2rR6MVI+JO3sv18c1iVVmh6qmTbXH9cwIImgTJLRVrjV9BMD0AviQ4HujpJNZ27jjAMmRZINZOM1QCT9NbptDfZatkctIas3csKBew8g8dDO8kryVmfxxZLfToOA1yWUWkvdqNPiEKYH+bmQMfcDzt5RgcqB9U2ki1cCKv89Dk8rfiQszwUeLM762sebWN6hGNIW9t1Qoioinf3uOwwnW1ttfOyi0R2k7FSFQ0KnzIquSjTJCRlyeMNKyaI/r9sLvGYYjNugjhHHBlod2xxRtkN2WQrquzr0Mf9WdgiwIn5o0wBXYr85GYAC1vh3W9NiVK4k6hk3yfYE1p88L0QjaN9CYQtfs3vHxoOu8Q4/Qhy8XDd/D9UUz2p3sbRCiNF57y63jgoFVg75k/Rb2zzSa0NSR9h7XO7z1i0rAM0hYTTNB+s7dx+ZH7Fp1p4bx4LwF84Z+LU3Nhuxlr7JcPK/nVMaMDlkUMJEwYeqBA+nOL5gAuiHK8OHPqU2JDi6RmQxUf58ivbjDSS9Fk6VO/2t33cyONygJ7qZvpaD8h1KdwmFDNyU02UG0/P3ZSP+X8MSLqXZ95aq3aQhMMpGOlCbVoPSkWNIaZhoGsZGW+dzcfWE2Qg0huZxdgd9wEjtzH9oQ/q8p5R36uxsQcvHsVojbSDe++BGyZ1zu7egHe1zyTwDPqOZ0g4gmWonvznG8/BL00NQyjCMStvu2yWIDnM1RDfUd6ncjEB5buTZI7v4hWtvPMtzPHp/G21Y2kYfyCVoG14H2fbdzUq0/OJRmxuOMslDT1BlFr5tbv2oeMLU8ODzvYGiPlcN32g1xrvGPayYhmspX9C93IlVFis/T1IygyfWXgaOoAkrPxpQ30Z5ljQ6R4/NeLLyB5rWbP9R19h14QRWjgv5bONeFbL9Xb+tM3bEL9bQs+d68bEtPhlfCCeGgnnh4tyrxKzfACHGz6o+btgBmmlkz7eEVe+IewRzTjYj2gdbGFRVi24mmU3LDoFbUChDOuuaZfu5IVMtbGcdKkSiDZ8ctqbVGJXXBZ7wdeYhfCakQ+L5inqQGi+E4luZrA82BIioi5dM5KSbeLw1wGnSvhIPlZxXblhQZKts+wErkTT0FzXwUnAwbsoimLFgSOIxOuh/MWhHWKEhjFxNYpkGHnMvuJK39M+SL3qUuiK/yryEy4adNn3ggaaUFQwjXVIszFwgFlXD6TxMEEl1iFmpbX+89r6Vl8CUpnjI4TmsvdCLmaUpx9wYFQc1bO3+NICs09hJ9mNXYydZd3hpxOqx08zJEVNhtZ9MSf/IRUhrrd5LZXW73h7rMXo/IHO1pyQSQjOocss/u/XVWKBfs1sm2p7z6qeyqaJ35YvC0ILrhfmPKHQ/UNP8+vLOP2g6fcsoYbiw4Z8zUJRyJojsXiJetPTTN843Xs0gdaSCs2c8pjqAHWxr68sflzfyQM1dVm0O8bQnSx8Zuy72lCvH2InKDQqHoAr5yZ41yWJQIqC/p/RGAL5r4FL5iFVKYHZ9eJ2fGS55pDox4/coPHTHAqwXhro8bXxW7CuztCHUvF/BR3jTMAWFI/J5ERevRfORY5sAJ5ERFwjqxtdvLcBfk8aWrQTcrFGeKHD9DfFDUPH1Z1zzY9FQiZl5Ag6hKmv5dVO/FyC/ojClMdqZjuMmAjTk9K0etf+8L5W9lk9BArBi6xSQBfceVK1QhLApXsDYX2nxJiuLs0MTqrdInSOq9/a9b8buQLQAw/rvdFFSeEwkowFu9BhGon4Dq+waV8fqjREH7940r/l1cVyQv71R+xrGOWIOBKeVeo5bqPf0W19P8/q5ODAbHF/y4pzZi0pzr7HTKuk6JYOFRAMBk7dU8A7kRaJkTuz2/7kzzGedvrRz1jvKfq8rXQPyxM86qGvklve9hNy8sZxGcnteIZUPcycqp101eDr6U7BaHvQ0fj5Wj67G5m40lnR3AcxuDYki/2wgu6+6nWsIMnVHoyH4aUgQG1g59lsaVuYzFZ+IoFa2Cqq+UFhI50jj7uy5k+qSamXoRF8Wgljmp5nF9bQv9O1kfByeUzue5q4kPaJ+IwhuqsOEi8Obkx8QH/k64xtKzlqKST4Hl3PfnWh4RsxmOqDZewkxh5jW8Jpe1QO7rdAFasNF4H2GXB6foU0vm9h1cPSSV6rG+YqE56+k+R0DqLSjTs/jUdiwWGFGanL8cdTGuwBZExA+XCc+vBVh5XOCJEBxsWk3aqfhRf286MIJvf/43U9CpTFKpgxG9/7NTWIQatkg3JOdtQYWNswukIjB+hdSN5hsFY4sk0P6o+BnPsEuUynrIloXkZKIpBrgJGT1UbiwVIRMJjNFofZBOr/OA/d4OG+jVks8kbD/vH2fUQiKBTiJh50HU1ZIm5w8isL19MWin+2ePw6hrATsRQZTPsfdcJWUwTjsAfmMWCUcn2zUAQWOsCFIRo5vTQt9HhTbNguhhYVK0i9Z3Qg5h8al49EWkqhCPHtmu8cy77NcOeZhgV9LShAVtfTOYPX/Qh+PoHxWNnUAw3auvfCPEfFWorse0etWX2WbER3qpGE/uV6RiSuz37MGLX16LcZVX0sohvpVzHVFJMzM0EBFGbqyZ+a8dc3VBLN/5yl1d1f4NDGQjqpQ7Upq0BUQ6EDIc3hL4jqiF/Zb+1wQnAYKF4P5zL5TP08Rnrds8QZS/v4nQYbrBlOcr0rTtm7Z1tGMJ51T7gqQpOTz2JRvl4OF1Jl9appisOhW1TQ7znoLRK+48XrXwsyJ/38P6qaB7Uc9wsOHt9KG2mZ9KWNirSAcnVg2Pzqn3P2ut3xIhK7klh0E4BYZ9+JE2zi0+Vla2wj7iu0ywo7dIuejrhQiqbWLpys3SiRwYw27MtnSMEO7GUDhXKCXpD9Hq+sHgdSjwT4wuXvJRV/mcWf/nujyyHnNKbu9+3Q+fMOzEBF2CzJ4/gTMxaXI1Vcog2R9q9HlhZPHe6rMOWxJBWn1OvrpvX2//2svPs4RrfoH2UGOAWyrN3fKgQWDmG77EsPy5S7rbw==,iv:Nihe/dyJnoYjWfwktmMYLzJ5iWnv31R+Qg77Kgw8CCw=,tag:gFPT7ClRs+qDqUSABU1O5A==,type:str]",
"sops": {
"age": [
{
"recipient": "age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArM1RyTy9JbDRSZnI0aVU3\ncmNINWtDcHVUT0JYNGJjYTgrTmhXUDNaYW5zClFDYk1vYTJTeDl0WXAzcVpxK1dn\nMVphRUYyU3FZNWRHaUh1bUJHUG1xdTgKLS0tIGFETmZtR0pFdEkvd012ZGxDU2Fj\nTmh0RS9FK2dWZk9aMjdCVS9PK3B6ZUkKlben62hFFNvXEgTPZ2eIY4JKHr/4naVF\n9PaL06vwhfyaS4teHbvaFinQq2+MmGG3zAjk19qv1Hj+iWUc7HjsQA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhOUlyRjRLNWEzRGprbUs2\na01zZCs5OWxib3JYZE5GTmJLTVZCV2tzZUdvCnhsMmJQNkZiTWU4K1VWVXVmNnNo\naFpoVEg0YmtMQWJtc280OWtNWkorVFEKLS0tIGo4NU5xNC9PL1hEc0h3dml0SExz\nT0hJOVIvZ3hKRE5OMUZ6WkI1K0NMUDgK3KLDVPdqG+CoSKZaPx8Gwqae8hLPD1Cs\nXY7vTCaTpQypPOVJCv/fLzirC+3IhIJzVObTWk5fVczkrwOPX4K8uQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYeTZKUzZuUHdtU1Z1RXlH\nTWF6cGk1V2wwcTFlSVZ0Z0dFMkovNVpBZnlBCnNRZk5Sd0o5ZDd1VDFrM1JrVUZw\nMzBrNTlib0pFSUFQRDFZYUlsTE5WOW8KLS0tIERsUzJ3V3lucDN3RXdNbllyVnRv\na2VWTitmY2VFbWk0aVZqWkdzckc3RVUK966SEnwaxzBLrXLsiBtmjlsdCHdom4pi\nmwu9y+Fuks2SRAbjTBYBHQvbmAnQD5OzN0GqLWHllftfNmiF4IPWFg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3ek1Scnp4OUxva3JnbXBa\nSDczR0h5bng2OE9RblUwMUdqMUNhQi9KemtJCkZGZUUwNDJkdWVEeHdvU3grR3l2\nN0M5ODExUGk4UnRiODN6RURIYUM3T0UKLS0tIGptYXloNDQwMmpJMCs1OTBFTmI1\nTkpMcmVwcEJVQ2dwRzc4aTBzem0wa1UK5NdIMt8lmmXzBwswkK3Zb+vbz0ycICC9\noLUOMOHm+ShD0hHoyLTMAGLrgfz4c2KQqTfDC3wyaI5PQa/TVHYXuQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-03-29T14:41:58Z",
"mac": "ENC[AES256_GCM,data:xXGXtzSUKY5kMh3zEuXTuzP8POn5JJhjRozaeI91SgpMFMJxJ0fAFV5Ez3F1XOnn0sg2Tstk6f5Fcv/7x0xrgtVBxfYSPWL7tuqWTvMmD53apenrj0JNh+Dojr80FyTTl7PQuA6t5flrwt+KR09HlIm2vFOqwqXJSekaZa9y9XA=,iv:oEfEMCpMY50ArLvve3vJxupmvWTQsX2+iOQqEpFD1yc=,tag:PTlO1mP512FBxakIZjxBsA==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.9.4"
}
}

13
secrets/siyuan.env
View File

@@ -1,13 +0,0 @@
SIYUAN_ACCESS_AUTH_CODE=ENC[AES256_GCM,data:/8/nxcZ6Yo8eqOeGoAAXLzcZ,iv:bjBBXR2/vQnN4aT+vxgzOHayyJkbi8bgvGIHjGiwaAI=,tag:1FrcJ+q2Z69lvfnZlSyRlg==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGS3dJV3JpM0V5QmFwVXpH\nblFtK0lrS1NNZEFFRW4wM3JuYzhLeldKMm5rCm4yb0lvWmQwWUR5eVRtRmJkMm5a\nNUxBZlJFVGRBaGwvRUR1RVdnVVptU0kKLS0tIDZEWVVDL2habitscmE3ZVpsMTN2\nYVNrQlNic0ZBNE53Z0w5T3ZLQmM2UWcKDPj6DHWLjw7bGQV21XQnVNcAl23kcOBl\nPmM7jqVY72SVWoRSQWNthDVHU/7UioafwaPf/RSg7doWRRyR/b4enA==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuMzkvZVR0eWZESmtTYVAy\nRFlhQkpKZUM1QTdmbUY5WWVKa0sxVDJDVHcwCmNVcGw5YWhxNTZNaG5yUTcwcGhO\nS0Z1bEFIUHVCYkJiK1h1bTlPZTVKQ3cKLS0tIHptL1VuMFdrUFM2c1hDSUFGWGdm\nUCtUVmlnVDVhM05HaFFnNlRQdUlzYVEKZWQ3W5hl3+l+BIX4MPr+eu9g4mLG3/yL\nQmObP7q9ZBA5R5oElGGBI3sSRZcBRUgqu82AqHJ9F3+nBlU7liFJkQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6
sops_age__list_2__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyT25SQ010bnM1SXpjWk00\nTmlkc3V6NmpDRFVidFBCV1lYbWJzOFFobGlJCnBSeVhQWHhGY0FrN0dQeGw4V2pr\nU0tCRjZKemlNSnN6ZUZiTThDZWw4V0UKLS0tIGpXZHhNeXFwekp6WWVCdk1oNFVP\nLzFlY1MyVTRTLzRUSmRZY25rOTdtaTgKhVjEq1mwWYYVBkLJnlZF4lbcJ0JDzEJV\nNKSCZ1NYr+3C239NaF4phut/5LAZv1vSfhVsp7a/iMcO92arao6bNw==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_2__map_recipient=age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq
sops_age__list_3__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWLyt4S2tHZ0FieWd0Y2pq\nSjBYYmJWL2hCN2RNTkRPZmpTVzhnckVvRHdFCnB6VlNZc3g5d2NXVmcreTkzTlAx\nZFlHVVFYdm4zRHVPNVRRSzkyOXR0N3MKLS0tIG5iUFdBSUdodEJ5Z3E3L2Y3Qk4z\nS0ZVOEJoNkZUeEc0NThNeHhDOTF5KzgK1Ovc071egBoeH2lQJOhm5ngbu2rDcjKP\nibAhaeW3qg0GXza+TxYr1uB12arqSFfq0tl4iBr/kBuNmUxEFY/D2A==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_3__map_recipient=age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8
sops_lastmodified=2025-03-08T15:05:21Z
sops_mac=ENC[AES256_GCM,data:9AEY6o2bHCgPqvxSwwf+5K7Cdj7jV14BdnhoA+k8YeW/kD6j/F99a2YiTP5MivnDwUH7Jm1PmdB2F2UKcMgmExUmcqTnAodTlZ+5IZnNENvCRsIbtF8QbHwDsbduRvLhrITfOT68Axug+/T9c46SDKw9608FD7zAC/3XILZXqnM=,iv:qpwGAv6aXTnMW4l4kuuGeOogtRQqhywzOigP/1RaviM=,tag:hQXuLGNBgMhBchqdMlRm7w==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.9.4

14
secrets/vaultwarden.env
View File

@@ -1,14 +0,0 @@
ADMIN_TOKEN=ENC[AES256_GCM,data:w1d4chazl81k15vMjKn14ADXjxgNyxs3D4W7tXJPebrcULzXw+0=,iv:l/sujGySuvcmOh1UgL8Tpg4ENLFIlKhhhAh1xRwx+5c=,tag:IAfeV/SCzehr/URjRoyzmg==,type:str]
DATABASE_URL=ENC[AES256_GCM,data:T39yeAxPOcnoKGO6OAJ+g3cr8AZywKsTDAhJnOhc4SQMcvx0HMVJpUAn6yA4yOlAAH//kKAY5uXHqKpig9c=,iv:ONoUo52LcBZmj+wYdZYofGPeS2GtKfhlrj8IQE77VrQ=,tag:u09irmLyYcU2kHRBOp5aBA==,type:str]
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWbXhJaXMrdCtUSGRkN2Nz\ncy9WdEdsNjhZc0dsRkpyb2VMN0o4L3laeVZNCkZ5eUc5UW9TUWxzbStwUXhKUVB4\nRFBBait2OEhPQWQ2aU91UDY1Z3MrdDgKLS0tIDhVYk5hSHRDQ1hSajZvRlprVDBE\nVk9mTVRET0l4SjNGQlN4TWhyTXlsOTgKlvNA+SZxiB9zz0lAlpdtJn/QN7BlTDIl\n55+IfQDkecIJgP9iWwL57DLhwzkloL9QrGSNXOCDoryf83fxveVpoQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_0__map_recipient=age1jf5pg2x6ta8amj40xdy0stvcvrdlkwc2nrwtmkpymu0qclk0eg5qmm9kns
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4cldvb0ZrdkFvZzFIY1Yx\naVZ0MGt5ektFZW9rNHlMcVIwVXZZMFpReDFFCnByVXhwTkhMVzZ4Q0ZMeHVUSC9K\nbUhNQk5HMkRCZ3JreERmR2NyZmxUQjgKLS0tIFQ2S1dDNnllNm16YTF3UHZUZmF3\nSVBNNHNmZVZCYTdFcS9DRHpwZU04TWsK/4hqi4+zx+8tNJmla2ke4mD3jqC5vSrh\n24ymTO2ZKl1qZgcL05hBXQ/y0S08V2Mm3TTTFZkKrs96lLSexnWE7A==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_1__map_recipient=age1hpgg6psejh4y6jcdd34wxuml75fnweqpe0kh8376yqsctsfn9qxs037kk6
sops_age__list_2__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3aFZIRDFOeC8xdzlJdHNk\nUEQ4eXBjME5QOTFPVThuSWsxQzJXSHF6dWlJCnRPbjZBUVE2Q29BdWFISS9IVzhq\nT3FySXpQMnpTQUJyT3F1WFpkYlBUbU0KLS0tIFc2Y0xkVzhyWkQ0c2VoRlFmNUVp\na2NOR0JHTmQ2ek5tZ3hlNk1rekR4Z2MKGbQRJdh2fzjizpxd20e+ESY6czs1e6z4\nMab4tLLJjnONxUxjHxLDz44IuCuzh5vlL7jmNm+e0rC0RIelEVqBXQ==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_2__map_recipient=age1r0fv0tagxupfacv0aaxk5ss7sqvswv6kq8tk3x46ndqrj6f5afvqegahxq
sops_age__list_3__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLVkY3eFJHbmJFSmRha3BM\nNlZ3YU9qdFJhc0xkZ3VRWlNSVS9JelBUVXg4CmJPcFoxQnpZWCtrZFdMcmVsMENQ\nRnlaMGFiYzZyVm9Jdk9Nb3BXTXhhWmcKLS0tIG5pdVNQMUNmWmlhamFYcVlSUjNI\nZUZmczdmQkhMMnFkd3B0ZVlHWVRiakUKwXZhP/lGpbIuDbL2y7nYbweAnNH1ewwQ\nx2CB+OcFyw0elqNR9bVlvsZwElYg1ASSmHTkH+PiAhlXo76yReAk/A==\n-----END AGE ENCRYPTED FILE-----\n
sops_age__list_3__map_recipient=age1tp7th3rrv3x0l6jl76n0hjqjp223w2y586pkgr0hcjwdm254jd5shkj6a8
sops_lastmodified=2025-03-02T03:51:32Z
sops_mac=ENC[AES256_GCM,data:PDUG8KdcLG+U3FY+9qdo+EfMl3RXDdRKIguu/WHpOmgysCOwLwFXrzk1783czKFb/K9tPisIJGj0Luak9FI/4nYqE0RwfdShcw0aRQnjoWFPtNFS6YbRI8T8av2OKnvKGM4Xdmnv+ivaXpQar+reIeW9THXmKkVfmmZa01ZlJa8=,iv:t71dpAMC88KnF+EeR1ryf0UAfY4FEdxiUB8L2q1p5Tk=,tag:vwTFzv6IUEuBcZjym/eeFA==,type:str]
sops_unencrypted_suffix=_unencrypted
sops_version=3.9.4

6
vars.nix
View File

@@ -1,6 +1,6 @@
rec { rec {
username = "imxyy"; username = "ccl";
userfullname = "imxyy_soope_"; userfullname = "Allen Cai";
userdesc = userfullname; userdesc = userfullname;
useremail = "imxyy1soope1@gmail.com"; useremail = "3420934991@qq.com";
} }