ctucx.git: nixfiles

ctucx' nixfiles

commit 1f3d745088f45691a2a27659a528ece0c54fc9aa
parent f928ad075e0739f7e17730d40b46d1be0248e5f9
Author: Leah (ctucx) <git@ctu.cx>
Date: Wed, 18 Jan 2023 12:53:39 +0100

secrets: reduce eval-secrets to just syncthing-ids
14 files changed, 155 insertions(+), 108 deletions(-)
M
.gitignore
|
1
+
M
configurations/common/syncthing-config.nix
|
18
+++++++++---------
M
flake.lock
|
13
-------------
M
flake.nix
|
1
-
M
machines/lollo/smarthome/telegraf.nix
|
10
++++++++--
M
machines/trabbi/grafana/default.nix
|
7
++++++-
D
secrets/flake.nix.age
|
77
-----------------------------------------------------------------------------
A
secrets/lollo/influx/grafana_token.age
|
12
++++++++++++
A
secrets/lollo/influx/master_token.age
|
10
++++++++++
A
secrets/lollo/influx/telegraf_token.age
|
13
+++++++++++++
A
secrets/lollo/telegraf_env.age
|
11
+++++++++++
M
secrets/secrets
|
9
++++-----
M
secrets/secrets.nix
|
5
+++++
A
secrets/syncthing-ids.nix.age
|
76
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,3 @@
 .DS_Store
 result
+secrets/syncthing-ids.nix
diff --git a/configurations/common/syncthing-config.nix b/configurations/common/syncthing-config.nix
@@ -1,33 +1,33 @@
 { inputs, pkgs, config, lib, ... }:
 
 let
-  secrets = inputs.local-secrets;
+  syncthing-ids = import ../../secrets/syncthing-ids.nix;
 
   devices = {
     #mobile devices
-    blechkasten.id    = secrets.syncthing.ids.blechkasten;
-    iphone.id         = secrets.syncthing.ids.iphone;
-    ipad.id           = secrets.syncthing.ids.ipad;
+    blechkasten.id    = syncthing-ids.blechkasten;
+    iphone.id         = syncthing-ids.iphone;
+    ipad.id           = syncthing-ids.ipad;
 
     #servers
     desastro = {
       name = "desastro.ctu.cx";
-      id   = secrets.syncthing.ids.desastro;
+      id   = syncthing-ids.desastro;
     };
     lollo = {
       name = "lollo.ctu.cx";
-      id   = secrets.syncthing.ids.lollo;
+      id   = syncthing-ids.lollo;
     };
 
     lollo-old = {
       name = "lollo-old.ctu.cx";
-      id   = secrets.syncthing.ids.lollo-old;
+      id   = syncthing-ids.lollo-old;
     };
   };
 
   isaDevices = {
-    isa-x390.id  = secrets.syncthing.ids.isa-x390;
-    isa-mba13.id = secrets.syncthing.ids.isa-mba13;
+    isa-x390.id  = syncthing-ids.isa-x390;
+    isa-mba13.id = syncthing-ids.isa-mba13;
   };
 
   enabledShares = {
diff --git a/flake.lock b/flake.lock
@@ -373,18 +373,6 @@
         "url": "https://git.ctu.cx/lacrosse2mqtt"
       }
     },
-    "local-secrets": {
-      "locked": {
-        "lastModified": 1673563422,
-        "narHash": "sha256-EHFXHbyOtiCQICGqPlaRyRv4r1bUjCcDw3n2yOZSD5k=",
-        "path": "/tmp/nix-secrets",
-        "type": "path"
-      },
-      "original": {
-        "path": "/tmp/nix-secrets",
-        "type": "path"
-      }
-    },
     "mobile-coverage-map": {
       "inputs": {
         "flake-utils": [

@@ -602,7 +590,6 @@
         "home-manager": "home-manager",
         "impermanence": "impermanence",
         "lacrosse2mqtt": "lacrosse2mqtt",
-        "local-secrets": "local-secrets",
         "mobile-coverage-map": "mobile-coverage-map",
         "mqtt-webui": "mqtt-webui",
         "nix-std": "nix-std",
diff --git a/flake.nix b/flake.nix
@@ -258,7 +258,6 @@
       inputs.flake-utils.follows = "flake-utils";
     };
 
-    local-secrets.url = "/tmp/nix-secrets";
   };
 
 }
diff --git a/machines/lollo/smarthome/telegraf.nix b/machines/lollo/smarthome/telegraf.nix
@@ -1,9 +1,15 @@
-{ inputs, ... }:
+{ inputs, config, ... }:
 
 {
 
+  age.secrets.telegraf-env = {
+    file  = ../../../secrets/lollo/telegraf_env.age;
+    owner = "telegraf";
+  };
+
   services.telegraf = {
     enable = true;
+    environmentFiles = [ config.age.secrets.telegraf-env.path ];
     extraConfig = {
       inputs = {
         mqtt_consumer = {

@@ -25,7 +31,7 @@
           urls         = [ "https://influx.home.ctu.cx" ];
           organization = "leah";
           bucket       = "mqttData";
-          token        = inputs.local-secrets.hosts.lollo.telegraf.influxToken;
+          token        = "\${INFLUX_TOKEN}";
         };
       };
     };
diff --git a/machines/trabbi/grafana/default.nix b/machines/trabbi/grafana/default.nix
@@ -2,6 +2,11 @@
 
 {
 
+  age.secrets.grafana-influx-token = {
+    file  = ../../../secrets/lollo/influx/grafana_token.age;
+    owner = "grafana";
+  };
+
   dns.zones."ctu.cx".subdomains.grafana.CNAME = [ "${config.networking.fqdn}." ];
 
   systemd.services.grafana.onFailure = [ "email-notify@%i.service" ];

@@ -42,7 +47,7 @@
             jsonData.version       = "Flux";
             jsonData.organization  = "leah";
             jsonData.defaultBucket = "mqttData";
-            secureJsonData.token   = inputs.local-secrets.hosts.trabbi.grafana.influxToken;
+            secureJsonData.token   = "$__file{${config.age.secrets.grafana-influx-token.path}}";
           }
 
         ];
diff --git a/secrets/flake.nix.age b/secrets/flake.nix.age
@@ -1,77 +0,0 @@
------BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzQWlNRHBheHRJclJkLzdS
-U1RLMksrblhHU0lwaVJXQ3NjcW9Sc3ZRMlZRCmNvbGsvcnZXTi96OUcvZXNDOGRq
-YjlneHRpYnU4Rk9LRmJvUnp1eFNiUHMKLS0tIE1Kc2d4b3VoWWhXUU4vQUphWlp1
-RTJVYksrdTZWQThzNi81dGkzMnhid0kKJeV8ZVK//6jK2KdOJq0SwzXF0d/P/RTi
-Gs71uVx6UjkpVNahkbxc2Kri2GRG1KoPYKr9+JmrX9xxu/FedhdQivXEqT4oN+k1
-Xz3r9DDjGArgtggbpeoPJ2d996m0xDvcGVVJbk0SDbRz5zKr5Vp5qCo2Cxbhxs75
-o7EZZvXW+wLoGfTcAnd+M2XIvMUD5Pmgth/51SYWnx1VBLffODrMgXGNjeUsWqac
-hRnhOnfjKNMQXiAbyOcOnfcnOJ9EsxdPh07E/iLzo6wHc9FlyBp2wp6IGG3ai4Rq
-S9i/XEAiFbzQm0Q1bc9ptNVGWq5NSM4wTjsZ0m690CM0gWr1LShnqH/cF01lMXqx
-WXCVaL4fcRzdY8k9UJsA60qhmS4oK0DAp1G7VOn7IBx98zF4KkRw55CKVc7W995s
-XRoZ29/9fXUHkLN6njTqMNfzbAMt5doYs+GWmdqWcLkDsHbUYSAYBSeqKx7p7Ss6
-LOL1Fg78Sjnb5vcFOZURuNrJCS7xRuI6ofHCw09SeFyjtsDt55ofCRiN6cAS58vn
-C6YgCOtUIL9Ji+FP4NH/VECynUF+zTvfKDRLNaNweJ8T18WfZTmTUsuWtTcIubnZ
-QSmLckq+cdiK9l8UzLvcqhQQwNZqgXbxccTF8nTiAtrtCH9ob+72zI06LbAOpR7l
-dSi06sUE/X4mhvALpD6TVn3G0n/4JXqo+BKgdNpmop4kzWlYwbj8BBvolP1VwJWI
-40Blw9vPr52+NDnDdzbNeirjHLWVVN9kD5c6bej8Cg3/4aR8ExoHSfi+0NhNMxFL
-wX8IDhX7jy9qFrj+kyqk+oD4he8NrViS78LY415CC0Dk4ge9UglpVcGuTcPdWNNS
-L/aJidvD2Buwsih3EK0uVeHCkQ4lEVX5kaM9SWZ/M7WFZX4Fv14hg1pBuUq6Djzw
-6XmQGo3FfEgtSYXO2gsh+sLr+nHjEFBP3/JcaY4zDHf01vOe1TiGIjJib2ptKhB3
-zlbyTDFFS6DCSMKUnuvNNye+1XAZuIzK6msqT6oNEk5k1Lz9bZx+vpqMmUp8+IK0
-DdUrMwYV0A5SGkrhXwiLak5VCewG3lrlzfdTZACaNXR3vKelJA7Qu8bdGj6Macq5
-Mpr3kQ8JTECplD0HgnKCPNRL7AJB+yjXZbHX765AHvHJtp9wBlQ1FGVhLXOQjqBh
-8OTDWkes2vlAe1avMi8awE6ECz7Hsb3JjW4mJJZU5iEW7HuzTu5kdhiNGVEXnyFX
-i2P70dO4+nfN8cJ3/bNgYV5FCRrLL0lYwiKhCyrfh4Ok0IZ6PE+997xcCGOT44De
-Ce8oGU/QkQdo7D3VpDfU8IjQ4eSAbZLRhIQHylLN8E9h0AvWUXHcLaok6U+1gRyw
-TdgVipwuRkqCsXqo1/S0RJ4ZM37EYkEL1F/si8O+b7JUSiEvmdUc0PjcqWuDLJI/
-gae/rOTo8+E5NvtGLDJCGGAK1svoccU2DE30f6nwMTllgMKs8f5rendS1xm2y1+d
-SPtS+OdUozk6P3Q8ps3wImJgXYksoVjHVgkn7xoYFp/5BVopg0yHeN33bDFnPexB
-ToasiJiC7Qn5gwCkRBomJu5w4PpQfM8iRjNxV3AZW3AxeDTIeXFHht9KLyxnE6R+
-1Wjdr9NKfZ7h+z27BOrLI/cwXOQq3gVZZfsz4gXziGDbsXaNg53lrxw6Wg73pQEy
-0w0DDx2ndbc6b7pp+7C9GJet/XJoqUcY3YKrVSp1un9G9LLA97bn8Q/nqIp33QJ1
-PjzfIfPZBQPgpTvjNMxy/zGWX/qthkxn3wDrLZvOca3h85vb6d1gSIDOH4zFB4uK
-pCVrQb469tbF9PCObVLJoiJIuhKyE5n74WkQo9qCTd5HMRELb8WADNVvzzzPVB8y
-yT8S5Q5SXiSTcHvF8DaKYO1I2+NMMKb51glAXa0F1MPBy4Q/gBCCP1f8MFzg5Lj5
-ujBZT4CEvfitK+Uc9Tw71WU/5HTGH6M+/prHjbl8jIjhBe2OJkRhhmkGnAaz/whq
-b3AVy+w6xMNuI2sJwprfMt8Xac+26ESaoglYPlwZetS8dCPqFpeJnIRw5En1fMps
-NFJoFUFSteh2lRTVnZzUk0quaeEMJ9Hk7j3AsfebXZZ9J7KohBGiODuHYfJsCx50
-8O/o4LF7OhC43gZLKkrwvw5izp+ZJMbA3r/9T3aYOjAXGtS1EkJz3MvWcxJwRUlT
-eUd3GHZhrqWWXLf2/vbFeDPZuUx3PHo5gxq8p7GFf6YZflQ7425ZCZROSJ3V/uvO
-OwbxQSadV8PSDPIBrV52aZK4Ptkag89Y1GFs3S6CsZtJq6l0MHKtfk1PBC8Lficp
-VLp1MsGA2pojLBW75yoKnZ8djZHYNcZ9vk7VT1hhHvFiKQoaOxY5LhSNCNVsexgT
-FMjUqmqWLAuOk3NgoX0YFrpwDAGVISmo4c01RqxylktGJRTagwvESLEtdqS54M3I
-r6jJszinBkSqg/r4XvzF5xayooB1zfGLye3zBNG2/G0waPd249uSqNLpXCpK7xna
-qwkRhGx6cUJu0l0F+xdbX9gEmrM2j63KRkoPJbYY9TUQeMInx7JwjVMRayH3r6si
-3c+aRf38weiK9e7C5XgLjtkQonFRV/rfy+rRXlmla33B7B96zVCQc8dMST/ZLLhN
-0JNESxy61dZRt+ucIG3wBSf6V6uVKArv0BHOATn+kSlUQHJzzPJWINDj7DiA2s+C
-s0xnYb061JBgB1Jr8WKUfDU40uprFtSqVNXmF2PcKT/4Nc1PrQwN9AKNT4o25j6H
-5xE4YzBjjzUZBXpD/V/1gPnKE3V4y6p8UdW3KMe3d2JyEYytly9h6GjEXa+f77RW
-ovz4HqJOLKcFgHKuzNO+GAXlc7HhFeRUYItptqFSqbye32ljUrgqsYfiQXYJbRbV
-DnN6vt7ZYoF8QZzhiXwxX5zeT7uDl03IJrdkIGGYObDoZitEZUAX02ZTyycQibR+
-+5XlHGhJQGWgG+4x3Zul0sAGXlJjjyPitPB+mvMxGwXinU2rfwCjLiAkbibUIhM3
-W/W/07f2GlXlFndL/nhsOaELNxcjEBuPfeIjmbBEL725PqJ8tW5sCB0kFJWTJbBH
-5iKi7ZvIQrC2k8TCEpAfzh755zxcTXvgVJVSZ7gfEovkhzOBYGuMFw3zb8iB6a4Q
-nwBYcXeT9Uz84vjUiBKH1IU6obKxuwfGDcSVYAdaerm9C9SgfGebwoqyhle/Y8Qi
-L5fHoixDBrzfk3reLiQjPjLocqIqKof8egAI/W0S04AbYQZHW/oVjx37LWAQ85ks
-4a0lG1Cr+GgogtHo519EqDH9XmDJL4Yf6F3l3cETmCZL5q57O+wnDnvoO+g5RNPQ
-xP6pOhu0PTLsDQsIWlTGNoIxhIIRiq2bg2LGwgQ9/mZzagpnUXpVo6zlOlE7wz4U
-Fk6+QMLWXjf4OjH9bIvn0da/H2dASmweKtGCRtcTb720zVpjvrGOKLBipSJ94d15
-6gv6ZYyjgkhG3HUw2Z2X3IuM78Kptw/eWcJQyG5euER+UuONhzRhZSrP7qgFucC6
-5pAKb2Ea+UoJBhoK6gnVj1JIIWOKCa5s5fiXourXRNSKO+FhrQhOa7jQlciAlGRV
-wxn59VYLqToZNizV/BhBfWOgWbyk9yaqLYr3S7NPk3TP2Nha03QPMg+/LS3/S9tD
-p1/ah8o2RUXyHTF1Qm9dPr2QFe5DKALWje0RJK7yb47bULrZHMFnkylhTgfs9I5m
-VI+HySv1HntHInQcK1Emy2g5cmdXuiRS94BEZdxJrI+fvTIiLyD9n2XucBusCP9e
-pypEAiUJVehTRK7NBBc/kJGQJ+BsBbClai9Ial5g9rograTY7N9E5TfFx26BI+EJ
-EOGEXiEwTizWzusHmWLCaLbZ0gwE/S8lusmAJLSzCBi8Iw0OIWz670eI+dNXomLf
-tqzhN5t5NREDoTJVlnXrhsDv44/M0YonB86NCTIttelm9aSvPG7kQALsNcKb0Cre
-vw7i2q6O5n8bQi4Dk8n/i/1ORcHpx78HWbwxIlpPk8LWCm+zKlhWRC2IhU3aUzjm
-Yp4hbrOaisISeRrBkB1MXpetGtj1V/y0ihX5xaUT/JPEd2HVO8cv4L+qj7yYFXOr
-h5+WgxGyN+4YC9YQLxCXq3vxJOwpjunQBFcbyYXIzdYY7iNzr60ezD//F+jx+Jma
-xSFek0WAn/M2WobbCaaBdyvIKqvel5qt7H5iGbnC0tk1Sa2r/rE62uT+JFTcNYfz
-JQ7rR7Zo2XpaLQrt3ft8ukxOym2sm/H8cl0UJQWklaYNV5johh58NIzlCIitKheq
-HJNnWwzAd4s9uKh2UIeVjh/F8GMEOhiQsrGwjPRcxrobqZql/hg/iqv3fTSqK4nT
-IDEvVECqrxutUKAr1YEyopmAjSJ+/+GIDaHmYqwDA7thqacoOC9xhl+uQOiQTSNc
-BjCPtRXWAjjsGiZfGJv+sC8UG/oSWrTzedhi+auHdKt0zSnxXiY/Bi0uhwTGjmIU
-reZrqtZqGT4y5nW8Q1qX8Ks=
------END AGE ENCRYPTED FILE-----
diff --git a/secrets/lollo/influx/grafana_token.age b/secrets/lollo/influx/grafana_token.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> X25519 BAJEWuV99O10B1CsgPP8ISaWUTMLx/Fg1Znp7NGlUi8
+fuRXKesCskpJkI+pRFxvuTo/1FBockEVTMl0L2ZGrOI
+-> ssh-ed25519 1rccKw d1VqcZOHlbxUr77ej+kt7jg7MiGMtnBn70deTKmF30g
+cEKL92ZZc4hoixE+3xsCtWsGIUspfkroFDy26i0RTp8
+-> ssh-ed25519 V0uUrw o+uuMM37fbyA8Y4XxAOV34RjxbNwFui+0fxSZNpXMU0
+LO91UovqZJIVp1xu0OUr4lNVdEGNyHSCTOjE3vP6P34
+-> HHF-grease
+w6UHOw
+--- g9yAsfhZsi6CriMzvDP6dY4qdbxyJ/Ki0t1hNwy/ZLg
+ r%	<SZu̇Л13;4	;Չ_T5ou֨9'1!Gmf/$ch]sVmh؝N-
2%zxXHd;/+KJ^y+
\ No newline at end of file
diff --git a/secrets/lollo/influx/master_token.age b/secrets/lollo/influx/master_token.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> X25519 6WG9Pm6SpS0AIbEAQPzSJqiE9zeRBDky5gkQdLC6CiY
+7/rDlnruuudkOsGr7ftYDXUv7bj3Gh9LbYpk6MA9B6g
+-> ssh-ed25519 1rccKw ifZILkSK75yNdiJf6OGoqJ1MO2YnrVOywMZwt1p3AQ0
+jJcRKv9rBYIS4BHzXBpUoClwJujAdBIT9wUY+E+5eRU
+-> gko]7<\-grease 5 < r{ZlC}5w sCdH+
+XNDkVlmnFUZ4jeLU8og
+--- 5qaIVK8EzmRCpxMlHTgSuwVUR3bnyro9Zq+3JiSqJkI
+9C|=\	D]|0bWEHNjFftѶ}NvweY
gΏضE]]N(mhoX',wˤ_aMZE+
\ No newline at end of file
diff --git a/secrets/lollo/influx/telegraf_token.age b/secrets/lollo/influx/telegraf_token.age
@@ -0,0 +1,12 @@
+age-encryption.org/v1
+-> X25519 5khIqMFuc93Ron4vSif8c7vVhM49ZkHwrdYSrIvBXWM
+miItdZY4IGp1eZfvBW2swgK5oBccuE5fxG6ZJ/AFU00
+-> ssh-ed25519 1rccKw HmWzxGHvFqWdJ19unWHT6zE8Y4yLIq/J4h3fMRGmbiI
+Ue544IlxHzZ4KHps9SQG+ScMlIpV20v98ga+jzMWITc
+-> M[B'lL/-grease
+V/PWp1OaUC2Tdp2Ycu+qxwMiIVHwJEWdOlZdxjpLG2IPrXpXeOviDZ99Y7+9CMaC
+MdR9KtyKX4dsp23PcqMOkQ
+--- 1ACTcPYtnfVq7KFdftYeIqGDGrhOHOnxX9sPobjbudA
+Uϭ[u.z5j@րH!jvF-E%0{Tpt`%eAdR.{ԷU:ll
+}(٣)
+SUt >+
\ No newline at end of file
diff --git a/secrets/lollo/telegraf_env.age b/secrets/lollo/telegraf_env.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> X25519 HJLbefmbBiAzMJCaGLE+pcSFzjVpLd04cJnWUbcEqFc
+Aj7EibEPye8DHUbOnSTpT57oBrbSr8CGV2TfLWJFyLs
+-> ssh-ed25519 1rccKw tO58RRJbnc3w5ao/NbPdQPaGP6lGzG3xkCcNLZL7pmg
+xjK1XxTaN8mxjWg4wGhD3aMwYZajMW1gvCjhXdEA74s
+-> Sj&Lx-grease o#i\bT b O@icZsq5 NF)H5s
+qNup2vDcIRniIjNBGPZiIcFxoC+AnhyvYJmfQXxVcpqPoAJ+DV4kXshNeB+PrGHS
+X3ns9al/sbVwQoCK5U5+ienbjx2CZ0RByZ8p
+--- KsO5atoH0EKhusOJW7MM2AA0AKPguLPxthUWCkKzKcw
+o<4=#+;\룿Hx,T"435L,x\W4|yw']`4BvM"D_% I
89g5͋⟺TZ
v}čg+
\ No newline at end of file
diff --git a/secrets/secrets b/secrets/secrets
@@ -13,17 +13,16 @@ echo "$(pass agenix-privkey)" > $tempfile
 
 case $1 in
   "-e")
-    if [ -f "/tmp/nix-secrets/flake.nix" ]; then
-      age -i $tempfile --encrypt --armor --output flake.nix.age /tmp/nix-secrets/flake.nix
+    if [ -f "syncthing-ids.nix" ]; then
+      age -i $tempfile --encrypt --armor --output syncthing-ids.nix.age syncthing-ids.nix
     else
-      echo "There is no 'flake.nix file!'"
+      echo "There is no 'syncthing-ids.nix' file!"
       exit 1
     fi
   ;;
 
   "-d")
-    mkdir -p /tmp/nix-secrets
-    age -i $tempfile --decrypt --output /tmp/nix-secrets/flake.nix flake.nix.age
+    age -i $tempfile --decrypt --output syncthing-ids.nix syncthing-ids.nix.age
   ;;
 
   "")
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
@@ -26,6 +26,11 @@ in {
 
   "lollo/syncthing/key.age".publicKeys                        = [ leah lollo ];
   "lollo/syncthing/cert.age".publicKeys                       = [ leah lollo ];
+  "lollo/telegraf_env.age".publicKeys                         = [ leah lollo ];
+
+  "lollo/influx/grafana_token.age".publicKeys                 = [ leah lollo trabbi];
+  "lollo/influx/telegraf_token.age".publicKeys                = [ leah lollo ];
+  "lollo/influx/master_token.age".publicKeys                  = [ leah lollo ];
 
   "lollo/restic-server-htpasswd.age".publicKeys               = [ leah lollo ];
   "lollo/wireguard-privkey.age".publicKeys                    = [ leah lollo ];
diff --git a/secrets/syncthing-ids.nix.age b/secrets/syncthing-ids.nix.age
@@ -0,0 +1,76 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTNFpTUXlnaE43enFDS3lQ
+aERHcWxod2hIQ2FNeTNIK05uOG1vK1U3ejJjCmlLelZoOGZCT3JZdmxXay80Qk9v
+RXY5ZndEOFhZUDJ3NzYyaWZCVUtzWTAKLS0tIHhSQURaTFRRWUlWNy9lTTNxN0I3
+NjFwclFZalBDTWFscTFHQUN5b1VEL1EKZt+SFsrTNh02tSmel7HJfcEPtNCEisq/
+4g+zMUs0M6zctgY8Qj+cimUIkk84bQSTMCtmqdPHiPhNdn/wv+z26Lq6kilx9nsM
+i0mQzlmKBBSTJwBgbC/qwDQ8iFaGeMcP149Rw+EH4d7PJb9Hz/TGStYi53tGwoN2
+LGu9ZikC7gX/8BRfTZEJ97ZVpfH0VfiSbq/NaZYfKXwtmYUDVlP+GP5s2PPsKVug
++OKXqy1nE4TRtULRW5vXEdQu4OzeeTZ9XWnxgwbKAPsSZEKPQrRQI98gF8aXNEJZ
+pLmHvx5SUv5XMdQKjnrLoxhSMrBlzIzJHZfl5TBC7qKOaPmO6fQt/8hxDLfFFYea
+U+UTd2yVJUovatB0++NuihMA17Qm4tO22lxCMnJ8E3A3bTgQO1hQkb3YBT1TqhOr
+lM7W3FkkD+od0eX9dg9MpXq9ANHDKiQ0MGgU7Vt+lxEyOMtdxtQCAQvMK6bgMWJK
+0UZeZEk/Xp3S9qKo7vsS/+sV11S5RJyJDi+22IGf/1NJ1hnM8CQ+BOdvocH0wWuG
+qZwzzqeMF3dlMkrHIr94JMALzch2wkCRPlIoZQtj0N02FclMaI+CrJ+8kgyxwqXs
+SNdMi03D5fQqwpyNpx+IuV06dTzYxGvqtU1LnwijD2hR9YbZfQ1qEvqDTO93Y6YI
+i2s0EEAKiUlNLSs4rP9XpXCCh919QJJA7o+moY0j6u9owFwumtPnf/1P+cWyXDWW
+ot3QzhCOLWv011rMtI7q9lTyLvGY+50bhor86gsWLIC50v1ts+uXMQr7LLD7mBRg
+H7DNrWT6TndGaW9p+zOywOWsk/FHMxzZ2c4ZL4bS1uHiCV6V+zx8kLZRSCwPvkHy
+5TtXNuuMEb9JtfF04VM5hPbFrW4z3aCjIJZEx047dcBWd89AM9WLFb7QPnvFwgvL
+JrDrKfKBe5oWqiB0iRT7Suleb45EahSFq4nvWmh9tcyt+cTILek5esqbDQbRAZXL
+Erw9+I4LvR5o4BgG+xf3IkTIyqhVLTH3ucjrpeR5CcUe+Jd4J/HfDfxbGS+2PHpJ
+9sPp98xlbQ9mKcQqQWgOuPo/52j1rzGFXEJP1kE7CbVUl3ssbU+725PL6ne8GwRc
+ONIaef7rnMl8JCO0PVSprn4yyYxiFfI6NzOLDVQRHDIGF8XZFJlh1V4HsG7AUG2L
+xcxayBsyWt71R+aw2wFbS5UcFJqYv+w/q1db1e2kyNpTt/YDUck4BvefD9xkjjb5
+S9A43Gnngrhidh1fYPJhkSl82MXWtl8vFCMLJB9qI3JCnxGfo5F0wOwC8o9a3i7t
+wxUzFCPrDIcLi3CGO8y+GHKW71weRVyzAN54L7EZ4g388L+b+CfF1E/iO5LL4rIh
+dUjowYuEDNrP43RFBBU407iHEXWuFDc2HuQAEHrON/mAwDykAWNpfxLBW6Z2Cg8Q
+TjbSbSoSwigYijD1mAzBBVmuN24n88YMzKUZEjRL0YxD6b9FMnY0VIY1xb3thsUa
+re9WWAd5l63y2mT9RnmGXjPmvSwNaAwCJvjTbojs5yONA9Evg48cZehJ8vOg+tpM
+ezTcsHkJu2DceRP3nHM6BX+PlYt5RzOblLQOYm4qgJ0FJp05SMBybjZgD4u+gZ2e
+aP1yp9lzKWVVPTND0hE7z2DT9m4mrxO/7A8EsTOnVIGsftVClxJWGD7Biy09wGwX
+5eAKr/NHQQcDTK3DYmqA6Ym6yrZeim8vaKRNfSVaxwSEv3pxXDt1neihbylr4Cdi
+d8I8OyWz9orNieBvzf2LVTA9X/oBYix+tWl4E6X1r1ohLudSRc6soyvO+dYRJKvo
+A/wO4vpgGW7ylhA+p4Tnflhxk4wqobFhh7IZ23+9MPb+37LHG1x/OU0v1XPlUnM6
+kZI+wtIh1dzIQAJGhy0JJy8vS39RUnGXeTEjVlksdysDwZpxvNUWCRzECNaxVHey
+yZDLFERXFNtU0wutoeznvfcJ9p4UL9ASEInGGiKYkbxQ7L1lu04PalMEQSLDodVW
+ljBx/rjan381m7r8/zX1XjPG97ohU+0KJMLFHKuFFsMpSgv8028gNa0WElkPzz/8
+twMF2RtAAC23CtDUUpxdecXC2CRDUxA2gpraz9uIuHR/pjZ598l783FZI6XqV4Jc
+KThiFKeVYDhi4px5hirBKmZ2DS2oE7h+79BZXoZ38kYSGVWD10S9luM5TfO5zL1E
+g0wzGKANrx/6NcHzMnJ6MoT+CONXUxV1mGd9Wnvc0uL8Rx0vBZCM+o63ItlM/68X
+wx/qSGqqjQCKZ2pUoYCWY7qA5gCaMV1Ye1SJG0FNFaAf4U9hgHV3c9vXYCJljMM5
+cFvb3j73/Ban1L6DTHc9859uU/2TvIM9TcaC0s1/GXKkjXkiq74ovUgSM9ICsvna
+z05ggtBmoWXdFxa4wQ2Pi5C/NtjONZ+WyRgiPubEZPS2fEeysB+96xwl+zjdA3Bh
+HUHfvfzTbJ6U00synxIr6ncJ3f+Ig9z1o4JBvy3Y2kBPFFmHtdyHqs4bVLG1hi95
+CUM1F1b4KqjhLAGTQLwVcYtfb/b3Zh/f7xGljndQ/z/qieI9j/loLpDjjB9/J8cm
+eslq23iKv/636sbd6kZyYhIOvsruHD1WNFO56IPLHJupABfHgKUjV8XKJpaatskv
+ifQij/jVP8faVoPqD0u0HL1Ux3JEQMX69MfgPVv4rGTrVg0zI/I5WeeczMgLdWgp
+eCRN5YwXnyDx0jQrOfYOq9k/lBZpYJBtmjzSlYKXZaGhSP4TjzziCEOOZOtYuHZf
+JEYzxg833rBhZ220ajNeJsBww1V8OhHZL3i9bzaZ1Qb0VHYDXViBGdCvOKfNjr9G
+ozrDssn6vjYZ0iipaLd0KBsMHLF9Go6Jrud38K5941/+vcOv3GGL61VCLLDdmonY
+n92GIh1OOvsvdee0wzHYJwT4OuBBTY2g5IJK1ikhVSqu4TvEpWwVg7yh/PmCs/RU
+MMHmIPbKs3bGFOZBwH3g7PErZz2NLrzkCJQ2Ax6qat7krVMbQpUq79tCJ81afn7R
+eyT9pNi1x2AmZs2EWIKiOaavfrHntYDaEUhIgZ9lGlXvkedQozbGugRmr1mF2fOn
+BpKgdDI69ceL/D5wqAZIaJcu1KQZqT4vVbf8MoqwQUQw27k/oxVqET9FUckE0zdH
+C9EegB2fNdkfhBYMUDnhwhZXp4ig99T3qfORGTz4NmHNy5la5imweRfDTk4BZy6I
++dsZ484JfWmehI/xGJ4Tvvc6fJ0KwKUEAFx/d2Tfb1mgpoSmAsyoby727FzP0ZMT
+nERdwS/4RNvjla36XhFEH5U80CDQiKzM8A9QSDKLj2cEq4jLmhH+811hsAr2P+lY
+fWq+v6GHVn1nBu3jpMwnWXWr1HG3Ij07izgW5DzwhVK8OZL5otGed9pIwDWqe0qq
+OrrgwvCqNu41qXG21thtzaph1sWGm/r8/SNjivsO5UmM+E1snqCi15kX0lKui8Fw
+yhVAaQx/G6oOznj4I7cBWI821R5kA+Xb0RCe7tjGiShyi54yVS9Fv1IuMKCPWMVi
+2UNPKMIlxG695eTawyZ1VRqcSEHZBaukdA+dKx3uAyMW/75exMHSslbfql9ZRegJ
+Ho2pYF3YAXhuQHU8Two8lZV8K+vx15DsC4lPfJxX2WRDMZvc82xUlCrO9Q9RGNBd
+pAO0DEkI5zAiTvU38SaRQqqC9D0rhCGGp/pRefkbDTbD5IkJfrM0iCQhIbrYpHCK
+RWjIkDnWYFw3R4sG6siyL2GsjD0QRPMao+ZWiBn2fNLa+X6dI3cgWtwUW/XSd52m
+ye+/aG49j/T3A8rLhAxzuDCqRUwuGcCf3zJvQ9bPxRe3b37ZJe/BiVT9pwy3SSgA
+LG6+PZEYgsbNwxcu1bijUXR0sFo5tUL/jhMK48zz6r7FVWSKAbvfX1MVdmvfbodF
+GLFOsxsG0mS1lEUk/1kWoewFyP87bXayWVXc+6AYQschaN+kuyJGriEB4JDzEEdw
+VLiImEHmAx8P6qguWuQ+U6wiYZtnEhjOo7NcwnkoDLIFVsui0IdME9zjiNN3453i
+t9fjFh5yYiZDdaKWvuVTgYEoGCYVZOl/sgXt2GVJaW/iYqUUMC20g9Hcc1tqcJAy
+Ezf20i6OzJO/cJUqSrSmxlmWl/fimLMKENSQugBGYNstrBYXlbMk/SmcxJaPJuxN
+MLTzyux3FszFT/QNkD8F1Y/HRJqJRzqK1ZLVR3ktkMEwKJAloWmvytHwG5gGe5k2
+Ygj8g6FqTKARUeSsqiMuhkN95N5iivORWh+zGgJ0rrOOdCEoRNJ0l9n5P2Krgna6
+oG0f/W26l1J7oPtCalf0ccF6U5bQfD5So5KThc9IddoXe+ZnbYTzSKV+OQm33CPR
+HKZSGMAWlFXqhApyj5lCc4ulawic27bMfp5rJCNZg1kFg9M/0hk8Qgncmm7JDOkQ
+PE0L8zQoTvUK/Da0WeyaSbWymOwSx3xYB6Xz
+-----END AGE ENCRYPTED FILE-----