From 1a64deeb894dc95e2645a75771732c6cc53a79ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Wed, 4 Oct 2023 01:35:06 +0200 Subject: Squash changes containing private information There were a lot of changes since the previous commit, but a lot of them contained personnal information about users. All thos changes got stashed into a single commit (history is kept in a different place) and private information was moved in a separate private repository --- nixops/.gitignore | 1 - nixops/.sops.yaml | 19 --- nixops/Makefile | 102 -------------- nixops/default.nix | 8 -- nixops/public_keys/Immae.pub | 322 ------------------------------------------- nixops/scripts/setup | 90 ------------ nixops/scripts/with_env | 22 --- nixops/secrets | 1 - 8 files changed, 565 deletions(-) delete mode 100644 nixops/.gitignore delete mode 100644 nixops/.sops.yaml delete mode 100644 nixops/Makefile delete mode 100644 nixops/default.nix delete mode 100644 nixops/public_keys/Immae.pub delete mode 100755 nixops/scripts/setup delete mode 100755 nixops/scripts/with_env delete mode 160000 nixops/secrets (limited to 'nixops') diff --git a/nixops/.gitignore b/nixops/.gitignore deleted file mode 100644 index 2ea467b..0000000 --- a/nixops/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/state diff --git a/nixops/.sops.yaml b/nixops/.sops.yaml deleted file mode 100644 index 04826a2..0000000 --- a/nixops/.sops.yaml +++ /dev/null @@ -1,19 +0,0 @@ -keys: - - &Immae F82806FDA1BF5B9A1B3014E7C9FCED6CA6B79454 - # obtained with: ssh-keyscan eldiron | nix-shell -p ssh-to-age --run ssh-to-age - - &eldiron age1dxr5lhvtnjssfaqpnf6qx80h8gfwkxg3tdf35m6n9wljmk7wadfs3kmahj - - &monitoring-1 age1dn4lzhgxusqrpjjnzm7w8ml39ptf326htuzmpqdqs2gg3wq7cqzqxuvx8k - - &backup-2 age1kk3nr27qu42j28mcfdag5lhq0zu2pky7gfanvne8l4z2ctevjpgskmw0sr - - &dilion age1x49n6qa0arkdpq8530s7umgm0gqkq90exv4jep97q30rfnzknpaqate06a - - &quatresaisons age1yz8u6xvh2fltvyp96ep8crce3qx4tuceyhun6pwddfe0uvcrkarscxl7e7 -creation_rules: - - path_regex: vars.yml - key_groups: - - pgp: - - *Immae - age: - - *eldiron - - *monitoring-1 - - *backup-2 - - *dilion - - *quatresaisons diff --git a/nixops/Makefile b/nixops/Makefile deleted file mode 100644 index fb9da4c..0000000 --- a/nixops/Makefile +++ /dev/null @@ -1,102 +0,0 @@ -ifndef NIXOPS_ENV_LOADED - $(error "Please load environment with direnv") -endif - -###### Current channel information -nix-info: - @version=$$(nix eval --raw nixpkgs.lib.version) && \ - mainversion=$$(echo $$version | cut -d"." -f -2) && \ - echo "https://releases.nixos.org/nixos/$$mainversion/nixos-$$version/nixexprs.tar.xz" && \ - nix-instantiate --find-file nixpkgs -.PHONY: nix-info - -###### Initial setup -setup: - ./scripts/setup -.PHONY: setup - -###### Morph regular tasks -PROFILE=/nix/var/nix/profiles/per-user/immae/morph/immaeEu -TARGET ?= -MORPH_ARGS ?= -ifdef TARGET - # multiple targets: --on="{machine1,machine2}" (works with * glob too) - override MORPH_ARGS +=--on=$(TARGET) -endif -SSH_ARGS ?= - -edit_env: - $(EDITOR) secrets/environment.nix || true - git -C secrets add environment.nix || true - git -C secrets commit -m "Edit environment.nix" environment.nix || true - -edit_vars: - sops secrets/vars.yml || true - git -C secrets add vars.yml || true - git -C secrets commit -m "Edit password for vars.yml using sops." vars.yml || true - -ssh-eldiron: - ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@eldiron $(SSH_ARGS)' - -ssh-dilion: - ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@dilion $(SSH_ARGS)' - -ssh-backup-2: - ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@backup-2 $(SSH_ARGS)' - -ssh-monitoring-1: - ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@monitoring-1 $(SSH_ARGS)' - -ssh-4c: - ./scripts/with_env bash -c 'ssh -i $$SSH_IDENTITY_FILE root@quatresaisons $(SSH_ARGS)' - -debug: - ./scripts/with_env morph build --show-trace default.nix $(MORPH_ARGS) - -build: - ./scripts/with_env morph build default.nix $(MORPH_ARGS) - -dry-run: - ./scripts/with_env morph build --dry-run default.nix $(MORPH_ARGS) - -upload: - ./scripts/with_env morph push default.nix $(MORPH_ARGS) - -deploy: - ./scripts/with_env morph deploy default.nix switch --keep-result --upload-secrets $(MORPH_ARGS) - nix-env -p $(PROFILE) --set .gcroots/default.nix - -next-boot: - ./scripts/with_env morph deploy default.nix boot --keep-result --upload-secrets $(MORPH_ARGS) - nix-env -p $(PROFILE) --set .gcroots/default.nix - -deploy-reboot: - ./scripts/with_env morph deploy default.nix boot --reboot --upload-secrets $(MORPH_ARGS) - -.PHONY: ssh-eldiron ssh-dilion ssh-monitoring-1 ssh-backup-2 debug build upload deploy deploy-reboot - -###### Cleanup generations and garbage collection -GEN ?= "+3" - -list-generations: - nix-env -p $(PROFILE) --list-generations - $(MAKE) ssh-eldiron SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --list-generations" -.PHONY: list-generations - -delete-generations: - @echo "making sure that a complete build is done before cleaning up" - $(MAKE) build MORPH_ARGS=--keep-result - nix-env -p $(PROFILE) --delete-generations $(GEN) - $(MAKE) ssh-eldiron SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)" - $(MAKE) ssh-dilion SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)" - $(MAKE) ssh-backup-2 SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)" - $(MAKE) ssh-monitoring-1 SSH_ARGS="nix-env -p /nix/var/nix/profiles/system --delete-generations $(GEN)" -.PHONY: delete-generations - -cleanup: delete-generations - nix-store --gc - $(MAKE) ssh-eldiron SSH_ARGS="nix-store --gc" - $(MAKE) ssh-dilion SSH_ARGS="nix-store --gc" - $(MAKE) ssh-backup-2 SSH_ARGS="nix-store --gc" - $(MAKE) ssh-monitoring-1 SSH_ARGS="nix-store --gc" -.PHONY: cleanup diff --git a/nixops/default.nix b/nixops/default.nix deleted file mode 100644 index 1241443..0000000 --- a/nixops/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ - dilion = import ../modules/private/system/dilion.nix; - eldiron = import ../modules/private/system/eldiron.nix; - backup-2 = import ../modules/private/system/backup-2.nix; - monitoring-1 = import ../modules/private/system/monitoring-1.nix; - - quatresaisons = import ../modules/private/system/quatresaisons.nix; -} diff --git a/nixops/public_keys/Immae.pub b/nixops/public_keys/Immae.pub deleted file mode 100644 index dd42b04..0000000 --- a/nixops/public_keys/Immae.pub +++ /dev/null @@ -1,322 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBFvwA+gBEADlchQGPyI2M9RNRUsk8wsL9XLc8qAFWTYlVp5p7177ucxTQf6S -rny9yRCF69UqtE0ugwt+432sAAsDPi7BRA/JE95bIRBiewOiY1jYiivccP5dR6Jr -58HJ3QOHYPekqZIQhxzCWjdD2nRhhCbbxeWFJsJyaG8idGBiLkgNKxEEmqE5LIat -tzMpQFwOpL2FoYZ7+e4ZTMc+x+yqpOnGcQD1qwouqx68okSCjrVBWo5S2tK5AzzU -X8esBLNpgkhpUEZVltiNc4bmj7GZPdy4+mvS33/HQTed8YpatCFVWzcK+/uK0SYE -P8Hj1mguT9idBhAf+kv7qbTycrFkTBliP3oDNUoARWDmfQdV4nlxqW03QxUY18mL -KPByduK3hEXAZnD+/8QfVzbNVVP+70/jdSB+ckF88Li2g4bv/9uqjaObKVJB9ocG -EWslm1h7tvdCLBRgIl8b2+Zl0fComRAMuwUr+LYlWLnfygAi8Uy9hl7UcRWAAj99 -PG4ba0+y8eD8k1J2IE8HpeIzMzRwYTLtvLyJBvrKiQHJb1PGM5cS8iry81wjUPZm -dO5p5rbC8z99w7UNMaiz6iqAFAaDyLLsBZ5gWD+1ps9XxCA0zf28Z/Tc/Gj4QKAf -kpMd7lQ+gprsFyRtzcRD4WhsOL2ogKYFHYi4LE0GYduspGdQPlK/YfrKQwARAQAB -tB9Jc21hZWwgQm91eWEgPGlzbWFlbEBib3V5YS5vcmc+iQJRBBMBCAA7AhsDBQsJ -CAcCBhUKCQgLAgQWAgMBAh4BAheAFiEE+CgG/aG/W5obMBTnyfztbKa3lFQFAlvw -BU4CGQEACgkQyfztbKa3lFR/kA//cHVrb/RRTLQZy514vMkOBKgAk+dj+j0lrgvJ -yR0JK1KjodduSoccPq7qRFAU+KVa3FsXMn8yY/lWaCXYJoF0DT5iEHsEuzJRc7Cn -N4aq2h42DD7z8dJCXZvtvJs+vZ7G/rlLl322TjLb2OyIybBEoPOmJl0dVG0wKBFC -r7EJmOKl3ytUWUpEbuxs1U/pP4GKrPT2CK3QcLF8JHKIPkEO347RorseeHcHhMxs -Bz5JXojts1NyLJh7lErT42atgEdTGzSmkkGm8OifZVIH2rgmnRsPHnCqrXYsa7dE -yPsC01Ns3DPYk4C5FtbpfiNvATbnkOicEwb2U55OpYUZLsFCKo7Bl+duJVY0nPRN -WiLCALPcdJL+a6hbh1hSuqHt5eNGxyrDtRPowXRTS1D4nTCgAh6+wpH47xXWEwXZ -mEnkXqHLIjsW4CSIz2gc+Bza40+wkWz6NQDEb3ncytDZu9vKK1CYwl7RGW4RFkAO -j3FWZvZp8ETPLNRVy64BhZzHY3uOxbYreE+T6JfiIZux8X+Bh4cPJHizfhSMLLS5 -kwABzalaTD33XnjKn5wQ/DfGJ+fGbF54fMlGFjne5VTNwY1ju2ieXTgVrUyzfKPF -96zcvnxo/MWwqcQ8+dXFCZjldP76puo1eVATEBeOCQs8Vj7eL9eN/eo+BfzhS3S8 -CfFFYWeIXQQQEQIAHRYhBNw4R0hwnSYZ/yhnIW0Mr/3bHP6QBQJb8AgDAAoJEG0M -r/3bHP6Q/TsAnA6vTjmrX4nY3QnevNrKefWaQvf3AJ0TALTqXhTcVYVLxfzRt/Qd -u5W2/rQvSXNtYWVsIEJvdXlhIChXb3JrKSA8aXNtYWVsLmJvdXlhQGZyZXRsaW5r -LmNvbT6JAk4EEwEIADgWIQT4KAb9ob9bmhswFOfJ/O1spreUVAUCW/AFCwIbAwUL -CQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRDJ/O1spreUVKlBD/sE/eDbJtL8UKc6 -CN7zmA038RSjxlcJrMRoBoThCFKOFtBsYLPebnIkzCDiUwQJaIMYe2RNBHKKz0p+ -2Kvzf7q+xq8W1e72aK1DRhsBTL8/LA1kQkvh3GwMS8z3SOcbXLWqKQuQ7ztYReQG -wsT2/S8reVM96eV67K9vMHKMDF3NyYZewahX0I44YIbQJfLVG5elCkBrfHjGSeIt -tSAv56BhN8J8ky+9nGx5jwWmxc/4Oquyfe9Lf0NMTCjw1xess7UoHlzSMp57yF3T -AaqDcqD2Jdgr2meN9Yo4/Yb9dEvHFy34ppXYanX1nrHGev7YaaQWLoKLVZc3f6gR -+D7sEJUJm3IxO041CR7DBwQ1CQkx3sa66mcHxe+wchOoXBZdsqyl5Ds+zqh6eMyO -UiixDcXDxZuimEY0/+7XjlFjtzhGVNKsjV/Azh+Hx3GZnGHMVpTw73qQFHkWeDrX -FPUbinjtEVTxw0fS9PkDZB5ysgAWlXs2cqoNDMcbdyJn2xszbV5+vjlmcofsQZTr -PiX+hB6P5RQP5ogtnotvbkPDSfPfqdUk5HjGFrGX08FoP4rCromHvSL6Un2lP4I2 -mJbbQzBU/bQUGzfz6U6VEbUHtOL+7woGuXuzTYsRZ/O7/fKohyi/+qsmOozQpLFN -k5xocbF1PgpFphrKYpHaSkf6DS2/F4hdBBARAgAdFiEE3DhHSHCdJhn/KGchbQyv -/dsc/pAFAlvwCAQACgkQbQyv/dsc/pDXWACeKMbL/Dtifpd466TqQP8isfWedtIA -n2xbEmlpxG8yk0w4HQ4djwgY4RbutCpJc21hZWwgQm91eWEgPGlzbWFlbC5ib3V5 -YUBub3JtYWxlc3VwLm9yZz6JAk4EEwEIADgWIQT4KAb9ob9bmhswFOfJ/O1spreU -VAUCW/AEawIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRDJ/O1spreUVMGJ -EAC5hKt5NCanRxEl13nQUu4+n05tdRl9C3sTczR8EUZ30zhpBV4chKgeJSD0r1VA -zBSQHMNzroGawaQn38qxFtbcSmkGRDd+0y798x1HFHp+UFiYOdQDQJVsyDuwjq4k -RF7zV+FBj0ffjn5JBy6R3wLmWCFxz1mPmkImdyyS8GEeifwTftC+SSotqfg1lh0K -C+DSQGYtPk0jLvxVPRllnjltDOSPUt9xRE785I6E9oyYrCa5Om51e0eEMzwpkl4e -QschAYILb6SNrVyEMRD5E3lJHD2r6dPvIPFNcLxIQuK/Kdco2jNq7dCL6ukdGI40 -j/oZi7XRrlFCQW321BuipJZ/7t9JWOXOrrEndQv+hOb6PeWkwF1rigjbQq+IipdJ -DUXGBfiIzlpJM5tLhs7BGfLxYNn09rOpkotXrdBzRO62lYyRdQepKpD33v96bQV2 -0w64U44+CxuicjGDw/6no54LY4J7bM1lLGwqvHSeqgYoc+Zs9WH95TNNSmaAHGSf -An4LpzW5nOXbq2rsWVbZpvsVHz3VmC9qmpsYl5tT/ninkLta3tN6TrYUFHXcDWz9 -K+HW+/oARzEmN8eg3iMmWtOnV59YEr/x2vvOHndguUL0tUpRjwuTunH9KOGZE0Kb -uI3ovgLLO2kCSGk4SdXlntu/eLq9FPYqlOpjM9CtLf9JdIhdBBARAgAdFiEE3DhH -SHCdJhn/KGchbQyv/dsc/pAFAlvwCAQACgkQbQyv/dsc/pCHCQCfdPdGx0FmknAs -rPvjuUmuCj9Q8xUAn32dsgQYTlgfTdwLSxWGj4mTD2h6tClJc21hZWwgQm91eWEg -PGJvdXlhQHBoYXJlLm5vcm1hbGVzdXAub3JnPokCTgQTAQgAOBYhBPgoBv2hv1ua -GzAU58n87Wymt5RUBQJb8ASdAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJ -EMn87Wymt5RU58QQALMGlOJzcQj/arHezum5H/PiYIpZ1yY+QMCzpSgPdwupwawW -VN88aQRfU6k9xwmsU+Ghjreja09AuqYi/D2+61TM/Tmqi/9HdU6NRYw0hvaZnwFc -vudFBII2XrxmU5k9PnSR6Sq4uLUGkXmvhJddV0q+cjtif+vDi5pl9mqbWBQY8d9S -5Q6ZFZPeEeASUK7Xt/tSq9iXpb1tQsmEJ94Czl5G+gNFJcqj7nlHQ1/c9XeNsvJT -GZVLGM/cAZNzB6AC8Kz+iWUypFuXifC2PYGpJDJ8klqTmDQikGQtM1HMHda6rnwU -L7JIfbuwGbMk65CtG2YE8QqB+/GIfkzWySenmIrldn9Vp5EKB0DD529TyOwQWgzz -+HuVP/4QfkNRxNquWxlAPXmcNfV1SV+/Xn1KwSspb7QlAjiXXOL13J2dwYFpV+21 -vsSW5XqJXfWUU8d4YVOdq1kUTwLjWnWyxwtt8j68KSuTOT4JTA8oNXg87r0B4Fzr -6AoxCM8ePywm5IW55gNAwViTKWBAcNrcwRTP647oNOM5+8D7NZIBpnKffNc/S2S5 -iI1tmaM0yXavmCm0Hb7lkFIsxM2Y2lxwHexPck2ftPXIrjhPYLcFVBdLVx2V2yXe -cFW2vMGZiasVobFqqp1g8htmAlTkN0cTDY7l96wDuirC6OeCbVomEgxQEd0MiF0E -EBECAB0WIQTcOEdIcJ0mGf8oZyFtDK/92xz+kAUCW/AIBAAKCRBtDK/92xz+kHsv -AJ4+zdfjTdO1FUWb42bWdPQfiFe9nACeMIRp1Iu3tNVJkfS9CGGqhrChpfu0LUlz -bWFlbCBCb3V5YSA8aXNtYWVsLmJvdXlhLjA2QG5vcm1hbGVzdXAub3JnPokCTgQT -AQgAOBYhBPgoBv2hv1uaGzAU58n87Wymt5RUBQJb8ASsAhsDBQsJCAcCBhUKCQgL -AgQWAgMBAh4BAheAAAoJEMn87Wymt5RUxa8P/i7zdQ9i5BfWITbdyCgXNoQYIcE3 -J6lIa15eLUcfDcL707zOrUSbhSkthLjeqZoNRCalqjeDOdgCQC1PNoISdkMGd9PO -VOwS3G7Pjt4FSjPVHyw9+Su57pwTcLXBhEyBAkv+tx/QrB/UBCFzPUnsl71QH51y -T8+bNdOiBxssdgn/9IrObn7tu8xDf+d/yGsA493x+mxalai+fhd/t0yzQcdcTrvD -EKRxAaU8wXe8oSwcW5cRmXIi+N4aEnLRO/so9YDGf4z2FQVSL0ktoZYMqZ1ZvIb0 -MNCNl2NgNXThhrAPk9Rhs+S5nRzazJ+tS+D2S728EPpRHpUE43+vewtCdu5c5NWd -Lz88o/jxLwcNwQa2iJoFMyqr15lHt+vM7OyD9X650IJwQw24n4tF6TijzH5GhWcN -SnB7RpLSkftQldpK/zK+tmFH4vVpv+bI3JKAfzRga+5Fu42kB5uHVzXF3qMwYgEO -sRNL5d4xV4SATce1mb8vFpsQmGOWnZAcCaQYhLKfMl7zR5ukytTjf3hRMRH0GAjh -06QAoBMJZhWosYehPi1odjTngIf6hFOqA5prz8Cu/AFe/8aftp9UorJOekAj2io0 -CENRv21qrN8R4bNo04aTMD6WrY+mBL8MteR0ooD3ENQEAZ6UUyZwTzUJk2UUl+5M -ch/HgJ+rQozmRGYeiF0EEBECAB0WIQTcOEdIcJ0mGf8oZyFtDK/92xz+kAUCW/AI -BAAKCRBtDK/92xz+kPsmAJ4wGQ0Hly2eTVzsU8Ht4609Q5kf2wCdHGuu863a0GHv -uUdEokzQEsumYPG0OElzbWFlbCBCb3V5YSAoRG9uJ3QgY29udGFjdCBtZSB0aGVy -ZSkgPGlfYm91eWFAeWFob28uZnI+iQJOBBMBCAA4FiEE+CgG/aG/W5obMBTnyfzt -bKa3lFQFAlvwBMkCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQyfztbKa3 -lFQTlxAAjbuDy3prdEBNMYfi/870MO5eeDOCMtiDJDae4fQjj2NANjeuDGNP659B -/k9uS7o5nrWB7E6rdG4a1J+Qzj5I775xTP/zVbrNSchcLwSoHMMXBm2IdbIanCX0 -JX+dRg2YX6yX+6ZmL8UaWRVICQ84ZxGtYHZ8o8hMCFOuxFklNjYFEPciO9M9m+rv -fUEihQgcBF7+x9KVntlxad61Aa9AzUJLULgY3snaZK687tHUq3yYwXpF9s1CuJ81 -SfZxH32dKqy+2cpJqwQ38BZrTUwjBxxIMR5TRC7h/O9aRIBKQZKlpLcmxWPv18i7 -DwWlrJVb2Sd2WUh+TwPNa7VQc3NjlGtu74SfZqmirE0FyuB86fnsQaF8zhJnRsqE -lagnLoW24PCvc8A9TK95tj+0JO8DIeM49Gg+Br/NBtRB8q5q/ICJOREber6Ke+/I -p90q5VkZafIgeuO+EkyQ6Dq+58NRqC2qEs209xnKOd6exxT+2tEzx6Hy0PKwaay3 -h8WzUamJOTqRv1WG4GmlCeRUQGx8BtdIAEMdww26cN8rmxh5Foh5CH+V75bcybkv -yH+FBDoKFYSpEPg0axHM/e13/nujgLNnSTHuMf7ILvpwoNkkIcQwSpH17B5hZdgl -y0xD7aIS5XU9OoP9mKs1unzUKerWQWY6CxgYOqpssyDTUG+fohuIXQQQEQIAHRYh -BNw4R0hwnSYZ/yhnIW0Mr/3bHP6QBQJb8AgEAAoJEG0Mr/3bHP6QFPAAn3DbFqHo -hjznqQvg15QjlGFaPJaaAJ4ps0+VWG9BN7UBQPG+fcCRwqLaVLQ0SXNtYWVsIEJv -dXlhIChEb24ndCBjb250YWN0IG1lIHRoZXJlKSA8Ym91eWFAa3RoLnNlPokCTgQT -AQgAOBYhBPgoBv2hv1uaGzAU58n87Wymt5RUBQJb8ATfAhsDBQsJCAcCBhUKCQgL -AgQWAgMBAh4BAheAAAoJEMn87Wymt5RU2vAP/12b6S0yJdZ1rgNLj+ZohY36PhCm -30/amkGPQp7HCBylYIRv+y5m4IdiqynzJoap547cFMWNsCyfyU2VKbcy1Uy44FCI -PCUcBME95jD1JWviINDKqLhglciKlJnWUhupiolqFcr2ro+rJVc/fBMWJoBjM5fJ -9eq1ge2LxuYKbu9cpSEtopk7ZBeo69khhrFACdZEqfJtW4qp0hEC0pAKLjN8LhpQ -EEVcq4zejksB+1e1qkuJ6be3/Q2Sj+1ijaJBElJIVJ8qyYs9XSlTlUA1USfy3Yqu -jOkFrIaycxYgKooFgwYfYXCniuqXWZ2geCm2IE90lanQC2w7ZDN/JGwwVuAFVi4H -Mrx6x/yEreqy2AUMesB1eGxqQQG9cgssMLoMAN2IDDJ6FS+e0imWTTMZ6r3ou9W8 -+pFzSIT8LMnBNwp+RxrW3QzBs8sXDw5mS6WroiZMRlfJdA1sUPsrW0GV4/AFuEaK -PhCUvIvoh6zxYR0lA/gYqtszCHGzHeNLoczOhytUZM+KQpOtO3TSING/+o59HHuM -niD6k3mWcyk6MkSgIXquJRGUVGVFeLGlXXf7aWEkIOrXeqjBZpBchZUIxZfkg100 -xxmEgNVGG4vxB/UIGeVqV2S4JscJmCyDGs130nRp7Qp5YGfkaTLKyOdutssrqatP -m5Zcjl2VGr4Xt4uXiF0EEBECAB0WIQTcOEdIcJ0mGf8oZyFtDK/92xz+kAUCW/AI -BAAKCRBtDK/92xz+kEViAJ9zBTPNNTYIxPxt8BEvb3pUDeZkiQCffsDGKi7kdlTj -oZ26K7yxdjexaYS0OUlzbWFlbCBCb3V5YSAoRG9uJ3QgY29udGFjdCBtZSB0aGVy -ZSkgPGJvdXlhQG1lY2gua3RoLnNlPokCTgQTAQgAOBYhBPgoBv2hv1uaGzAU58n8 -7Wymt5RUBQJb8ATwAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEMn87Wym -t5RUIzgP/0/7+y7UOgj4Yja6Lwa+Lm7ESRZnbVmR1ERSAa9RKKr8BbPT4KhgwN2R -x8c3CedFupS02sG1G57u+4qQbEeZylaMu6rusf/XyQ+esh06cRXfR7Vb2d14yFQg -xun9PgPR7jL0RiU2fsgvF6O+u9KwnGRmABZXILDBxzGZBXKBIkmqBM8+rBkXFVWc -gezZqD106KcuGewciuWM7bfyLj+2yV9GhvX8iRyptgkx9/CNEdOqQzKYEbXVTSkh -tUW4QUmNnIiTnD/pZ4kr3UsQV6y0GC1kf9G5EeQHbD+kVROFM0/sX6qGn99IeC+j -96MflMnKuXJeXjlxNFZIYPoolBAC7CvpRfdky5q0KB2xWh+x2jQbn3fPpa6lVZdQ -De14guXdcEsj1QVUMRL3wFCDwHIsi3gqOpCHdy5GmunFRNqUWmoGU+uHt3Kk031w -DJdQY4YP+8tFWLPG3vKoPSf5EcG2Mf0hZiWiiIAX8sVw13W+oDlAQ0HKah/uxV77 -gM2ScBiiiOr92JIf3ftq2AjMuzrGhpKME/wG2DdcOqmq7U+tcVbambSc7SVa5nTM -JXm8ZPOSH0Fax1PULPd3pyLLhfF0rnPiDLcVa6UzG1MaSJiGBurIf3D3OCHRjQQ6 -kVpF9VtXhWeziV8wkyt66HNcuqUs6HDBNkpxPTNacKcZmW8J/FlaiF0EEBECAB0W -IQTcOEdIcJ0mGf8oZyFtDK/92xz+kAUCW/AIBAAKCRBtDK/92xz+kKOiAJ4shO9b -nZ2Nx9XzBBg4C0nUl05LyQCbBpk7t2NIPMKaNtjsPb+RV5HbiQa0O0lzbWFlbCBC -b3V5YSAoRG9uJ3QgY29udGFjdCBtZSB0aGVyZSkgPGlzbWFlbC5ib3V5YUBlbnMu -ZnI+iQJOBBMBCAA4FiEE+CgG/aG/W5obMBTnyfztbKa3lFQFAlvwBZYCGwMFCwkI -BwIGFQoJCAsCBBYCAwECHgECF4AACgkQyfztbKa3lFRK1w//cqsweiuXGPepyn0t -AL/S/scM6r9IwcjD3HrZqmUNSDAqU6PJ0FFialOPuSQIyEvrpY1GL+TiVtnYyAit -sbotxNxNQFwiBvqchg6xd1ftpjJihuo7RysNdSNAnlOxFlEz9X+EGkRqq8rCTpoS -GA9+4uFyFKzfv9CDg7YUVX5GVsE3bsPWymfCW1boW0TQyL7xNrDPfzKpVRHFu7hi -5OghiTbHbifmIolj5Mo0hGuXxz26gFzrufCjgxK9ycW7LnHEnnK0zX8Qfueir8RV -EisuAXtKILgS5mmOj0ywsrva4Qtf5JW5SKymhgsKCWskfz0lq6S6ceIKaYBr4Syk -0MLI82M0zDfGlLuRP6yQ3DTiTC4lWfXHdjyd0w4SwcuAQPCWz34gtUEGfMTyrd6O -le6pYreL1NPzd/NakYsR1H1fsXVJkgpESktoDIkzooLmBV6Pjr+PEt4DvPZYqgKl -AyD+aZeZ5HlTZCLbN9O38nDttWdAvsGjq82qvNI8A/d2Vvz4L1ND6NT71+wtC2QT -a95epSBD64l/JtK99SW/HjLjyvV9O+Nu2p8ESTOEaQhyIudnWYU+er+Vwy7YtLvY -y8L9/Xu9KvlBMjHBXAAV047KwkIQNrNyoTla5yQFSpv57hFYbx5CKTprpsl9Ic4v -uPjC/GMgkAJ3yTwIgxa47hgUAtKIXQQQEQIAHRYhBNw4R0hwnSYZ/yhnIW0Mr/3b -HP6QBQJb8AgEAAoJEG0Mr/3bHP6QyCcAnRuTQIMOpwxbyzjj+t0C9GdNJYmGAJ9v -5c5kvNCFiJAFCbUD4OxJBNA28rQ9SXNtYWVsIEJvdXlhIChEb24ndCBjb250YWN0 -IG1lIHRoZXJlKSA8Ym91eWFAbWF0aC5qdXNzaWV1LmZyPokCTgQTAQgAOBYhBPgo -Bv2hv1uaGzAU58n87Wymt5RUBQJb8AW0AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4B -AheAAAoJEMn87Wymt5RUaT8P/2OvKAfgqu0zQX0JhKu/wd9AATVmLa8C48JPQMUn -5Z9dQyDcFyKKfKbGCz9B5jTOrzHNX0VJfpDujOTiPIk6ci0KqAJ3Fz0gdpxIcEoW -B2zg0nwDtGHsGMX8togpcbVgKqblp0XSsMAFV2FN5PsAnxkqdXPDmZ5iZSgs9roi -9nxHPavbcr1cSAjsiRoFxFudzo7Q0Z/KLRlTuTSAX6B+vRAeyRB4NcXThKYZlAi6 -cr+xXTvPFddiQZgVBT+ICZRQY0gwgHpQcj70fNx1w6tTHfThlxInojKGlreOZov9 -A4TVeex/QagVTsjRAQuZ9yLMkx7JxakAxBPZ/OHuv7/K1Qdx90AJ8zQZ6uOXpUNl -c2MDEBoTI/nbsgMeHI/Mj4ndxCBUMperZ1oCITl+AhaqEZ+LxTKyne41YJedlqjc -5xnUVigz4ajmZPYmbO6eRDxisx4fMG7hI2HnNWak2xBDVOp1z2aqZY0xsG7o697d -I9BeR9JxbIusx0Szq6GabwI5beEI1xLlT333Fe3XDtT0NIQQvW9byuYuyfp7H6Xm -hFj2ut7jVI9xG932sJ8ioRJGCK1UcGYEL0ei4YZRv+mVysEJFjki2nlxspnG4C/V -Q20jXnLAXOpKLiStkNJ15WsnzeoL4eq0AUOYMMmYKAquXXgpVs+xUDv6XathWA2v -oZkAiF0EEBECAB0WIQTcOEdIcJ0mGf8oZyFtDK/92xz+kAUCW/AIBAAKCRBtDK/9 -2xz+kEBpAJ4x7hASmdnDcyFGTyuRHj6NwsDtNwCfRVfqoiRcGmvDRA8U25cPk5XT -ZYTRzlXOUwEQAAEBAAAAAAAAAAAAAAAA/9j/4AAQSkZJRgABAQEASABIAAD/2wBD -AAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcp -LDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIy -MjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCACMAG4D -AREAAhEBAxEB/8QAHAAAAgIDAQEAAAAAAAAAAAAABgcEBQACAwEI/8QAQhAAAQIE -BAIGBgYIBwEAAAAAAQIDAAQFEQYSITFBURMUImFxsQcjMoGRwUJDUmJjchUlNTaC -odHwFiYzc4OS4bL/xAAZAQADAQEBAAAAAAAAAAAAAAAAAQIDBAX/xAAgEQEBAAID -AQEBAQEBAAAAAAAAAQIRAyExQRJREyIy/9oADAMBAAIRAxEAPwB2JHaECEjiPGA4 -6GA3kMMgDy8AZAGQAp8XD/Nc5+VP/wAiJT9GeBv3e/5VQ4cEu8M3sAZAGQBFT7Qh -JSOUBt4DZYww8O0AeQB5cc4AgzNXk5dfRh1Dj1r9Ghab/wAzpE3KQFdiSotTGIph -4trQFpAFyDwtwjO8mqqYbHeByDQNCD61R0jTGyzcTrQmigyAMsYAyxgCtTNt5hqI -SUnrKOYgN06yjnCVtnWUc4BtyenmWGVuurSlttJUpR2AGpMGyKbEHpZm3ulapLSW -GTcIdWm6yOZ1sIj92q0Cf8UVp2Y6b9IOIVtZkkD366xOzkjujFc83mROKZcCjc9M -kE/1hbV+Yq1VhC3TkUEKvcWNxE6UY3o4xKpueVIuKGRaSoWO5GsXhdXSM59Nhucb -cbStJFlAEeEa7Q26yj7UPdJ71pv7Qhboedab+0Iexsu2p2ZuD0sJltZom5gkEuaQ -jldxMPkZuk0gW2E05cetgIvfSJihZY/RcvODKpXr0NntKA4HkCeHdEWrkLBc67fK -EoF+Khc/CEuMYZn5tYyMFwX0KQRbwtCtkXMbUk4eqBKgpC9eYN4n9xf+Vczh+fYv -maUoDUHlD/cF47EmlTz0hPtFalsrQsdoGxtx1hs7DpolaTO5JZl7sdHmZPNKbAjx -Fx7jFY34ys+rcl4/XGL0jbVQmODpgsG2JD/F1UVIVqmRKgcT8YbNcy8qOrqO/ZiL -6uRLTKAU8WGloF/A3WpgUqjTc8gjOy0Si+2bYQr1C9pAzM469NOuKdUpxxRN766x -LUXYWw6mYbEw+m9zpeMc8/kdPHh/THp9LaYQAlCR4CMvXRNLASSCbqSOUGha0ekW -ym2QW8INBRVbCkjUJJ1BbCHCLpcA1SeBiscrEZ4ygLD1XmaFXUNzCypcutSSgnTX -Q2jbf2OTLH5TvkHGpuVbfTey0hWpvvHRjdxzWdrJiXSraHRi1cZQlVjDhUFGqNgX -zDaCxAtpjgepRcHFMQvHxaNIzUoG30YF/Cl9JM0sYVW2nNZb6EqI5an5ROXgw9LX -DEiieniVpBCNLGMuTLUdPHNmzTpdEu2lKUgJHARzW9uqToQy1iBDhpRtaKJ4bFO0 -A+oTygLxKiXxS2WMSqWNFGyzaN8L/wAuXlnY9whWn2qX0SyS2k3bJ5co14/45uXX -pjYYnOvpcUdcpt/KNazxaVWotys8W1HWwMBX0s0yM8sWyDbTtCK2z0ZNBys0INPO -thwIsRmEQ0x8XLEzLimhBfazBNvaEJfwtMeU0PYXnCVIOSzicqrm4MK+Fj6XeBmg -3LuuH2s9o5+V2cRgsz7DashKlHiEi8YadMqwYr9NS4lourSs8FIMVoerxDzTiLg7 -xW4WkWZqkhK9mYm2m1HYKO8IIipyXmFXYeQsDkYiztW+iwxmwheJAyDYrQlV78yY -34/HNy+jOkUZCqQyEzLbRCbZSNY6OOfXHyW0Y4TXK0lp1ExNt3Uq4+EXU49K3Eja -ahVS/LTSMmQJhwspuhRc20nUz7dvGIDZmYbWq6ZtKtDteAK1AeW0XElwoG6glRA9 -8JfTkp7MhSOnGoI3MTlLpWNm44YdkhKiYlr3UHLE8zaObO7jswx1dLadROyqkplz -kSsi6xwiJZb231Z4i081l0zJnnAgIUOg49IL8deWusVlMNdFj/pvsZ0guO0txbg9 -Yi4FuNoz1dKvoPrM1WOtN9Tlm3hm7YNiUjgf75ReEx13U5/rf/MWtPdmzNOMvNhS -Uq7DgTa45wrZL0NWzsP4ukutYokg3bpFNpzC17gE8PCNuPxy8vq1ammGWg31lQt9 -wxvjLI5rd1IYdMySJdb7pG/RsqV8orsumrs0GHC286+2sbpUyoHygLcQQhpSkHKk -gnlFMqaOHZdkUI2Zb9k/RETV4+L2ntNijpSEJtk2AhxfwAzbTIdc9UjQn6IgjOg8 -ASlaW1fTQ352J1jhynseljd2X+ixltuYbGZIULcYjTqk6Y9KtMsKUEITpuBBelad -6SvNT1FI02EOeM/XPqMu+c/RpUR3awo0+OqZZtkWQkCFpNnSfhuiSk3PzFYdZSp6 -XXkaWe5JGngSfjHXwzp53PQfOPFM1Mg7dKoD4x0uQZejxZWzM34OfKFVYIGMr/pw -AH6seZhxOXoClnCpSQf71gSbmHf2D/CYmrx8XdO/Y6b75YIv4AZ0WcdP3j5xTOl7 -UOtMYkPS3U0U5m1HdQO49x090cvLjJt18Wdup/BfSpglsDhHNvT0ML0ytTWVlCm5 -hKXG1ZshTmze6FO7s8spEalVqeZQ+2uUzIOqFIQRvwsdovxHqdKz6lqz5wHL9pGX -KbRF3LtpLPE1+ZyIzngLxU7RnlqC7CssZfDDeY3W6OkV4nWO3jx1HmZ5fqlhU05a -g+k8XFecbRz0aejtIS3M2+2PKFkrBExgi9bB/DHmYIWfpdygs4k+ECThw5rQP4TC -q8fF1TtaQm/2YS/gAqH+o9+Y+cUyoWxNklaVIzJSi/WVoJ2Psgxjyzrpvw3vtrSZ -4XzZzkWNDyMcWUehhk7Lpk7Jzhf6wtTLlipIAKx/FBLNaaY49rlpMsWdVzpNtgtO -/wAItprP+xBNPmUTInFzDnQJUAlpdlFPffv5RGV+M8vfXs9N5gWxYlZypHO8XxY7 -sjDlz1jaaVDFsPsDk2PKO5wTwqKwgmpPH8Q+cWxo09HySG5m/wBseULJeCNjAE1Z -On0PmYIMi8ZFn0i0NmbeGz+oB+U+cTWmPi6p6gqlAjbLCXPC2xDPJpsnOTa05g1m -OUfSN9BDt0zk3dF+1XprF9BmGX5Zlhlp3MwpBJUVW1uT7o5+XPVjq4uP1UyFWXIu -dXfAQ6g+0rYjmIzuP67jWZfnqmXR6tIz8olsrvbTX+sYXCyujDOWLhFNkmLv5la8 -OkNoeulb0HazX2ULLSVZGxcbjwiphazyzkQKMtycfdnHgRlA6FJ5Hj746+HCTtwc -/JbdHNQ1ZqAyfwx5RpU4+FnUtZ5/T6xXnF7ZaGGBT6t8Wt2h5Qsl4oWK1XrOX8MH -+ZggsLmUN3UlXdDZG5hz9hC3IxFaY+Leln9Tp/LAv4RnpEqahUxIJPqkErcAO5US -Nfd5wqWE+oWFZNtmTYlEG6bE35m+scXLv9Xbv4pNPK9hhbt1JbVobpUOELDPR54b -DDTlTo7pBbK0g7jjGu8cmWssVpMY3qEzLpl0srFhYgA3I+EKYRV5MrHeh0KerlVQ -/UG1NSvtKSrQqHL3w8spjOk443K9iOj1aVqU3PBgpSQuyUfdT2QR3aCOnj6mnLyz -vZyUD93mf9sRVGPhbz6gZ18X+tV5xWmWxfgdeZDwtqFfKFkvFVYxWUV5JHFr5wQZ -eoLHo+m21AmbR/1/9hbT+aNqVTHKdTjLqWFGxFwIVVjNRS1fGdOwpTTJqUJufCbB -hs6A/ePDw3hKkIGqzj9QemZ15RW46orUfE/KBUTqDVxITjZevkvfSMuTj/U6bcef -5vZryjrM3LocQpK0LFwRqDHJZ/XXL9jSYpjDuvRI8csJSKaWhBu20gHnYQi1GPI6 -tJulBAWoGyu+KhXwmqa9N0esKbKih9lw5rbf2fIx3Y3fccOWPyvqHB861UsKyr7S -hZaMqkj6KhoR/fdFbZya6QH8DtPPrdM04CtRVaw4xX6R+FrQ6EmilwJeU4Fm/agt -2cx0gV3DT1WqImEzCUAIy2y34wbFxBLWO6iUlSsgA3JhaR+rVZW/SJVJ1gyss6WE -EWWtGi1DlfgPCE0k/oEecU4sklVz3wKQ7WcUyq2VYJT8x84DaS4DjRaX7aNP/YAJ -sK4lVRpoSk8SZN09le/Rq5+HMRjycf67nrbj5Pz1fDWllNzDCXEKStChdKkm4UOY -jm18rp3/AB4tnXQQtK2qag2S6G+65gKlJWQhzFs84kdkry+8C0dfF/5cvJ6JMO4w -qeHWnGpZ31CiFKbUnMkm1r24HbaNWFgrlPSS/NKQkvNt3PaJJ0hzSLL8HWHKoupv -qzPBxNgRlMOyQsbbe0bEdZnqbUQ1LrbyFN+2qx3hyDLLVJWamweyDoNkxC5jpXrW -V7QG4lRO1r84DR5hpbqUqSrK4ghST3/0gPTmhwOuIeQLH2VjlASUUh1JSRfXUQGn -UrGUzhR9ptbinZZau00o3FufcfD+cRlhMl48lxNuk12RrcqJiTdC08Qd0+Mc2WNl -1XVjlMpuK/EU+mlyz02QCVdlNzbW0TMbbpWVkm6S70+/1t0hpokqvmNySd47ccZJ -pw223bnKTU4mdbadc6Rp0ELSRsddRDSnq6RhwkXAuFAwGJsLYvn8NzqX2CHWFH1j -K9ljuPA98BWbG9dqTGJ52Vnqcq7a2LqSrQoObVJ74ueMMuqVSlG+u8Q6HNSiIA8J -SdYA8NucAQVlUrNlxKFKbXbOEi5B52hBKXMC3qknMRuRDCKqX6W/SDPffNxgDrTl -zNImumkHXGuYQsix7v6QrJfTls8XFYxBO10s9YASptOWw0BPFXjE44TGqz5LlNVT -mXGc+MWh6ZZKilRSCU8YA7FG45jSAMaJSgDkbQBd0SsPUxbuUZkKHsnnzh70jLHa -qHHxiVtV6JvDDjt8YA3ygI4wBrlGf3QBsEjLtAbLDlAG6QIQcrdpR5GGTpYWvAGx -FlECAPLa35QBooBPSW4C8ASZXVRvyhlX/9mJAk4EEwEIADgWIQT4KAb9ob9bmhsw -FOfJ/O1spreUVAUCW/AHrgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRDJ -/O1spreUVJ4nD/9tGS8cg2eUSwd0ExCl0dWsJRdM0mUYh17mXyVNLcvbglIkSdma -v/Ty3ke533izRN/SkkU8vNthjKAohZmmXlaXrruEyHq2vfXcDg4+C7FJQ+O3PT2B -S5ft3Ht2GmRpD2lWpeUlJ9BXF2EF5pSnHPOrlTHRUfjBCDU4uuSeKgioSyoc2iWb -BBaSXyeQAUR+ppM1AYKUlCDxpLbe3nVCOUc+JgJzv+47EqwMyVODwzk7oFO4GMRm -KTKlctb1ym75oV1tiZi2fL/KA2uAab/RMO0rfxa9HVWnJGvUEDMPlTfs7222zuLB -55Fzllfx5rQlou+MLBQIV978HRZrDxZesQOOJ4/BwTPgQ42GREf+uf5/SG4Fn3Qh -NZsvoaePMLN/QQEjM7eqOUzRJRVcdJfRH+LinIFrAqcmbbcp1bvq8LV5lbmlFJLF -gimvW/shf/6Zu1YsfBhvLWInUCyoOPFa1tASF6qqi1hEOd8tQgNE/H/FSIehmTHT -74kYPNRm+DzlvrW2JPVl24Nf/SWbOG/IzGBY/pDActTwYqnpXKR7eUt/YcPpmrPi -kyIKX32U2vTBCE3yvCm0KRzrcSbTJGfVgmlxxqIuOtbeaBtf96m+o5z/xw9ro7Ek -VZbsx6fPuWuLY/MqeLXl1EuiU6X1sr+skDY8lJeeiRt+Uq5mCZuEgWdM1IhdBBAR -AgAdFiEE3DhHSHCdJhn/KGchbQyv/dsc/pAFAlvwCAQACgkQbQyv/dsc/pABQACf -YaUOqzlafrzeGdwHwDleootu0UcAn2adbaKJ79QBtDVPkR77zV801JlXuQINBFvw -A+gBEACt8AiUTMcyNXwN6kiOLPd+85IPlLwEVyofz8p2QBAxJsqKozlXXpnK7ahC -RSiHt02EK39WiyZpeY1/2dGmdvyI1vc7ld3814Dveh4nf1GRSpDZ427cxayaclh+ -wRQ8nDWFOQUsMB3He/Z+aO6l/ZNvdVdzRUHda1XvN41nwXUL9FQUn/TLYgHbxa7P -Yy18ZnNzH/xGSwDgRrqPEAZ8KOpbHEbNyYuYuv6IM8Xmbp8Q6bl2RyBNnrlphksJ -kLvO6RLHUvvw5uX5bt+u3umoZ+yHUkP13NtQHTyZ8VTCQimkB6OisisOTnV8OjLG -xtLEF/TjeGFAAoEnc8bQAPvrtONQL19rPkMB0gXYXPBbGw7eWYr3QpuOujUXcz9U -0JSSEov7cUepdTY8LEYFw8U5WimKY6f/uJUVx/ukNPtuAljJji0cjIGEOX2XGlBV -Ix/U3vywLBfUFW5hT+75z7UB3yG3Zexo0WSaQxxZ5PHxyPYBK1PvVkH0LvkbxJcr -rouJJQ66chjRglUbv4lf85/cG1ZLu3Ds0UbuD0gE9sAEwXtfdgDmp/HB7mxwJr1O -BRbTRv0Okx/lovWXkxt+hX+DXZ1u1qdZUW3zjmge8W7xag3epD21jIjFDODgUfDT -fgJi2FQq+szpagfPN5j5aIQKHCZf0DLbBD+ZWYQdld5JZs2V5QARAQABiQI2BBgB -CAAgFiEE+CgG/aG/W5obMBTnyfztbKa3lFQFAlvwA+gCGwwACgkQyfztbKa3lFTa -yxAAxQo/9dvOO74J+9XznCYb5iO1B1ksnVegSGVuId45JKXkCkuWvDOkcU8+ma38 -wo3MBoPLpSMCXc/mKQ0p0ntO1tD/Wf4nBBCvseWcsR6RR5Su5jYorm0qZ89IOEPN -K2W2Z41X6DHyteB1dAyIyexOYoLKD7iWcQzga4/EoUPEwcr8BWWgGLBfRhXsYySz -F3fQPS7KaemDLGbJfTDZCSqmsZPnlksSvGxEBwUwfCjfY+QHxzWPRFPkuQJJR6YW -tiZ3z7jBRdRk/R5v2CJZJuGHcPPYQy6j2TYGONojm+ifaq1hz+A0aoy4P9qRW5Nl -mm6yiqEoJe07DrMLxn3H3ucuOo7DiNWmkkjW8DfhFSd+3pFMSvKGujOJWN27UDEp -ERWFX50gE15Sq4aPbMPNRejFQ1n75B4jfFQXg6WuwF3kwgHK3Y5T5vTEkbPgce9c -SyyFWU7EA4DJGnt7/FoaPDTKOWI9WSkmjOSABTBNSaUiMSFA3Wg/T0aS5pETpkv2 -S/GVVX022orAGK8zEY1vr2a24itOAKpQwFRuMjqDCBVgKAsMtlPu8jv3Zm/AMcYM -sRRnDWJh2TO8bqXXUG/o783fcTE3d1Ff7s4BfmBqpGHigZeehNvu+FshRDYaDrDN -IS0fTqbsX/JjaCXwU/o2E6G4aE79Ut/IMsCYzItTDh2UmcS5Ag0EW/G8wgEQALBi -2/A7Ev/92mYi4Gm//IJEKjm2Vc3NcX5LdSyPwdSLlHSRwvzZz7M0VeflcTYqssto -VPVf4maDtLGbQJn43CLqjvIW/C6jzjfvoZf0gbHpNfKY1ENs5xgE0wd3ZdsqpQC6 -W9Pu+kN31QS9+RUKwiG2bNBIREChL/omqiLhNu3hDbZnB+uSByOk901XVrNmKa8G -NzXSfJSCt0gP7XU6VpMqjxppA8Y2Vo7jnylbrgVJriTt6jtjDylBBQqmHSOXMT+q -9kIWDSocKhSFHBMO6LYnAwbMef2kqio5zaKzZAuwis0zjOqKHwW54xL2T7djFav9 -VlgcAYN105iMLUiIl39HLeZnS5pUESOXRUv/qLwiQRvBlWBPIep3+ycM2eK8r5a1 -5EwCgN2nSl3KYjzTOisCmK1nQs+gQ1RMraeBGYEG0uIUvDxfoONTuYkM3dhWq2Xx -V/OO6yUkfyOlBGUREe1PXAOsP0LtAFJha7kbh7Eg6GGU7gRYh2dG2Ln6Vmx1ldbS -F3woFYPGNMsQmgEKxwyjKaq0Qhd/sKHrTpPz8PXfGP4dHegExKegS7Yof1VrKBB+ -L8Q8o1Oi8JPCjRp47iga5OYS1Vn3h5a07ajzSAxPsmF0lmF4tYk2MFxSs403ShiE -BTjN4t6rjmnoQV/b+CuhpmvzxaYr736/jkY7s0I5ABEBAAGJBGwEGAEIACAWIQT4 -KAb9ob9bmhswFOfJ/O1spreUVAUCW/G8wgIbAgJACRDJ/O1spreUVMF0IAQZAQgA -HRYhBB2wOl45wX3kd77c+/0dTvV/qVkCBQJb8bzCAAoJEP0dTvV/qVkC3tUP/2rR -VDaSPj9+UYJtHGDfQmYCEqxROm5wGCJbNrUQspLeL8+XrsaUDh1ldNAQtoDqGjRp -kwjJAS0OZfvCv7pI052NK/KVGaK5Tj2+0lxTAcGbAKoH8E2HWPlERpU9CRLvzvDE -4GGxw2nw7aobNGbf9d98c9RpZuAul92BOClnpGEU4VzjKUk9IsSjZQVJnggQujxL -qWWiwfGwVsj2PdgPao/P48cYNl5CACBgY19AAh7WzgJVz/6je/5NLdAAV+E31qSE -EaZsvTBqrMOtH6iTn1GpJ73FsJ0BYVt9X99bRT0Vi0iWulBuhYfZG4PdCY6fv6uC -d+6pAC+Y/M9npaLbBHscSlJheTyvfuB7bzYBY+Q87VHSOMuNni7U08FuiILFoF+e -/ESU/v0Hde44ghiXKSaFO8djxc874KM9UlGWvw9UbmI8Z2uM0kDcrPZ/8tcjXOhp -PEBib54ab4tKCUCtOmsF9ZiT0hOqYdP9bXW+6OGfCignJ7ABhPpANfx2Sn/28L9l -PbF1nA5CkHdyo/ku1Z/lNq44yvrB8r0Ljq6s3KS69dUZqqrADeogOdi0/TrghtKU -DERWGmQagYSzMIvsXoAI56MxXFLriSObmpFLTWq7cr/+Ju3AcaSkrpDSYi3U6vLL -8NuXPhul1S/+yPwvX6Mk1Zkip9/Wg4SQeiT2R7xj8zMP/RJ8uKbnKpOftY89Kv0Y -FZ4hE3FeBR3UJvkuPdQYNLQRluzh63Bzc4ClSxB9Ma7fmAEiuFtgEi4HLTMBDOHO -uVMuWYcgubu9VBlAGLJ++gnKxCAJXEntuB49il8MjMsy+uv/cFCjPG9z/1pmWYrE -XBNA+vcaOrNTS2IykAbqybcPYbBcN47bm+A4i5yqiahk0q++j4LOW/nf88xXO7xI -V/4vQgemh7RHgHJOkKfzOPw/Kx3UjV1jA9gEUrusHE4R3Upxh0ZeQW19hUnVlao1 -TxxKEUryrRzckuRfc5ziMWNyJaZsPMkeBEhyY/CizDFPrsSXIAijfu8KFnxCsnaM -ylFBWOu5FwsKMDXxu0QdwqpL2CM8p+q12z1VruNjpIc8bAc0/YMndjYnxzsqQEMV -GQIDKWqh/m6v7sqbn65ZQcVAzSAriGcQxCOIoT/TA/J+/4BSk5c8TKlqT8NBT77B -Z70vMr41mZus1A/ciI8AxgbYwlhuvTehdm74k/c7NSzTxeG3OumTlBR1I18C4AIi -y4iM3O4H4jvEssWBUzpm3VJG0NvcN/M4YVZHX5yxWQuIFcghzb7sLYddmRvR9B0M -Xowot//r/sgn43xv54sIvwe9MkCCU6j7ePYUlOUnn+vQ5i7rFN/UPub3V3toI2gg -DRuKdymWEii1jA9KlmheLTFr -=r9L+ ------END PGP PUBLIC KEY BLOCK----- diff --git a/nixops/scripts/setup b/nixops/scripts/setup deleted file mode 100755 index db0f353..0000000 --- a/nixops/scripts/setup +++ /dev/null @@ -1,90 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -if ! which nix 2>/dev/null >/dev/null; then - cat <<-EOF - nix is needed, please install it: - > curl https://nixos.org/nix/install | sh - (or any other way handled by your distribution) - EOF - exit 1 -fi - -if [ "${NIX_STORE:-/nix/store}" != "/nix/store" ]; then - cat <<-EOF - Nix store outside of /nix/store is not supported - EOF - exit 1 -fi - -if ! which direnv 2>/dev/null >/dev/null; then - cat <<-EOF - direnv is needed, please install it - EOF - exit 1 -fi - -if [ -z "$NIXOPS_ENV_LOADED" ]; then - cat <<-EOF - direnv environment needs to be loaded - EOF - exit 1 -fi - -if [ "$(git config --get include.path)" != "../.gitconfig" ]; then - cat <<-EOF - it is recommended to include the .gitconfig file into (local) git configuration: - git config --local include.path '../.gitconfig' - Run this command? [y/N] - EOF - read y - if [ "$y" = "y" -o "$y" = "Y" ]; then - git config --local include.path '../.gitconfig' - fi -fi - -for key in public_keys/*; do - fpr=$(cat "$key" | gpg --import-options show-only --import --with-colons | grep -e "^pub" | cut -d':' -f5) - gpg --list-key "$fpr" >/dev/null 2>/dev/null && imported=yes || imported=no - # /usr/share/doc/gnupg/DETAILS field 2 - (cat "$key" | gpg --import-options show-only --import --with-colons | - grep -E '^pub:' | - cut -d':' -f2 | - grep -q '[fu]') && signed=yes || signed=no - if [ "$signed" = no -o "$imported" = no ] ; then - echo "The key for $key needs to be imported and signed (a local signature is enough)" - cat "$key" | gpg --import-options show-only --import - echo "Continue? [y/N]" - read y - if [ "$y" = "y" -o "$y" = "Y" ]; then - cat "$key" | gpg --import - gpg --expert --edit-key "$fpr" lsign quit - else - echo "Aborting" - exit 1 - fi - fi -done - -if nix show-config --json | jq -e '.sandbox.value == "true"' >/dev/null; then - cat <<-EOF - There used to be some impure derivations (grep __noChroot), you may need - sandbox = "relaxed" - in /etc/nix/nix.conf - you may also want to add - keep-outputs = true - keep-derivations = true - to prevent garbage collector from deleting build dependencies (they take a lot of time to build) - and - allow-import-from-derivation = false - as an attempt to avoid having build-time derivations (doesn’t work for all packages) - press key to continue - EOF - read y -fi - -cat <<-EOF - All set up. - Please make sure you’re using make commands when deploying - EOF diff --git a/nixops/scripts/with_env b/nixops/scripts/with_env deleted file mode 100755 index c570ccf..0000000 --- a/nixops/scripts/with_env +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env bash - -if [ -z "$NIXOPS_ENV_LOADED" ]; then - echo "Please load the environment with direnv" - exit 1; -fi - -umask 0077 -TEMP=$(mktemp -d /tmp/XXXXXX-nixops-files) -chmod go-rwx $TEMP - -finish() { - rm -rf "$TEMP" -} - -trap finish EXIT - -sops -d secrets/vars.yml | yq -r .ssl_keys.nix_repository > $TEMP/id_ed25519 - -export SSH_IDENTITY_FILE="$TEMP/id_ed25519" - -"$@" diff --git a/nixops/secrets b/nixops/secrets deleted file mode 160000 index 8c6277e..0000000 --- a/nixops/secrets +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 8c6277e3c2762e13d5f1f2ac06d2e815e02fab82 -- cgit v1.2.3